← Back to Home

Privacy Policy

Last Updated: October 21, 2025

1. Introduction

Welcome to Scandi.click ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our feedback widget platform.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, full name, and password (when signing up with email)
  • OAuth Information: When you sign up with Google, we receive your email address and name from Google
  • Widget Data: Widget configurations, customizations, and settings you create
  • Subscription Information: Billing information and subscription tier (processed securely through Stripe)

2.2 Information We Collect Automatically

  • Feedback Data: Responses collected through your widgets, including IP addresses, user agents, and referrer URLs
  • Analytics Data: Usage statistics collected through Google Analytics to improve our service
  • Cookie Data: Essential session cookies required for authentication and site functionality

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our feedback widget service
  • Process your transactions and manage your subscription
  • Send you service-related communications and updates
  • Respond to your requests, questions, and support needs
  • Analyze usage patterns and improve user experience
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our Terms of Service

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

  • Service Providers: Third-party services that help us operate our platform (Supabase for database, Stripe for payments, Resend for emails, Google Analytics for analytics)
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share your information

5. Data Security

We implement industry-standard security measures to protect your personal information, including encryption, secure authentication, and regular security audits. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. You may delete your account at any time, and we will delete your data within 30 days, except where we are required to retain it for legal or compliance purposes.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request access to your personal data
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to certain processing of your data
  • Restriction: Request restriction of processing in certain circumstances

To exercise these rights, please contact us at doug@djohnson.tech

8. GDPR and CCPA Compliance

We comply with the General Data Protection Regulation (GDPR) for users in the European Economic Area and the California Consumer Privacy Act (CCPA) for California residents. You have specific rights under these regulations, as outlined in Section 7 above.

9. Cookies

We use only essential cookies necessary for authentication and site functionality. We also use Google Analytics cookies to analyze site usage. You can control cookies through your browser settings, but disabling essential cookies may affect site functionality.

10. Third-Party Services

Our service uses the following third-party services:

  • Supabase: Database and authentication services
  • Google OAuth: Social login authentication
  • Google Analytics: Usage analytics
  • Stripe: Payment processing (planned)
  • Resend: Email delivery (planned)

These services have their own privacy policies and may collect data independently. We encourage you to review their privacy policies.

11. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our service, you consent to such transfers.

13. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of the service after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: doug@djohnson.tech

Scandi.click - Simple Feedback Widgets for Your Website