Depolay

Privacy Policy

Last Updated: January 25, 2026

1. Overview

At Depolay, we value your privacy. This Privacy Policy explains how we collect, use, and share information when you use our subscription-based SaaS platform (the “Service”).

2. Information We Collect

  • Account Information: When you register, we collect your email address, name, and a password hash.
  • Usage Data: We may collect information about how you interact with the Service (e.g., pages visited, features used, device/browser information) to improve performance and reliability.
  • Business Data: Information you input regarding your inventory, orders, shipments, and related business records is stored to provide the core functionality of the Service.
  • Support Communications: If you contact us, we may collect the information you provide to help resolve your request.

3. How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve the Service;
  • Create and manage your account;
  • Provide customer support and respond to inquiries;
  • Monitor and prevent fraud, abuse, and security incidents;
  • Comply with legal obligations.

4. Legal Basis (GDPR)

If you are located in the European Economic Area (EEA) or the UK, we process personal data under the following legal bases:

  • Contract: to provide the Service and manage your subscription.
  • Legitimate Interests: to secure, maintain, and improve the Service, prevent fraud, and ensure reliability.
  • Legal Obligations: to comply with applicable laws and regulations.
  • Consent (where required): for optional communications or features that require consent. You may withdraw consent at any time.

5. Data Storage and Security

We use reasonable, industry-standard security measures to protect your data. The Service is hosted using third-party infrastructure providers (for example, Supabase and Vercel). While we take steps designed to protect your information, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

6. Payments and Card Data

Payments are processed by Paddle, our Merchant of Record. Depolay does not store or process full payment card details. Paddle may process billing and transaction data to provide payment services and comply with legal requirements.

7. Data Sharing and Third Parties

We do not sell your personal data. We may share information with trusted third-party service providers only as necessary to operate and improve the Service (e.g., hosting, databases, analytics, and payment processing). These providers are expected to protect your data and use it only for the purposes we specify.

8. Data Retention

We retain personal data only as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion of your account and associated personal data, subject to legal retention requirements.

9. International Transfers

Our service providers may process data outside your country. Where applicable, we rely on appropriate safeguards for international data transfers, such as standard contractual clauses or equivalent mechanisms.

10. Your Rights (GDPR)

If you are a resident of the EEA/UK, you have certain data protection rights, including:

  • The right to access, update, or delete your personal data;
  • The right of rectification;
  • The right to object;
  • The right of restriction;
  • The right to data portability;
  • The right to withdraw consent (where processing is based on consent).

11. Cookies

We use cookies and similar technologies to maintain sessions and preferences and to help operate the Service. You can instruct your browser to refuse cookies or indicate when a cookie is being sent. If you do not accept cookies, some portions of the Service may not function properly.

12. Contact Us

If you have any questions about this Privacy Policy or want to exercise your rights, please contact us at support@depolay.com.