Privacy Policy

Last updated: October 6, 2024

1. Introduction

Classy Comments ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Password (encrypted)
  • Account creation date
  • Subscription plan information

2.2 Comment Processing Data

When you use our comment refinement service in AI mode, we collect:

  • Original comment text
  • Refined comment text
  • Processing metadata (timestamp, status, AI provider used)
  • Domain where the comment was submitted
  • Configuration settings used (formality level, tone, etc.)

Important: In Demo Mode, no comment data is sent to our servers. All processing happens locally in the user's browser.

2.3 Usage Data

We automatically collect:

  • API usage statistics (number of requests, timestamps)
  • Browser type and version
  • IP address (for security and rate limiting)
  • Referring domain
  • Error logs and debugging information

2.4 Payment Information

Payment processing is handled by third-party payment processors (Stripe). We do not store full credit card numbers. We retain:

  • Last 4 digits of credit card
  • Card expiration date
  • Billing address
  • Transaction history

3. How We Use Your Information

We use collected information for:

  • Service Delivery: Process comment refinements through AI providers
  • Account Management: Create and maintain your account, process subscriptions
  • Analytics: Understand usage patterns and improve the Service
  • Security: Detect and prevent fraud, abuse, and security threats
  • Communication: Send service updates, billing notifications, and support messages
  • Compliance: Meet legal obligations and enforce our Terms of Service

4. Data Sharing and Disclosure

4.1 Third-Party Services

We share data with:

  • AI Providers: OpenAI, Anthropic, or Ollama (depending on your settings) to process comment text
  • Payment Processors: Stripe for payment processing
  • Email Services: SendGrid, Mailgun, or similar for transactional emails
  • Hosting Providers: Cloud infrastructure providers for data storage and processing

4.2 Legal Requirements

We may disclose your information if required by law, court order, or legal process, or to protect our rights, property, or safety.

4.3 No Sale of Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Retention

We retain data as follows:

  • Account Information: Until account deletion, then 30 days for backup purposes
  • Comment Data: 90 days for analytics, then anonymized or deleted
  • Usage Logs: 12 months for security and debugging
  • Billing Records: 7 years for tax and legal compliance

6. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Regular security audits and updates
  • Access controls and authentication
  • Rate limiting and DDoS protection
  • Regular backups

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Rights (GDPR)

If you are in the European Economic Area, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a machine-readable format
  • Restriction: Limit how we use your data
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for data processing

To exercise these rights, contact us at privacy@classycomments.com

8. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for authentication and security
  • Analytics Cookies: Understand how users interact with the Service
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings, but disabling essential cookies may affect Service functionality.

9. Children's Privacy

Our Service is not directed to children under 13 (or 16 in the EU). We do not knowingly collect data from children. If we learn we have collected data from a child, we will delete it promptly.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses approved by the European Commission
  • Privacy Shield certification (where applicable)
  • Adequate data protection levels as determined by relevant authorities

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Email notification to your registered email address
  • Prominent notice on our website
  • Updating the "Last updated" date at the top of this policy

Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

For questions or concerns about this Privacy Policy or our data practices, contact us at:

Email: privacy@classycomments.com

Data Protection Officer: dpo@classycomments.com

13. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information
  • Right to deletion of personal information
  • Right to non-discrimination for exercising CCPA rights

Note: We do not sell personal information to third parties.