Privacy Policy

1. Introduction

At SubDupes, your privacy is our top priority. This Privacy Policy explains how we collect, use, store, and protect your personal information. We are committed to transparency and giving you control over your data.

Privacy-First Promise: SubDupes never requires bank account access or full inbox OAuth permissions. You control what data you share with us.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, and password when you create an account
• Subscription Data: Information about your subscriptions that you manually add or forward to your SubDupes alias email
• Payment Information: Billing details processed securely through our payment processor (we do not store full credit card numbers)
• Communication Data: Messages you send us for support or feedback

2.2 Information Collected Automatically

• Usage Data: How you interact with SubDupes (features used, pages viewed)
• Device Information: Browser type, operating system, IP address
• Cookies: Small data files to improve your experience (see Cookie Policy below)

2.3 Information We Do NOT Collect

3. How We Use Your Information

We use your information to:

• Track and organize your subscription data
• Send you renewal and trial end alerts
• Detect price hikes and subscription changes
• Generate reports and export data (CSV/PDF) for your records
• Process your payments and manage your subscription
• Improve our Service and develop new features
• Communicate with you about updates, security, and support
• Comply with legal obligations

4. Email Forwarding and Processing

SubDupes provides you with a unique alias email address (e.g., yourname@subdupes.com). When you forward subscription-related emails to this address:

• We parse the email to extract subscription details (vendor, amount, renewal date)
• We store only the relevant subscription information, not full email content
• You control what emails are forwarded to us
• We do not access your inbox or other emails
• You can stop forwarding at any time

5. How We Share Your Information

We do not sell your personal information. We may share your data only in these limited circumstances:

• Service Providers: Third-party services that help us operate (e.g., payment processors, cloud hosting). These providers are contractually bound to protect your data
• Legal Requirements: When required by law, court order, or to protect our rights
• Business Transfers: In the event of a merger or acquisition (you will be notified)
• With Your Consent: Any other sharing requires your explicit permission

6. Data Security

We implement industry-standard security measures to protect your data:

• Encryption of data in transit (HTTPS/TLS) and at rest
• Secure authentication and password hashing
• Regular security audits and monitoring
• Access controls limiting who can view your data
• Secure backup and disaster recovery procedures

While we take extensive precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your data as long as your account is active. When you close your account:

• You can export all your data before deletion
• We delete your personal information within 30 days
• Some data may be retained for legal compliance (e.g., payment records)
• Anonymized data may be retained for analytics

8. Your Privacy Rights

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your data ("right to be forgotten")
• Export: Download your data in CSV or PDF format
• Opt-Out: Unsubscribe from marketing emails (alert emails are essential to the Service)
• Restrict Processing: Limit how we use your data

To exercise these rights, contact us at privacy@subdupes.com.

9. Cookies and Tracking

SubDupes uses cookies to improve your experience:

• Essential Cookies: Required for authentication and core functionality
• Analytics Cookies: Help us understand how you use SubDupes (Google Analytics)
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

10. Third-Party Services

SubDupes integrates with select third-party services:

• Payment Processing: Stripe (for secure payment handling)
• Analytics: Google Analytics (for usage insights)
• Cloud Hosting: [Your hosting provider] (for data storage)

These services have their own privacy policies. We carefully vet all third-party providers to ensure they meet our privacy standards.

11. Children's Privacy

SubDupes is not intended for users under 18 years of age. We do not knowingly collect information from children. If we discover we have collected data from a child, we will delete it immediately.

12. International Data Transfers

SubDupes operates globally. Your data may be transferred to and stored in countries outside your residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws (including GDPR for EU users).

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through the Service. The "Last Updated" date at the top reflects the most recent revision. Continued use of SubDupes after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Email: privacy@subdupes.com
Website: https://subdupes.com
Data Protection Officer: dpo@subdupes.com