Privacy Policy

Last Updated: June 10, 2025

Summary: We collect personal information (like your name and email), user-generated content (like notes or files), and usage data (like device information) to provide and improve our Service. We use strong security measures, such as encryption and access controls, to protect your data. We only share your information with trusted partners (like cloud providers) or as required by law. You have the right to access, correct, delete, or control your data, and we comply with privacy laws like GDPR and CCPA where applicable.

Welcome to our web-based application (the “Service”). We value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and safeguard your data when you interact with our Service. By using the Service, you agree to the terms described herein.

We may update this Privacy Policy from time to time. You will be notified of significant changes via email or through a notice within the Service. Your continued use of the Service after such updates signifies your acceptance of the revised policy.

1. Information We Collect

We collect various types of information to provide and improve the Service:

1.1. Personal Information

• Account Creation: When you sign up, we collect your full name, email address, and an auto generated username to create and manage your account.
• Authentication: During login, we log your IP address and approximate location (e.g., city or country) to verify your identity and enhance security plus user experience.
• Referral Information: If you join via a referral link, we may collect the referrer’s identifier and related tracking data (e.g., traffic source) to credit the referrer.
• Contact Information: If you contact us for support or feedback, we retain your email or other provided contact details to respond and improve our Service.

1.2. User-Generated Content

• Content You Create: We collect and store anything you input or upload, such as notes, files, or other content you create or share within the Service, to enable its functionality (e.g., saving your work).

1.3. Usage Data

• Technical Details: We gather information about your device, including browser type (e.g., Chrome, Firefox), operating system (e.g., Windows, macOS), screen resolution, and time zone, to optimize the Service for your setup.
• Interaction Data: We track how you use the Service, such as page views, feature usage (e.g., which tools or buttons you click), and timestamps, to improve performance and user experience.

1.4. Cookies and Similar Technologies

• Essential Cookies: These keep you logged in and ensure the Service works correctly (e.g., maintaining your session).
• Analytics Cookies: These help us understand usage trends (e.g., via tools like Google Analytics) to enhance the Service.
• Preference Cookies: These remember your choices (e.g., language or theme settings) for a personalized experience.

You can manage cookie preferences in your browser, but disabling them may affect some features.

---

2. How We Use Your Information

We use your data to deliver, secure, and improve the Service:

• Service Delivery:
  • To manage your account and provide features (e.g., using your email to send account verification or password reset code or task remainders or newsletters).
• Security:
  • To protect your account by monitoring for unauthorized access (e.g., analyzing IP addresses for suspicious activity).
• Improvement:
  • To analyze usage trends (e.g., how often features are used) and refine the Service’s functionality and design.
• Communication:
  • To send updates, respond to inquiries, or notify you about Service changes (e.g., via email or in-app messages).
• Compliance:
  • To meet legal obligations (e.g., retaining data for tax purposes) or respond to lawful requests (e.g., court orders).

For example, we might use your email to notify you of a new feature or your usage data to fix a bug you encountered.

3. How We Share Your Information

We do not sell your personal information. We may share it as follows:

• Third-Party Providers:
  • We share data with trusted partners who provide hosting, analytics (e.g., Google Analytics), and communication services. These partners are contractually obligated to protect your data and only use it to support our Service.
• Legal Requirements:
  • We may disclose information if compelled by law (e.g., a subpoena or court order) or to protect our rights, users, or the public.
• Business Changes:
  • If we merge with or are acquired by another company, your data may be transferred, but it will remain governed by this Privacy Policy unless you’re notified otherwise.

---

4. Data Security

We take robust steps to protect your data:

• Encryption:
  • We use AES-256 encryption for data at rest (e.g., stored files) and TLS for data in transit (e.g., during login) to keep it secure.
• Authentication:
  • Passwords are hashed using strong algorithms (e.g., bcrypt) to prevent unauthorized access.
• Access Controls:
  • Only authorized staff can access your data, and they operate under strict confidentiality rules and multi-factor authentication.
• Monitoring:
  • We conduct regular system audits and use automated tools to detect and address security vulnerabilities.

While we aim for top-tier security, no system is entirely risk-free.

5. Data Retention

We keep your data only as long as necessary:

• Active Accounts:
  • Your personal information and content are retained while your account is active to ensure uninterrupted service.
• Account Deletion:
  • If you delete your account, we remove your data within 30 days, except where legally required (e.g., tax records) or needed for legitimate purposes (e.g., resolving disputes).
• Logs:
  • Usage and security logs are stored for up to 12 months for monitoring purposes, then deleted.

6. Your Rights and Options

You have several rights over your data:

• Access:
  • Email [email protected] with the subject “Data Access Request” to get a copy of your data.
• Correction:
  • Log in and visit “Account Settings” to update your name, email, or other details.
• Deletion:
  • Email [email protected] with the subject “Account Deletion Request” to remove your account and data; we’ll process it within 30 days.
• Restriction:
  • Contact us to limit certain uses (e.g., stop analytics tracking).
• Portability:
  • Request your data in a structured format (e.g., CSV) via [email protected].
• Opt-Out:
  • Adjust cookie settings in your browser or email us to opt out of non-essential data use.

We’ll respond to all requests within 7 days. For GDPR (EEA users) or CCPA (California users), additional rights apply—see Section 6.1 and 6.2.

6.1. GDPR (European Users)

• We process data based on consent, necessity, or legitimate interests. Contact our Data Protection Officer at [email protected] for questions.

6.2. CCPA (California Users)

• You can request disclosure or deletion of your data without discrimination. Contact us at [email protected].

7. Children’s Privacy

The Service is not intended for users under 13. We do not knowingly collect their data and will delete it if identified. Report concerns to [email protected].

8. Third-Party Integrations

We use third-party tools (e.g., Google Analytics, Mailchimp) that may collect data under their own policies. Review them for details—we’re not liable for their practices.

9. International Transfers

RytePad is an India-based application currently hosted with Hostinger, which operates a data center in Mumbai, India, among other global locations. Your personal information is primarily processed and stored in India, ensuring optimal performance for Indian users. However, depending on Hostinger’s infrastructure and your usage (e.g., through their global Content Delivery Network or other server locations), your data may also be transferred to and processed in other countries, such as Singapore or regions in Europe, North America, or South America.

For users in the European Economic Area (EEA), we ensure compliance with the General Data Protection Regulation (GDPR) by implementing appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission. These clauses guarantee that your data is protected to a level consistent with EEA standards, regardless of where it is processed. We also work with Hostinger to ensure that any international data transfers adhere to applicable privacy laws.

If you have questions about where your data is processed, how international transfers are handled, or wish to review our SCCs, please contact us at [email protected].

10. Changes to This Policy

We may revise this policy as needed. Major updates will be communicated via email or in-app notices. Continued use post-update means you accept the changes.

11. Contact Us

Reach out with questions or requests:

• Email: [email protected]

We’re committed to your privacy and happy to assist!