Privacy Policy

Thank you for using CookieBolt ('we,' 'us,' or 'our'). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website located at https://cookiebolt.com (the 'Service') and our cookie consent management platform.

By accessing or using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

1. Information We Collect

1.1 Personal Information

We collect the following personal information:

• Account Information: Name, email address, and profile information when you create an account
• Payment Information: Billing details processed securely through Stripe (we do not store payment card information)
• Communication Data: Information when you contact us for support or inquiries

1.2 Usage and Analytics Data

We automatically collect information about your use of our Service:

• Website Analytics: Page views, session duration, referrer information, and user interactions
• Consent Analytics: Consent decisions, banner interactions, and compliance metrics for your websites
• Technical Data: IP address, browser type, device information, operating system, and screen resolution
• Visitor Tracking: Unique visitor IDs and session identifiers for analytics purposes

1.3 Cookies and Tracking Technologies

We use the following cookies and tracking technologies:

• Essential Cookies: Required for authentication, security, and basic functionality
• Analytics Cookies: To understand how users interact with our Service
• Consent Cookies: To store your cookie preferences and consent decisions
• Visitor Identification: Unique identifiers to track consent across sessions

2. How We Use Your Information

We use the collected information for the following purposes:

• To provide, maintain, and improve our Service
• To process payments and manage subscriptions
• To provide customer support and respond to inquiries
• To analyze usage patterns and optimize our Service
• To ensure GDPR, CCPA, and other regulatory compliance
• To generate consent analytics and compliance reports
• To send important service notifications and updates
• To prevent fraud and ensure security

3. Information Sharing and Disclosure

We may share your information in the following circumstances:

3.1 Service Providers

• Stripe: For payment processing and subscription management
• Resend: For transactional email delivery
• MongoDB Atlas: For secure data storage and hosting
• Google OAuth: For authentication services (when chosen by user)

3.2 Legal Requirements

We may disclose your information if required by law, regulation, or legal process, or to protect the rights, property, or safety of CookieBolt, our users, or others.

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We do not sell, trade, or rent your personal information to third parties for marketing purposes.

4. Data Retention

We retain your information for as long as necessary to provide our Service and for legitimate business purposes:

• Account Data: Until you delete your account or request deletion
• Analytics Data: Aggregated data retained for up to 3 years for compliance reporting
• Consent Records: Maintained for up to 7 years as required by GDPR
• Payment Records: Retained per legal requirements and Stripe's policies

5. Your Privacy Rights

Depending on your location, you may have the following rights:

5.1 GDPR Rights (EU Residents)

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a structured format
• Restriction: Limit how we process your data
• Objection: Object to processing based on legitimate interests

5.2 CCPA Rights (California Residents)

• Know: Request information about data collection and use
• Delete: Request deletion of personal information
• Opt-Out: Opt out of the sale of personal information (we do not sell data)
• Non-Discrimination: Equal service regardless of privacy choices

To exercise these rights, contact us at neca.daniel@icloud.com

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption in transit and at rest using industry-standard protocols
• Secure authentication and access controls
• Regular security assessments and updates
• Limited access to personal data on a need-to-know basis
• Secure hosting infrastructure with MongoDB Atlas

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure adequate protection through:

• Standard Contractual Clauses for EU data transfers
• Adequacy decisions where applicable
• Service provider agreements ensuring data protection

8. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on this page with a new "Last Updated" date
• Sending email notifications for significant changes
• Displaying a prominent notice on our Service