Privacy Policy

1. Introduction

Welcome to Issued ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our service.

2. Information We Collect

We collect several types of information to provide and improve our service:

• Account Information: When you sign up with GitHub OAuth, we collect your GitHub username, email address, and profile information.
• Project Data: Information about your GitHub repositories, project configurations, and support form settings.
• Submission Data: Support form submissions from your customers, including names, email addresses, and any additional information they provide.
• Usage Data: Information about how you use our service, including API requests, feature usage, and performance metrics.
• Payment Information: Billing details processed securely through Stripe (we do not store credit card information).

3. How We Use Your Information

We use the collected information for the following purposes:

• To provide and maintain our service
• To create GitHub issues from support form submissions
• To facilitate two-way email communication between you and your customers
• To process payments and manage subscriptions
• To send service-related notifications and updates
• To analyze usage patterns and improve our service
• To detect and prevent fraud or abuse

4. Data Retention

We automatically delete submission data after 30 days to protect your customers' privacy. Account information and project configurations are retained as long as your account is active. You can request deletion of your account and all associated data at any time.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your data only in the following circumstances:

• Service Providers: We use third-party services (GitHub, Mailgun, Stripe, Supabase) to operate our platform.
• Legal Requirements: When required by law or to protect our rights and safety.
• Business Transfers: In the event of a merger, acquisition, or sale of assets.

6. Security

We implement industry-standard security measures to protect your data, including:

• Encrypted data transmission (SSL/TLS)
• Encrypted storage of sensitive information
• Rate limiting and abuse prevention
• Regular security audits and updates
• Access controls and authentication

7. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data
• Opt-out of marketing communications
• Withdraw consent at any time

8. GDPR Compliance

For users in the European Economic Area (EEA), we comply with GDPR requirements. We process your data based on legitimate interests, contractual necessity, and your consent. You have additional rights under GDPR, including data portability and the right to lodge a complaint with a supervisory authority.

9. Cookies and Tracking

We use cookies and similar technologies for authentication, preferences, and analytics. You can control cookies through your browser settings. Essential cookies are required for the service to function properly.

10. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes via email or through our service. Continued use of our service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this privacy policy or our data practices, please contact us at:

Email: privacy@issued.dev