Greeneville.dev
Home/Legal

Privacy Policy

Effective Date: December 1, 2025

Greeneville.dev ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, phone number, company name, billing address
  • Project Content: Text, images, files, and other materials you provide for your website
  • Communications: Messages, support tickets, feedback, and correspondence
  • Payment Information: Credit card details (processed securely by Stripe; we do not store full card numbers)

1.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system, device type
  • Usage Data: Pages visited, time spent, referring URL, click patterns
  • Cookies: See our Cookie Policy for details

1.3 Information from Third Parties

  • Analytics Providers: Aggregated usage statistics
  • Payment Processors: Transaction confirmations and billing details
  • OAuth Providers: Profile information when you connect services (Google, GitHub, etc.)

2. How We Use Your Information

  • Service Delivery: Create accounts, provide services, process payments, customer support
  • Service Improvement: Analyze usage patterns, develop new features
  • Communication: Service notifications, support responses, marketing (with consent)
  • Security: Detect fraud, comply with legal obligations, enforce our terms

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your data based on:

  • Contract Performance: To provide services you've requested
  • Legitimate Interests: To improve services, prevent fraud, ensure security
  • Consent: For marketing communications and non-essential cookies
  • Legal Obligation: To comply with applicable laws

4. Information Sharing and Disclosure

We do not sell your personal information.

We may share data with:

  • Hosting: Vercel, AWS (infrastructure)
  • Database: Supabase (data storage)
  • Payments: Stripe (payment processing)
  • Email: Resend (transactional emails)
  • Analytics: Vercel Analytics (usage tracking, if consented)

We may also disclose information when required by law or to protect our rights.

5. Data Retention

  • Account Data: Duration of account plus 3 years
  • Project Files: 90 days after service termination
  • Invoices/Financial Records: 7 years (legal requirement)
  • Support Communications: 3 years
  • Analytics Data: 26 months

6. Your Rights

6.1 Rights for All Users

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data (subject to legal retention requirements)
  • Opt-Out: Unsubscribe from marketing communications

6.2 Additional Rights for EEA Residents (GDPR)

  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Request restriction of processing in certain circumstances
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time
  • Lodge Complaint: File a complaint with your local data protection authority

6.3 California Residents (CCPA/CPRA)

  • Know: Right to know what personal information is collected
  • Delete: Right to request deletion of personal information
  • Opt-Out of Sale: We do not sell personal information
  • Non-Discrimination: Right not to be discriminated against for exercising rights

To exercise these rights, contact us at privacy@greeneville.dev. We will respond within 45 days (or 30 days for GDPR requests).

7. Cookies and Tracking

We use cookies and similar technologies. For detailed information, see our Cookie Policy. You can manage preferences via our cookie consent banner or browser settings.

8. Data Security

  • Encryption in transit (TLS/SSL) and at rest
  • Regular security assessments and monitoring
  • Access controls and authentication
  • Incident response procedures

9. International Data Transfers

Your data may be transferred to countries outside your residence, including the United States. We ensure appropriate safeguards including Standard Contractual Clauses (SCCs) and Data Processing Agreements.

10. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children.

11. Do Not Track

We honor Do Not Track browser signals. When DNT is enabled, we disable non-essential tracking and analytics.

12. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email.

13. Contact Us

For privacy-related questions or to exercise your rights:

Last updated: December 1, 2025