Privacy Policy

This is a sample privacy policy for the BoilerKitt boilerplate. Replace this with your company’s policy. It explains what data is collected, how it’s used, and who it’s shared with.

Data We Collect

• Authentication: Google OAuth profile (email) via Supabase Auth.
• Billing: Subscription and payment details processed by Stripe (no card data stored here).
• Operational: Basic logs/metrics via hosting (e.g., Vercel), server logs for debugging.

How We Use Data

• Authenticate accounts and provide access to plan‑gated features.
• Process subscriptions, upgrades, and billing management via Stripe.
• Maintain service reliability, prevent abuse, and improve the product.

Sharing

• Supabase (authentication, database), Stripe (payments), Vercel (hosting).
• We do not sell personal data.

Security

We use role‑based access, server‑only keys, and least‑privilege principles. Always rotate any exposed secrets and keep dependencies updated.

Retention

We retain account and billing records as required for operations and compliance.

Your Rights

Contact us to request access, correction, or deletion of your personal data.

Contact

Set your contact email or support URL here.

This template is provided for convenience only and does not constitute legal advice.