Privacy Policy

1Information We Collect

1.1 Information You Provide

• Email address and profile information when you create an account
• Website domains and associated metadata when you register sites
• Content modifications and version history made through our service
• Payment information (processed securely by third-party providers)
• Support communications and feedback
• API keys and integration settings (encrypted at rest)

1.2 Automatically Collected Information

• Usage analytics and feature interaction data
• IP addresses (hashed for privacy) and geolocation data
• Browser and device information for compatibility
• Session data and authentication tokens
• Performance metrics and error logs
• Security event logs and access patterns

1.3 Website Integration Data

• Website structure and content elements (for editing functionality)
• Edit session tokens and authentication data
• Script integration status and configuration
• Website performance impact metrics

2How We Use Your Information

2.1 Service Delivery

• Provide secure content editing and management capabilities
• Maintain user accounts and authentication systems
• Process and store content modifications with version control
• Generate AI-powered content suggestions and translations
• Ensure cross-browser and device compatibility

2.2 Security & Compliance

• Monitor for security threats and unauthorized access
• Prevent fraud, abuse, and malicious activities
• Maintain comprehensive audit logs for compliance
• Implement access controls and session management
• Conduct security assessments and vulnerability testing

2.3 Service Improvement

• Analyze usage patterns to enhance user experience
• Optimize performance and reduce loading times
• Develop new features based on user needs
• Send important service notifications and security updates
• Provide customer support and technical assistance

3Information Sharing & Data Transfers

3.1 Limited Sharing Circumstances

We may share information only in these strictly limited circumstances:

• With your explicit, informed consent
• To comply with valid legal processes (subpoenas, court orders)
• To protect against immediate threats to safety or security
• In connection with business transfers (with continued privacy protection)
• With essential service providers under Data Processing Agreements (DPAs)

3.2 Service Providers & Processors

We work with carefully vetted service providers who assist in our operations:

• Cloud hosting providers (AWS, Google Cloud) with security certifications
• Payment processors (Stripe) with PCI DSS compliance
• Analytics services with privacy-focused configurations
• Email service providers with encryption capabilities
• All providers operate under strict confidentiality and data protection agreements

3.3 International Transfers

When data is transferred internationally, we ensure adequate protection through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions for countries with equivalent protection
• Additional safeguards such as encryption and access controls

4Data Security & Protection

4.1 Encryption & Data Protection

• AES-256 encryption for data at rest
• TLS 1.3 encryption for all data in transit
• End-to-end encryption for sensitive operations
• Encrypted database connections and backups
• Client-side encryption for edit tokens

4.2 Access Controls & Authentication

• Multi-factor authentication (MFA) enforcement
• Role-based access control (RBAC) systems
• Just-in-time (JIT) access for administrative operations
• Regular access reviews and privilege rotation
• Zero-trust network architecture

4.3 Security Monitoring & Response

• 24/7 security operations center (SOC) monitoring
• Automated threat detection and response systems
• Regular penetration testing and vulnerability assessments
• Intrusion detection and prevention systems (IDS/IPS)
• Comprehensive audit logging and SIEM integration

5Your Privacy Rights & Controls

5.1 Data Subject Rights (GDPR/CCPA Compliance)

You have the right to:

• Access: Request copies of your personal data and understand how it's processed
• Rectification: Correct inaccurate or incomplete personal information
• Erasure: Request deletion of your personal data (“right to be forgotten”)
• Portability: Export your data in a structured, machine-readable format
• Restriction: Limit the processing of your personal information
• Objection: Object to processing based on legitimate interests
• Opt-out: Withdraw consent or opt out of marketing communications

5.2 Exercising Your Rights

To exercise any of these rights, contact us at privacy@recopyfast.com. We will respond within 30 days and may require identity verification for security.

6Cookies & Tracking

Types of Cookies We Use

• Essential: Required for authentication and basic functionality
• Performance: Analyze site performance and user experience
• Functional: Remember your preferences and settings
• Security: Detect suspicious activity and prevent fraud

You have full control over cookies through browser settings and our cookie consent banner.

7Data Retention

• Account Data: Retained for the duration of your account
• Content Data: Retained as long as needed for service delivery
• Usage Analytics: Aggregated and anonymized after 12 months
• Security Logs: Retained for 7 years for compliance
• Support Communications: Retained for 3 years

When data is deleted, we use secure deletion methods including cryptographic erasure to ensure data cannot be recovered.