Privacy Policy

1. Introduction

We are committed to protecting your privacy and handling your personal data transparently and securely. This Privacy Policy explains how we collect, use, store, and protect your information when you use ASCII Motion.

2. Information We Collect

Account Information:

• Email address (required for account creation)
• Password (encrypted and stored securely)

Payment Information:

• Stripe customer ID (for Pro subscribers)
• Subscription status and billing period
• We do NOT store credit card numbers - all payment processing is handled by Stripe

Project Data:

• ASCII art content (characters, colors)
• Animation frames and timelines
• Project names and descriptions
• Tool settings and preferences

Usage Data (Anonymized):

• Browser type and version
• Operating system
• Performance metrics

3. How We Use Your Information

We use your information to:

• Create and manage your account
• Process subscription payments
• Save and sync your projects across devices
• Verify your identity and secure your account
• Send transactional emails (account verification, password resets, payment receipts)
• Improve service performance and user experience
• Protect against fraud and abuse

4. Data Sharing and Disclosure

We do NOT sell your personal data. We may share your information with:

• Supabase: Database and authentication (SOC 2 compliant)
• Vercel: Web hosting and deployment (global CDN)
• Stripe: Payment processing (PCI DSS compliant)

We may disclose information if required by law (court orders, legal investigations).

5. Data Security

We implement industry-standard security measures:

• HTTPS/TLS encryption for all data transmission
• Database encryption at rest
• Bcrypt password hashing with salt
• Row-level security policies prevent unauthorized access
• PCI DSS compliant payment processing via Stripe

While we take extensive precautions, no system is 100% secure. We will notify affected users within 72 hours of any security breach.

6. Data Retention

Active Accounts: Data retained while your account is active.

Deleted Accounts: All account data and projects are permanently deleted within 30 days. Removed from backups within 60 days.

Payment Records: Transaction history may be retained for up to 7 years for tax and legal compliance.

7. Your Rights (GDPR & CCPA)

You have the following rights:

• Right to Access: Export your projects and account data
• Right to Rectification: Update email, password, and preferences
• Right to Erasure: Delete your account and all data
• Right to Data Portability: Download projects in machine-readable formats
• Right to Object: Opt out of marketing emails

To exercise these rights, use the account settings or contact us through GitHub.

8. Children's Privacy

ASCII Motion is not intended for children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us immediately.

9. International Data Transfers

Your data is primarily stored in the United States. For EU users, we rely on Standard Contractual Clauses (SCCs) for data transfers and comply with GDPR requirements.

10. Cookies and Tracking

We use essential cookies to keep you logged in and secure your account. We do not use third-party tracking or advertising cookies.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be announced via email or Service notification. Continued use after changes constitutes acceptance.

12. Contact Us

For questions about this Privacy Policy or to exercise your rights, visit our GitHub repository at github.com/cameronfoxly/Ascii-Motion or contact us through the repository's issue tracker.