Privacy Policy

Introduction

SignatureCraft ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our email signature creation service.

Please read this policy carefully. If you do not agree with our practices, please do not use our Service.

Information We Collect

Information You Provide

• Account Information: Name, email address, password (encrypted), profile photo
• Signature Content: Name, job title, company, contact information, social media links, images you upload
• Payment Information: Processed securely by Stripe; we do not store credit card numbers
• Team Information: Team member names, email addresses, and roles
• Communications: Messages you send to our support team

Information Collected Automatically

• Usage Data: Pages visited, features used, time spent, clicks, and interactions
• Device Information: Browser type, operating system, device type, screen resolution
• Log Data: IP address, access times, referring URLs
• Cookies: Session cookies, preference cookies, and analytics cookies

Analytics Data

If you use our signature analytics features, we collect:

• Signature view counts (via tracking pixel)
• Link click data (timestamp, link clicked)
• Geographic location (country/region level)
• Device and email client information of recipients

How We Use Your Information

We use your information to:

• Provide, maintain, and improve our Service
• Process transactions and send related information
• Send administrative messages, updates, and security alerts
• Respond to your comments, questions, and support requests
• Provide signature analytics and performance reports
• Monitor usage patterns and analyze trends
• Detect, prevent, and address technical issues and fraud
• Personalize your experience and provide recommendations
• Send marketing communications (with your consent)

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your data based on:

• Contract: Processing necessary to provide our Service to you
• Legitimate Interests: Improving our Service, fraud prevention, security
• Consent: Marketing communications, optional analytics features
• Legal Obligation: Compliance with applicable laws

Information Sharing

We do not sell your personal information. We may share your information with:

• Service Providers: Third parties that help us operate our Service (hosting, payment processing, analytics)
• Team Members: Within your organization if you use team features
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

Third-Party Services We Use

• Clerk: Authentication and user management
• Stripe: Payment processing
• Vercel: Hosting and deployment
• Neon: Database hosting
• Sentry: Error tracking and monitoring
• Resend: Transactional email delivery

Data Retention

We retain your information for as long as your account is active or as needed to provide services. Specifically:

• Account Data: Until you delete your account
• Signatures: Until you delete them or your account
• Analytics Data: 24 months from collection
• Payment Records: As required by tax and accounting laws (typically 7 years)
• Support Communications: 3 years after resolution

After deletion, we may retain anonymized data for analytics and service improvement.

Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate data
• Deletion: Request deletion of your data
• Portability: Receive your data in a portable format
• Objection: Object to certain processing activities
• Restriction: Request limited processing of your data
• Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@signaturecraft.io. We will respond within 30 days.

Cookies and Tracking

We use cookies and similar technologies to:

• Essential Cookies: Required for the Service to function (authentication, security)
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Understand how you use our Service

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

Data Security

We implement appropriate security measures to protect your data, including:

• Encryption of data in transit (HTTPS/TLS) and at rest
• Secure authentication through Clerk
• Regular security assessments and updates
• Access controls and employee training
• Incident response procedures

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

International Data Transfers

Your data may be transferred to and processed in countries other than your own, including the United States. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data.

Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

California Privacy Rights (CCPA)

California residents have additional rights under the CCPA:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we do not sell data)
• Right to non-discrimination for exercising privacy rights

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a notice on our Service. Your continued use after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: