Privacy Policy

Last updated: January 2025

1. Introduction

VizStack ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our data visualization API service.

By using VizStack, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Company name (optional)
  • Password (encrypted and hashed)
  • Account creation date

2.2 API Usage Data

When you use our API, we automatically collect:

  • API request timestamps and frequency
  • Chart types and parameters requested
  • Response times and status codes
  • Error logs and debugging information
  • IP addresses and geographic location (for security and abuse prevention)
  • User agent and device information

2.3 Chart Data

We temporarily process the data you submit for chart generation. This data is held in memory during processing and is not permanently stored unless you explicitly choose to save charts to your account. Temporary processing data is automatically deleted after rendering is complete or after 24 hours, whichever comes first.

2.4 Payment Information

For paid accounts, we collect billing information including credit card details through our payment processor (Stripe). We do not directly store complete credit card numbers on our servers. We retain transaction history and billing addresses for accounting purposes.

2.5 Cookies and Tracking

We use cookies and similar tracking technologies to track activity on our Service and hold certain information. Cookies are files with small amounts of data that may include an anonymous unique identifier.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our API service and generate your requested charts
  • Account Management: To manage your account, authenticate your identity, and provide customer support
  • Billing: To process payments and maintain accurate billing records
  • Analytics: To analyze usage patterns, optimize performance, and develop new features
  • Security: To detect, prevent, and address technical issues, fraud, and abuse
  • Communication: To send you technical notices, updates, security alerts, and support messages
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes

4. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Account Data: Retained for the duration of your account and up to 90 days after account deletion
  • API Logs: Retained for 90 days for debugging and security purposes
  • Chart Data: Temporary data deleted after processing; saved charts retained until you delete them
  • Billing Records: Retained for 7 years for tax and accounting purposes
  • Anonymized Analytics: Retained indefinitely in aggregated, non-identifiable form

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

5.1 Service Providers

We may share your information with third-party service providers who perform services on our behalf:

  • Payment processing (Stripe)
  • Cloud hosting and infrastructure (AWS, Vercel)
  • Email delivery services
  • Analytics and monitoring tools

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or government regulations).

5.3 Business Transfers

If VizStack is involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different Privacy Policy.

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (TLS/SSL) and at rest (AES-256)
  • Regular security audits and penetration testing
  • Access controls and authentication mechanisms
  • Automated backup and disaster recovery procedures
  • Employee training on data privacy and security best practices

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

You have the right to request access to the personal information we hold about you and to receive a copy of it in a portable format.

7.2 Correction

You have the right to request correction of inaccurate or incomplete personal information. You can update most information directly through your account settings.

7.3 Deletion

You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal retention requirements). You can delete your account at any time through your account settings or by contacting us.

7.4 Opt-Out

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email. Note that you cannot opt out of transactional emails related to your account or service usage.

To exercise any of these rights, please contact us at support@vizstack.dev.

8. International Data Transfers

Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. If you are located outside the United States and choose to provide information to us, please note that we transfer the information to the United States and process it there. We ensure appropriate safeguards are in place for such transfers.

9. Children's Privacy

Our Service is not intended for use by children under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If you become aware that a child has provided us with personal information, please contact us immediately so we can delete such information.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information held by businesses
  • Right to opt-out of the sale of personal information (we do not sell your information)
  • Right to non-discrimination for exercising your CCPA rights

11. GDPR Compliance

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Legal basis for processing: We process your data based on contract performance, legal obligations, and legitimate interests
  • Data protection officer: Contact us at support@vizstack.dev for DPO inquiries
  • Right to lodge a complaint with a supervisory authority in your jurisdiction

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For material changes, we will provide at least 30 days advance notice via email or through a prominent notice on our Service.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

VizStack Privacy Team

Email: support@vizstack.dev

Response time: Within 48 hours