Privacy Policy

Last updated on, and effective as of, March 13, 2025

1. Introduction and Scope

This Privacy Policy ("Policy") governs the collection, use, storage, and disclosure of personal information by waitlist.email ("we," "our," "us") through our website located at https://waitlist.email ("Site") and associated services ("Services").

By accessing or using our Services, you represent that you are at least 18 years of age and acknowledge that you have read, understood, and agree to be bound by this Policy and our Terms of Service. If you are under 18 years of age, you may not use or access the Services at any time or in any manner.

2. Definitions

For the purposes of this Policy:

  • Personal Information: means any information relating to an identified or identifiable natural person
  • Processing: means any operation performed on Personal Information
  • Data Subject: means the individual to whom Personal Information relates
  • Controller: means the entity determining the purposes and means of Processing
  • Processor: means the entity Processing Personal Information on behalf of the Controller

3. Information We Collect

3.1. Information You Provide:

  • Account Information:
    • Email address
    • Full name
    • Password (encrypted)
    • Account preferences and settings
    • Business information (if applicable)
  • Waitlist Data:
    • Email addresses of waitlist subscribers
    • Custom fields and attributes
    • Subscription timestamps
    • Engagement metrics
  • Payment Information:
    • Payment card type
    • Last four digits of payment card
    • Billing address
    • Transaction history
  • Communications:
    • Support requests
    • Feedback submissions
    • Email correspondence

3.2. Information Automatically Collected:

  • Technical Data:
    • IP address
    • Browser type and version
    • Operating system
    • Device information
    • Time zone settings
  • Usage Data:
    • Access times and dates
    • Pages viewed
    • Features used
    • Error logs
    • Performance metrics

4. Use of Information

4.1. Primary Purposes:

  • Service provision and maintenance
  • Account management
  • Payment processing
  • Communication delivery
  • Customer support
  • Feature optimization
  • Security maintenance

4.2. Secondary Purposes:

  • Service improvement
  • Usage analysis
  • Trend identification
  • Research and development
  • Aggregate analytics

5. Data Sharing and Third Parties

5.1. Service Providers:

  • Payment Processing:
    • Stripe for secure payment processing
    • Scope: transaction data
    • Purpose: payment processing
    • Protection: PCI DSS compliant
  • Analytics:
    • Plausible Analytics for privacy-focused analytics
    • Scope: anonymous usage data
    • Purpose: service optimization
    • No personal information collected
  • Feedback Collection:
    • Canny.io for user feedback and feature requests
    • Scope: email, name, and avatar
    • Purpose: product improvement
  • Infrastructure:
    • Cloud hosting providers
    • Email service providers
    • Content delivery networks

6. Data Security

We implement comprehensive security measures to protect your data:

6.1. Technical Measures:

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Access controls
  • Network security
  • Intrusion detection
  • Regular security testing

6.2. Organizational Measures:

  • Access limitation
  • Employee training
  • Security policies
  • Incident response
  • Regular audits
  • Vendor assessment

7. Data Retention

We retain your data for as long as necessary to provide our services or as required by law. Specifically:

  • Active Account Data: Maintained while your account is active
  • Trial Account Data: Retained for 30 days after trial expiration
  • Terminated Account Data: 30 days post-deletion for recovery
  • Payment Records: 7 years for legal compliance
  • Usage Logs: 30 days for security monitoring
  • Analytics Data: 12 months in anonymized form
  • Payment Method Data: Stored securely by Stripe until subscription cancellation or account deletion

8. Data Processing and International Transfers

Your information may be processed and stored in various locations:

  • Primary data processing occurs in Australia
  • Cloud infrastructure providers may process data in secure facilities worldwide
  • Third-party service providers may process data in accordance with their privacy policies
  • All international transfers comply with applicable data protection laws
  • We implement appropriate safeguards for international data transfers

9. Your Privacy Rights

You have the following rights regarding your personal information:

  • Right to access your data
  • Right to correct inaccurate data
  • Right to request data deletion
  • Right to data portability
  • Right to withdraw consent
  • Right to object to processing

10. Children's Privacy

Our Service is not directed to children under 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes via email or through our platform. Your continued use of the Service after such modifications constitutes acceptance of the updated Policy.

12. Contact Information

For privacy-related inquiries, please contact us at waitlist@almosthuman.au. We aim to respond within 48 hours.

13. Governing Law

This Policy is governed by Australian law, subject to applicable data protection laws and regulations.