Legal

Privacy Policy

Last Updated: December 30, 2024

Introduction

NeverExpireAgain ("we", "us", or "our") operates the Never Expire Again service at neverexpireagain.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and ensuring you understand how your data is handled. Please read this policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

Data We Collect

Information You Provide

  • Account Information: When you register, we collect your name, email address, and password (stored securely hashed).
  • Profile Information: Optional information you add to your profile, such as company name or profile picture.
  • Expiration Data: Information about items you track, including names, dates, categories, notes, and associated metadata.
  • Payment Information: If you subscribe to a paid plan, payment details are processed by our payment provider (Stripe). We do not store full credit card numbers.
  • Communications: When you contact us for support, we retain those communications.

Information Collected Automatically

  • Usage Data: We collect information about how you interact with the Service, including pages visited, features used, and actions taken.
  • Device Information: Browser type, operating system, device type, and screen resolution.
  • Log Data: IP address, access times, and referring URLs.
  • Cookies: We use essential cookies for authentication and session management. See our Cookie Policy for details.

Information from Third Parties

  • Domain/SSL Data: When you add a domain, we query public WHOIS records and SSL certificate data. This information is publicly available.

How We Use Your Data

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Send you expiration reminders and notifications you've requested
  • Process transactions and send related information
  • Respond to your comments, questions, and support requests
  • Send administrative information (service updates, security alerts)
  • Analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues or abuse
  • Comply with legal obligations

If you are in the European Economic Area (EEA), we process your personal data based on:

  • Contract Performance: Processing necessary to provide you with the Service you signed up for.
  • Legitimate Interests: Processing for our legitimate business interests (e.g., fraud prevention, service improvement) where not overridden by your rights.
  • Consent: Where you have given specific consent for certain processing activities.
  • Legal Obligations: Processing necessary to comply with applicable laws.

Data Sharing and Third Parties

We do not sell your personal data. We may share your information with:

  • Service Providers: Third parties that help us operate the Service. See our Subprocessors page for a complete list.
  • Legal Requirements: When required by law, court order, or governmental authority.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.
  • With Your Consent: When you explicitly authorize us to share information.

Data Retention

We retain your personal data for as long as necessary to:

  • Provide you with the Service
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal purposes.

Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your personal data ("right to be forgotten").
  • Portability: Request your data in a portable format.
  • Objection: Object to certain types of processing.
  • Restriction: Request restriction of processing.
  • Withdraw Consent: Where processing is based on consent, withdraw it at any time.

To exercise these rights, please contact us at [PRIVACY_EMAIL].

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We are based in [DATA_LOCATION] and our servers are located in [SERVER_LOCATION].

For transfers from the EEA to countries not deemed adequate by the European Commission, we rely on Standard Contractual Clauses or other lawful transfer mechanisms.

Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS) and at rest, access controls, and regular security assessments. See our Security page for more details.

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. For significant changes, we may also send you an email notification.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Privacy Inquiries

Email: [PRIVACY_EMAIL]

Mailing Address

NeverExpireAgain
[COMPANY_ADDRESS]