Privacy Policy

Back to site

Effective date: April 11, 2026

1. Scope

This Privacy Policy explains how Just My Site collects, uses, stores, and shares personal data when you use our website, creator dashboard, storefront, checkout, and related services.

2. Data We Collect

We collect the following categories of information:

  • Account data: name, email, login identifiers.
  • Store profile data: display name, bio, social links, branding and contact details you provide.
  • Customer and audience data: customer name, email, order records, lead signups, booking details.
  • Booking data: scheduled time, timezone, meeting location, meeting links, booking status, reminders.
  • Payment and subscription metadata from Stripe and PayPal (we do not store full card numbers).
  • Integration data: Google Calendar account email, calendar ID, OAuth tokens required for sync.
  • Operational data: logs, webhook events, job processing records, analytics and diagnostics data.
  • Storage data: uploaded files and metadata (size, path, timestamps).
  • Technical data: IP-derived metadata, browser data, cookies/session tokens, and request headers.

3. How We Use Data

  • Provide and operate storefronts, checkout, bookings, access delivery, and creator dashboards.
  • Process payments and subscription workflows through integrated payment providers.
  • Send transactional emails (receipts, confirmations, access links, reminders).
  • Sync booking events with connected Google Calendar accounts when enabled.
  • Detect abuse, secure accounts, prevent fraud, and troubleshoot incidents.
  • Measure product performance and improve reliability.
  • Comply with legal obligations and enforce platform terms.

4. Legal Bases

Depending on your jurisdiction, we process data based on contract performance, legitimate interests, legal obligations, and consent where required.

5. Processors and Service Providers

We use third-party providers to run core platform services, including:

  • Supabase (database, authentication, and related backend services)
  • Vercel (hosting and deployment)
  • Stripe and PayPal (payments and billing)
  • Resend (transactional email delivery)
  • Cloudflare R2 or Supabase Storage (file storage)
  • Google APIs (calendar synchronization where connected)

6. Data Sharing

We share data with service providers only as needed to provide the service. We may also share data if required by law, to protect rights and safety, or in connection with a business transfer.

7. Data Retention

We retain data for as long as needed to provide the service, maintain required records, resolve disputes, and meet legal obligations. Some operational logs are retained according to configured retention periods.

8. Security

We use reasonable technical and organizational safeguards. No system is fully secure, so we cannot guarantee absolute security.

9. International Transfers

Your data may be processed in countries other than your own depending on infrastructure and provider locations.

10. Your Rights

Depending on your location, you may have rights to access, correct, delete, or export your data, and to object to certain processing. To request this, contact us using the details below.

11. Children

The service is not directed to children under 13 (or the minimum age required in your jurisdiction).

12. Changes

We may update this policy. Material updates will be reflected by a new effective date.

13. Contact

For privacy requests or questions, contact: onboarding@justmy.site