Privacy Policy
Last updated: July 8, 2026
Who we are
PrivyDeckoperates the PrivyDeck personal privacy dashboard ("PrivyDeck," "we," "us"). This policy explains how we handle personal data when you use our website and hosted service.
Privacy contact: privacy@privydeck.com
What PrivyDeck does
PrivyDeck helps you block trackers, monitor your privacy posture, store encrypted documents, and send data-subject requests to third-party companies. We are designed to collect as little as possible.
Categories of personal data we process
- Account data: email address, display name, profile image (from your sign-in provider), account creation date, subscription tier
- Billing data: Stripe customer ID and subscription status (payment card details are handled entirely by Stripe)
- Device data: names, types, platform, protection status, agent version, last-seen timestamps
- Network telemetry: aggregated Pi-hole blocker statistics and VPN connection status when you connect a home agent
- Tracker alerts: blocked domain names, hit counts, categories, and optional AI-generated suggestions
- Vault metadata: titles, categories, file sizes, encryption salts/IVs — not plaintext contents
- Vault ciphertext: encrypted files you upload (decrypted only in your browser with your passphrase)
- Privacy score history: numeric scores and component breakdowns
- DSAR letters: company names, contact emails, template choices, and generated letter text you create
- Preferences: blocklist toggles, lockdown mode, extension sync metadata, in-app notifications
- Technical data: CSRF token cookie, session authentication cookie, IP address in server logs (hosting provider)
What we do not collect
- Your vault passphrase — never transmitted to our servers
- Plaintext vault document contents — encrypted client-side before upload
- Your full browsing history — only aggregated tracker statistics when protection is active
- Advertising profiles or cross-site tracking — we do not run third-party analytics or ad pixels
Purposes and legal bases (GDPR / UK GDPR)
Where GDPR or UK GDPR applies, we rely on the following legal bases:
- Contract (Art. 6(1)(b)): providing your account, sync, vault storage, and subscription features
- Legitimate interests (Art. 6(1)(f)): security (CSRF, rate limits), fraud prevention, service improvement, and optional AI tracker coaching when enabled
- Consent (Art. 6(1)(a)): optional AI suggestions — you can disable these in Settings → Privacy preferences
- Legal obligation (Art. 6(1)(c)): tax, accounting, and lawful requests from authorities
California (CCPA / CPRA) notice at collection
Categories collected: identifiers (email, name), internet/network activity (tracker domain statistics), commercial information (subscription status), and optionally sensitive personal information if you store medical, financial, or legal documents in your encrypted vault.
Sources: you directly and your connected devices. Business purposes: provide the service, security, billing, and customer support. Retention: see Retention section below.
We do not sell or share personal information for cross-context behavioral advertising. Do Not Sell or Share My Personal Information. We honor Global Privacy Control (GPC). Consumer rights (access, delete, correct, portability, limit sensitive PI): Your Privacy Rights.
Non-discrimination: we will not discriminate against you for exercising CCPA/CPRA rights. See non-discrimination notice.
United States state privacy laws
If you reside in Virginia (VCDPA), Colorado (CPA), or Connecticut (CTDPA), you have rights to access, delete, correct, and opt out of the sale of personal data and targeted advertising. We do not sell personal data or use it for targeted advertising.
Exercise rights via Your Privacy Rights or Do Not Sell or Share. We apply the same non-discrimination standard to all US state privacy requests.
Other regional frameworks
Regardless of where you live, we apply the same core rights. Details and how to exercise them: Your Privacy Rights.
- Brazil (LGPD): lawful bases above; contact our privacy team; lodge complaints with the ANPD
- Canada (PIPEDA): privacy contact acts as privacy officer; access, challenge accuracy, withdraw consent; complaints to OPC if unresolved
- South Africa (POPIA): lawful processing; contact us to exercise rights
- Japan (APPI): purposes specified here; disclosure, correction, suspension, deletion on request; cross-border safeguards with subprocessors
- South Korea (PIPA): access, correction, deletion, suspend processing; withdraw consent for optional AI features
- Singapore / Thailand PDPA: limited collection for stated purposes; access and correction on request
- Australia (Privacy Act / APPs): open handling; access and correction; complaints to OAIC after contacting us
- European Union / UK (GDPR) & Switzerland (FADP): legal bases, retention, subprocessors, and complaint rights as described above
- European Union (ePrivacy): strictly necessary cookies only; see Cookie Policy; no advertising trackers on PrivyDeck
Third-party payment processing (Stripe)
When you subscribe or manage billing, Stripe loads on checkout and the billing portal. PrivBeacon and similar audits may detect Stripe as a "payment tracker" — this is expected: Stripe processes payments and may set cookies for fraud prevention and checkout functionality. We do not use Stripe for advertising. Stripe's privacy policy governs their processing: stripe.com/privacy. See also our Cookie Policy.
Subprocessors and recipients
We share data only with service providers who help us run PrivyDeck:
- Stripe — payment processing (billing data)
- Sign-in providers you choose — Google, GitHub, Apple, or email magic links (authentication)
- Optional AI provider (e.g. OpenAI) — blocked domain name and hit count only, when AI coaching is enabled and you have not opted out
- Hosting infrastructure — server logs and stored database (e.g. Fly.io or your self-hosted server)
We do not sell personal data to data brokers. DSAR letters you generate are sent by you to third parties — not by us.
International transfers
If you access PrivyDeck from outside the country where our servers run, your data may be transferred internationally. Where required, we rely on Standard Contractual Clauses or equivalent safeguards with subprocessors. Self-hosted deployments keep data on your own infrastructure.
Retention
- Account data: until you delete your account, plus up to 30 days for backup purge
- Score history and alerts: until deleted or account erasure
- Vault ciphertext: until you delete items or your account
- Server logs: typically 30–90 days (hosting provider dependent)
- Stripe records: as required for tax and accounting (typically 7 years)
Cookies and similar technologies
We use strictly necessary cookies only (session, CSRF). We do not use advertising or analytics cookies. Details: Cookie Policy.
Automated processing and AI
When enabled, we may send blocked domain names and hit counts to an AI API to generate short tracker-blocking suggestions. This is not used for profiling or automated decisions with legal effect. Disable AI coaching anytime in Settings → Privacy preferences.
Your privacy rights
Full instructions for access, deletion, correction, portability, opt-out, and regional rights: Your Privacy Rights. Summary for signed-in users:
- Access & portability: Settings → Privacy data export (JSON bundle including vault ciphertext)
- Erasure: Settings → Delete account (permanent; type DELETE to confirm)
- Rectification: update your profile via your sign-in provider, or contact us
- Restrict / object: disable AI coaching; cancel subscription; contact us for other requests
- Withdraw consent: disable optional AI features; delete account to stop all processing
- Opt out of sale/sharing: we do not sell — see Do Not Sell page; GPC honored
Email privacy@privydeck.com for requests you cannot complete in Settings. We respond within 30 days (GDPR) or 45 days (CCPA, extendable once). We may verify your identity before fulfilling sensitive requests.
Children
PrivyDeck is not directed at children under 16. We do not knowingly collect data from children. If you believe a child has provided us data, contact privacy@privydeck.com and we will delete it.
Security
Vault files are encrypted in your browser before upload. Agent and extension tokens are stored as hashes. We use CSRF protection, content security policy, and rate-limited exports. No system is perfectly secure — use a strong vault passphrase and keep devices updated.
Data breaches
If a breach likely affects your rights, we will notify you and relevant authorities as required by applicable law (e.g. GDPR Art. 33–34, state breach laws).
Changes to this policy
We may update this policy. Material changes will be reflected in the "Last updated" date. Continued use after changes constitutes acceptance where permitted by law.
Contact
Privacy: privacy@privydeck.com
General support: support@privydeck.com
Help center: /help