Privacy Policy | ScripTreeApps

# How ScripTreeApps handles your information

> Plain-language summary. The full privacy policy is in `docs/legal/privacy-policy-draft.md`.

We try to handle as little information about you as we can get away with, and to be clear about what we do collect.

**What we collect.**
- Your email and a password (we never see the password — it's stored as a one-way hash).
- A display name you choose. It can be a pseudonym.
- The list of apps you bought, when, and how much. Stripe handles your card details — we don't store the card.
- Your IP address and approximate location (province), so we can compute the right sales tax and keep the platform secure.
- Reviews you write.

**What we don't collect.**
No advertising profiles. No marketing-list memberships. No biometrics, no precise GPS. We don't have third-party tracking pixels on the storefront.

**Where it's stored.**
On Canadian servers. Stripe processes payments in the United States — so a portion of your purchase data goes through Stripe's US infrastructure. That's the only cross-border processor at MVP.

**What we do with it.**
- Run your account, fulfil purchases, send you transactional notifications (purchase confirmation, "update available" notice, refund confirmation).
- Comply with Canadian tax law and recordkeeping rules.
- Operate and protect the platform.
- Detect fraud and abuse through analysis of account-creation velocity, review similarity patterns, and IP address data (see "Protecting Against Fraud" below).

**Protecting against fraud.**
To keep the platform safe from fake accounts and coordinated review manipulation, we collect and analyze:
- **Account creation velocity** — whether many accounts are being created from the same IP address in a short time
- **Review text similarity** — comparing reviews across accounts to spot coordinated fake reviews or sock-puppet accounts
- **IP address and location data** — to detect unusual activity and account takeovers

These fraud signals are used only to identify and prevent abuse. We keep this data for up to 90 days, then delete it. If you're a victim of account takeover or fraud, we use this data to help you recover. If you're the person committing fraud, we use it to stop you and protect other users.

**What we don't do with it.**
We don't sell or rent personal information. Producers can see anonymised purchase counts and verified-purchase flags on reviews — they cannot see your email, address, or IP unless you contact them yourself.

**Account deletion with a grace period.**
You can request account deletion at any time from your Account Settings. When you do, your account is scheduled for permanent deletion — but not immediately. Instead:
- Your account is deleted 30 days after your request.
- During those 30 days, your account is fully active (you can still log in and use it).
- You can cancel the deletion request anytime during the grace period with no questions asked.
- After 30 days, deletion is permanent and irreversible.

When your account is deleted:
- Your email, name, login credentials, and payment information are removed.
- Your purchase history and reviews are kept (anonymized), as required by tax law.
- If you've published apps, your producer profile is kept so buyers can download past purchases.

**Your rights under PIPEDA.**
- **Access** — ask what we have. We respond within 30 days. You can request your data at any time from Account > Privacy, or email us at `privacy@scriptreeapps.com`.
- **Correction** — tell us if something is wrong; we fix it.
- **Withdraw consent / close account** — at any time, from Account Settings. Some records (purchases, taxes) we have to keep by law for 6 years.
- **Complain** — to us first at `privacy@scriptreeapps.com`. If you're not satisfied, you can take it to the Office of the Privacy Commissioner of Canada at https://www.priv.gc.ca.

**Support tickets and developers.**
If you file a support ticket about a specific app, we may share the text of your ticket with the developer of that app to help them fix the problem. We never share your email address, account name, or any other personal information with developers. The developer only sees what you wrote in the ticket body. You can ask us not to share by including "do not share with developer" in your ticket, and we will handle it directly.

**App update notifications — opt-in.**
If you own an app and a developer releases a new version, we can notify you by email. This is optional — you choose whether to receive these notifications.
- You can opt in anytime from Account > Preferences > Email.
- You receive a weekly digest email listing all available updates for apps you own.
- Each email includes release notes and a link to download.
- You can opt out anytime from the same preferences page.
- Opting out doesn't prevent you from checking for updates manually in your account — it just stops the email reminders.

**Security.**
TLS in transit, encryption at rest, strict access controls. If we have a serious breach we'll tell you and the OPC.

---

## For people in the EU or EEA

If you're in the European Union or European Economic Area, the GDPR gives you additional privacy rights:

- **Right to access** — ask for a copy of your data anytime.
- **Right to rectification** — we'll fix inaccurate data.
- **Right to erasure ("right to be forgotten")** — request permanent deletion of your account (see "Account deletion with a grace period" above).
- **Right to restrict processing** — ask us to limit how we use your data.
- **Right to object** — object to how we process your information.
- **Right to data portability** — ask for your data in a portable format (e.g. CSV or JSON).
- **Right to lodge a complaint** — you can complain to your local data protection authority (e.g. the CNIL in France, the ICO in the UK).

To exercise any of these rights, email us at `privacy@scriptreeapps.com` or visit Account > Privacy > Request My Data. We'll respond within 30 days (or as required by law).

**Legal basis for processing.**
We process your data under these legal bases (per GDPR Article 6):
- **Contract** — to provide you with the services you've paid for.
- **Legal obligation** — to comply with tax laws, payment regulations, and fraud prevention.
- **Legitimate interest** — to keep the platform secure, prevent abuse, improve our service.
- **Consent** — when you choose to opt in (e.g., app update email digests).