Privacy Policy

1. Introduction

Welcome to TrackMySUB. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our bank bonus tracking service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, username, and password when you create an account
• Profile Information: Optional city, state, phone number, date of birth, and player names (for tracking bonuses for you and a partner/spouse)
• Bank Bonus Data: Bank names, account types, bonus amounts, requirements, checklists, deadlines, dates, notes, and status tracking information
• Attachments: Documents and images you upload (account opening confirmations, bonus requirements, etc.)

2.2 Information From Social Login Providers

When you sign in using a third-party service, we may receive:

• Google: Name, email address, profile picture
• X (Twitter): Username, display name, profile picture
• Instagram: Username, profile picture, email (if available)
• Amazon: Name, email address
• Reddit: Username, profile information

We only request the minimum permissions necessary for authentication and account creation.

2.3 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on the service
• Device Information: IP address, browser type, operating system
• Cookies: Session cookies for authentication and functionality

3. How We Use Your Information

• To provide and maintain our bank bonus tracking service
• To send you important service updates, notifications, and email confirmations
• To personalize your experience and display your bonus tracking data
• To improve our service and develop new features
• To detect and prevent fraud or abuse
• To comply with legal obligations

Important: Your bank bonus data is private to you. We do not share your bonus tracking information with other users, banks, or third parties except as required by law.

4. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

• Consent: When you sign up and agree to our terms
• Contract Performance: To provide the tracking service you requested
• Legitimate Interests: To improve our service and prevent fraud
• Legal Obligation: To comply with applicable laws and regulations

5. Information Sharing and Disclosure

5.1 We Share Information With:

• Email Service Providers: Mailjet or MailerSend for sending account verification and notification emails
• Hosting Providers: Infrastructure providers that host our service
• Legal Requirements: When required by law or to protect our rights

5.2 We Do NOT:

• Sell your personal information to third parties
• Share your bank bonus tracking data with banks or other users
• Use your data for advertising purposes
• Share your email address with third parties for marketing
• Access your actual bank accounts (we only store the tracking information you enter)

6. Third-Party Services

6.1 Social Login Providers

When you use social login, you're subject to the privacy policies of those providers:

• Google: Google Privacy Policy
• X (Twitter): X Privacy Policy
• Instagram/Meta: Meta Privacy Policy
• Amazon: Amazon Privacy Notice
• Reddit: Reddit Privacy Policy

6.2 Email Services

We use Mailjet or MailerSend to send account verification and notification emails. See Mailjet's Privacy Policy and MailerSend's Privacy Policy.

7. Data Security

We implement industry-standard security measures:

• HTTPS encryption for all data transmission
• Secure password hashing
• Regular security updates and monitoring
• Restricted access to personal data
• Secure database storage (PostgreSQL) with encrypted backups
• User-scoped file storage (your uploaded files are only accessible to you)

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Data Retention

• Account Data: Retained while your account is active
• Bank Bonus Data: Retained while your account is active or until you delete it
• Uploaded Files: Retained until you delete them or your account is deleted
• Deleted Accounts: Personal data permanently deleted within 30 days of account deletion request

9. Your Privacy Rights

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data through your account settings
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in a structured, machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at [email protected].

9.1 California Privacy Rights (CCPA)

California residents have additional rights:

• Right to know what personal information is collected, used, and shared
• Right to delete personal information
• Right to opt-out of the sale of personal information (we don't sell data)
• Right to non-discrimination for exercising privacy rights

10. Cookies and Tracking

We use cookies for:

• Essential Cookies: Required for authentication and security
• Functional Cookies: Remember your preferences and settings

You can control cookies through your browser settings. Disabling essential cookies may affect functionality.

11. Children's Privacy

Our service is not intended for children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately.

12. International Data Transfers

Your information may be transferred to and processed in the United States. We ensure appropriate safeguards are in place to protect your data in accordance with this privacy policy and applicable laws.

13. No Connection to Financial Institutions

Important: TrackMySUB is a personal tracking tool only. We do not:

• Connect to your actual bank accounts
• Have access to your banking credentials or account numbers
• Process financial transactions
• Provide financial advice or recommendations
• Share data with banks or financial institutions

All information you enter is for your personal tracking purposes only.

14. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by:

• Posting the new policy on this page
• Updating the "Last Updated" date
• Sending an email notification for material changes

Continued use of our service after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this privacy policy or our data practices, please contact us:

16. Account and Data Deletion

You can delete your account and all associated data at any time:

1. Log in to TrackMySUB
2. Go to your account settings
3. Click "Delete Account" (or contact us at [email protected])

We will permanently delete your personal data, bonus tracking information, and uploaded files within 30 days.