1. Information We Collect

We collect information you provide directly to us, information we obtain automatically when you use our services, and information from third parties.

Information You Provide

• Account registration information (name, email)
• Passwords are stored securely using industry-standard hashing. We never store plain-text passwords.
• Profile information and preferences
• Payment and billing information
• Communications with our support team
• Content you create or upload through our services
• File uploads, AI chat interactions, and conversation logs (where possible, these are anonymized or pseudonymized before being used for service improvement and support purposes)

Automatically Collected Information

• Usage data and analytics
• Device information (IP address, browser type, operating system)
• Log data and timestamps
• Cookies and similar tracking technologies

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Send technical notices, updates, and support messages
• Respond to your comments and questions
• Monitor and analyze trends and usage patterns
• Personalize your experience with our services
• Prevent fraudulent transactions and enhance security
• Comply with legal obligations

3. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

Service Providers

We share information with trusted third-party service providers who assist us in operating our services, such as payment processors, hosting providers, and analytics services. Specifically, we use Stripe, Inc. to process payments. Stripe may collect and process payment information in accordance with its Privacy Policy.

Legal Requirements

We may disclose information when required by law or to protect our rights, property, or safety, or that of our users or others.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Security

We implement appropriate security measures to protect your personal information:

• Encryption of data in transit and at rest
• Secure server infrastructure with regular updates
• Access controls and authentication measures
• Regular security audits and monitoring
• Employee training on data protection practices

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your login credentials and for any activity that occurs under your account.

5. Data Retention

We retain your information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Specifically:

• Account Information: Retained while your account is active and for up to 60 days after account deletion request
• Transaction Records: Retained for 7 years as required by tax and financial regulations
• Communication Records: Retained for 2 years after your last interaction with our support team
• AI Interactions and Chat Logs: May be retained in anonymized form for service improvement

When you delete your account, we will delete or anonymize your personal information within 60 days, except where longer retention is required by law. You can request information about your data retention periods by contacting us at info@addictivedesign.ca.

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request transfer of your information in a structured format
• Objection: Object to processing of your information for certain purposes
• Restriction: Request restriction of processing in certain circumstances

To exercise these rights, please contact us at info@addictivedesign.ca.

7. Cookies and Tracking Technologies

We only use cookies and browser storage that are strictly necessary for our services to function. We do not use cookies for advertising, marketing, or third-party tracking.

Essential Cookies

• Authentication cookies: Used to keep you logged in and maintain your session
• Security cookies: Help protect our site and your account from unauthorized access

Browser Storage

• Theme preferences: We use your browser's local storage to remember your preferred theme (light/dark)
• User interface settings: We may use local storage to remember certain interface preferences
• Notification preferences: We may use local storage to keep track of which notifications you’ve dismissed or acknowledged

The cookies we use are strictly necessary for our services to function properly. You can control cookies through your browser settings, though disabling these essential cookies will affect the functionality of our services and may prevent you from logging in or using secure features.

8. Third-Party Services

Our services may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you use.

9. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information when it is transferred internationally, in accordance with applicable data protection laws. We implement safeguards, such as standard contractual clauses, where required by law, to protect your information when transferred internationally.

11. Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify you and relevant authorities without undue delay and within 72 hours of becoming aware of the breach, where feasible. The notification will include information about the nature of the breach, the types of data affected, the potential consequences, and the measures we are taking to address the breach and mitigate its possible adverse effects.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the "Last updated" date. Your continued use of our services after the changes take effect constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: