1. Who we are
This service ("MLM Sales Tracker", "the service", "we", "us") is operated by an individual developer.
Replace with: legal name, address (or country of residence), and a contact email for privacy enquiries. EU/GDPR transparency rules require an identifiable controller — pseudonyms are not sufficient.
2. Data we collect
We collect only the data needed to operate the service:
- Account data: email address, and any profile details you choose to provide.
- Application data: sales records, inventory, products, and stats you enter into the app.
- Communications: emails you send us and the email address you submit to the early-access list.
- Technical data: IP address, browser/device type, pages viewed, and basic interaction events.
3. Why we use your data (legal basis)
- To provide the service — performance of contract.
- To send the early-access confirmation email and product updates — your consent, withdrawable at any time.
- To improve the product and detect abuse — our legitimate interest, balanced against your rights.
4. Sub-processors
We rely on the following third parties to run the service. Your data may be processed by them under their own privacy terms:
- Vercel Inc. — hosting and edge delivery.
- Resend — transactional email delivery (early-access confirmations).
- PostHog — product analytics (EU region).
- List your database provider, auth provider, and any other vendor you add (e.g. Supabase, Stripe, Sentry).
5. Cookies and analytics
We use PostHog to understand how the site and app are used. PostHog may set cookies or use local storage to identify returning visitors. No advertising trackers are used.
If you serve EU/UK visitors, you likely need an explicit consent banner before loading non-essential analytics. Confirm your PostHog configuration (cookieless mode, EU host, person-profile mode) reflects what you describe here.
6. Your rights
Under GDPR (and equivalent laws), you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Request deletion of your data ("right to be forgotten").
- Export your data in a portable format.
- Withdraw consent for marketing emails at any time (use the unsubscribe link or contact us).
- Lodge a complaint with your local data protection authority.
To exercise any of these rights, contact us at the email below. We aim to respond within 30 days.
7. Data retention
We keep account and application data for as long as your account is active. If you delete your account, we delete your data within a reasonable period (typically 30 days), except where we are legally required to retain it.
Early-access subscribers who do not confirm their email are removed automatically.
8. Security
We use reasonable technical and organisational measures to protect your data, including TLS in transit and access controls. No service can guarantee absolute security; we cannot promise that data will never be lost or exposed.
9. International transfers
If sub-processors store data outside the EU/EEA, list the legal mechanism used (Standard Contractual Clauses, adequacy decision, etc.). Vercel and PostHog support EU-region hosting; verify your project is configured for it.
10. Changes to this policy
We may update this policy. Material changes will be announced on the service or by email. The "last updated" date above reflects the most recent revision.
11. Contact
Replace with a real contact email (e.g. privacy@mlmsalestracker.com)
and a postal address if required by your jurisdiction.