Privacy policy

Effective Date: 2025-06-04

1. Introduction

At Refreshio, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and safeguard information when you interact with our website and sign up for our waitlist (collectively, the "Services").

We are dedicated to processing your personal data in accordance with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant global privacy regulations.

By using our website and signing up for the waitlist (Get early access), you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein.

2. Information We Collect

We may collect the following categories of information:

  • Information you provide: such as your email address when you sign up for updates or request early access.

You provide this information voluntarily by entering your email address and ticking the consent checkbox on our website’s waitlist form.

  • Automatically collected data: including but not limited to your country, browser type, device information, and IP address, collected via cookies or similar technologies.

3. Use of Information

We use the information we collect for purposes such as:

  • Communicating with you about our services, updates, and offers
  • Analyzing user behavior to improve our website
  • Personalizing your experience based on your location, device, and preferences
  • Meeting legal, regulatory, or compliance obligations

We process your personal data — specifically, your email address — based on your explicit consent, in accordance with Article 6(1)(a) of the GDPR. By signing up for early access on our website and confirming your subscription, you give clear and affirmative consent for us to contact you about the release of our app, as well as to provide relevant updates and service-related communications.

4. Data Storage and Security

We store your data using secure, GDPR-compliant cloud-based service providers, including Supabase, which acts as our data backend and is hosted within the European Union. Supabase employs industry-standard security measures to protect personal data from unauthorized access, alteration, or loss.

We also rely on Cloudflare to secure our web traffic and protect against malicious activity. Cloudflare acts as a reverse proxy and may process your IP address and request metadata for performance and security purposes.

All providers are selected based on their adherence to strong data protection and privacy practices, including compliance with the GDPR and other applicable laws.

5. Data Retention

We retain your personal data only as long as necessary for the purposes described in this Privacy Policy or to comply with legal obligations. You can request deletion of your data by contacting us.

6. Your Rights

6.1 GDPR Compliance (For Users in the EEA)

If you are located in the European Economic Area (EEA), we process your personal data in accordance with the GDPR. You have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete data
  • Delete your data ("right to be forgotten")
  • Restrict or object to processing
  • Withdraw consent at any time
  • Request data portability

To exercise these rights, contact us at privacy@refreshio.app

6.2 Your Data Protection Rights

Depending on your location and applicable laws, you may have the right to:

  • Access your personal data and receive a copy of it
  • Correct inaccurate or incomplete data we hold about you
  • Delete your personal data ("right to be forgotten")
  • Object to or restrict how we process your data
  • Withdraw your consent at any time, where processing is based on consent
  • Request data portability, allowing you to move your data to another service provider

To exercise any of these rights, please contact us at privacy@refreshio.app We will respond to your request in accordance with applicable data protection laws and within a reasonable timeframe.

7. California Privacy Rights (If Applicable)

If you are a California resident, you may have rights under the CCPA/CPRA, including:

  • Knowing what categories of personal data we collect
  • Requesting deletion of your personal data
  • Opting out of the sale or sharing of personal information

To make a request, please email us at privacy@refreshio.app

8. Do Not Track (CalOPPA)

Our website does not currently respond to "Do Not Track" signals. However, we honor privacy preferences and comply with relevant privacy regulations.

9. Use of Cookies and Tracking Technologies

We and our third-party service providers may use cookies, pixels, web beacons, and similar tracking technologies to collect and store information about your interaction with our website.

These technologies help us:

  • Understand user behavior and preferences
  • Measure the effectiveness of our marketing campaigns
  • Enhance your experience with our Services

You can manage cookies via your browser or device settings.

10. Use of Third-Party Services

We use third-party tools for analytics and infrastructure, including:

  • Supabase (database and backend, EU-hosted)
  • Cloudflare (security and performance, privacy-focused)
  • Umami Cloud (cookie-free analytics, anonymized and hosted in the EU)

These tools may process limited pseudonymous data. No personally identifiable information is stored by these tools.

11. Analytics

We use privacy-focused analytics services:

  • Cloudflare Web Analytics: Anonymous usage metrics without cookies.
  • Umami Cloud Analytics: Hosted by Umami Software, Inc., using pseudonymous identifiers to collect aggregated statistics.

Both comply with GDPR and CCPA.

12. Children’s Privacy

Our Services are not directed to children under 13 (or the age required in your jurisdiction), and we do not knowingly collect personal information from them.

13. International Data Transfers

While we store data in the EU, our services may involve technical infrastructure in other countries. We ensure all international data transfers comply with relevant legal frameworks (e.g., GDPR SCCs where applicable).

14. Changes to This Policy

We may modify this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The updated version will be posted on our website with a revised "Effective Date."

15. Governing Law and Jurisdiction

This Privacy Policy shall be governed by applicable laws and regulations, without regard to conflict of law principles.

16. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: privacy@refreshio.app