Privacy Policy

Last Updated: December 2024

1. Introduction

Policy Guard ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

2.1 Personal Information

  • Email address (for account creation and communication)
  • Name (optional, for personalization)
  • Payment information (processed securely via Razorpay)

2.2 Company Information

  • Company name (used in policy generation)
  • Industry type (for policy customization)
  • Company size (for appropriate policy recommendations)
  • Compliance targets (SOC 2, HIPAA, etc.)

2.3 Usage Data

  • Policies generated and downloaded
  • Login timestamps and session information
  • Browser type and device information

3. How We Use Your Information

  • To provide and maintain our Service
  • To generate customized security policies
  • To process payments and manage subscriptions
  • To send transactional emails (receipts, policy ready notifications)
  • To improve our templates and service quality
  • To respond to support inquiries

4. Data Sharing

We do NOT sell your personal data. We share data only with:

  • Razorpay: For payment processing
  • Policy generation providers: For template customization (anonymized prompts)
  • Resend: For email delivery
  • Google Cloud: For hosting and infrastructure

5. Data Security

We implement industry-standard security measures including:

  • HTTPS encryption for all data in transit
  • Encrypted database storage
  • Secure password hashing (bcrypt)
  • Regular security audits
  • Limited employee access to user data

6. Your Rights (GDPR)

Under GDPR and similar regulations, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a portable format
  • Objection: Object to certain processing of your data

To exercise these rights, contact us at: support@policyguardhq.com

7. Data Retention

We retain your data for as long as your account is active. Upon account deletion:

  • Personal data is deleted within 30 days
  • Generated policies are permanently deleted
  • Payment records are retained for 7 years (legal requirement)

8. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.

9. Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service.

11. Contact Us

For privacy-related inquiries:

Email: support@policyguardhq.com

Support: support@policyguardhq.com