Privacy Policy
Last updated: April 5, 2025
Introduction
Welcome to SystemSculpt ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal information in compliance with applicable US data privacy laws. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (systemsculpt.com) or use our services.
Please read this Privacy Policy carefully. By accessing our site or using our services, you acknowledge you have read and understood this policy. If you do not agree with the terms, please do not access the site or use our services.
Information We Collect
We collect information about you in various ways when you use our services:
- Account Information: When you create an account using our authentication provider, Clerk, we collect your name, email address, and a unique Clerk User ID. We store this information in our database along with your preferred timezone (if provided) and your admin status within our system.
- Transaction & Usage Information: When you purchase digital products or session credits, our payment processor, Stripe, handles the transaction. We store details about your purchase history (products, dates, amounts), session usage, and subscription details (if applicable) in our database. This includes associated Stripe identifiers (like Customer ID or Subscription ID) but we do not store your full credit card number on our servers. We also track which resources you have access to.
- Newsletter Subscription Information: If you subscribe to our newsletter, we collect your email address and optionally your name. We may also store the source of your subscription (e.g., footer form, banner), your IP address for verification and rate limiting, associated UTM parameters (if you clicked a tracked link), and your indicated content preferences. This information is stored in our database.
- Cart Information: If you add items to your shopping cart while logged in, we may store the items added and link them to your user ID in our database to potentially remind you of abandoned carts.
- Website Usage Data: We use Vercel Analytics and Vercel Speed Insights to automatically collect information about how you interact with our website. This may include your IP address, browser type, device type, operating system, pages visited, time spent on pages, links clicked, and other interaction data. This data is typically aggregated and pseudonymized.
- Communications: If you contact us directly via email (e.g., at mike@systemsculpt.com), we will have a record of that correspondence, including your email address and the content of your message.
How We Use Your Information
We use the information we collect for legitimate business purposes, including to:
- Provide, operate, maintain, and improve our website and services.
- Process your transactions, manage your subscriptions, and send related information like confirmations and invoices.
- Manage your account and provide customer support.
- Respond to your comments, questions, and requests.
- Send you technical notices, updates, security alerts, and administrative messages.
- Communicate with you about products, services, offers, promotions, and events offered by SystemSculpt (you can opt-out of marketing communications).
- Monitor and analyze trends, usage, and activities to understand how our services are used and to improve them.
- Detect, investigate, and prevent fraudulent transactions, security incidents, and other illegal activities.
- Personalize your experience on our website.
- Comply with legal obligations.
Information Sharing and Disclosure
We do not sell your personal information. We may share your information in the following limited circumstances:
- Service Providers: We share information with third-party vendors and service providers who need access to your information to perform services on our behalf. These include:
- Clerk: For user authentication, account management, and session management.
- Stripe: For secure payment processing.
- Vercel: For website hosting, deployment, analytics, and speed insights.
- Mailgun: For sending transactional emails (like password resets, purchase confirmations) and newsletters.
- Other providers for database hosting, infrastructure, and IT services.
- Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency), such as to meet national security or law enforcement requirements.
- Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company. We will notify you of such an event.
- With Your Consent: We may share your information for other purposes if we have obtained your explicit consent to do so.
Data Security
We implement appropriate technical and organizational security measures designed to protect the security of your personal information from unauthorized access, use, or disclosure. However, please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
Data Retention
We retain your personal information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods may vary depending on the type of information and the reason for its collection. For example:
- Account information is generally kept as long as your account exists.
- Transaction data may be kept longer to comply with financial regulations.
- Newsletter subscription data is kept until you unsubscribe.
You can request the deletion of your data as described in the "Your Rights" section. Some data may be retained in anonymized or aggregated form or in backups according to our data retention policies and legal requirements.
Your Rights (US Residents)
Depending on your location (particularly if you are a resident of states like California), you may have certain rights regarding your personal information under laws like the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA). These may include:
- Right to Know/Access: The right to request information about the categories and specific pieces of personal information we have collected about you, the sources of the information, the purposes for collecting it, and the categories of third parties with whom we share it.
- Right to Correct: The right to request correction of inaccurate personal information we hold about you.
- Right to Delete: The right to request the deletion of your personal information, subject to certain exceptions (e.g., completing a transaction, detecting security incidents, complying with legal obligations).
- Right to Opt-Out of Sale/Sharing: We do not "sell" personal information in the traditional sense. We also do not "share" personal information for cross-context behavioral advertising. Therefore, there is no need to opt-out of sale/sharing.
- Right to Non-Discrimination: The right not to be discriminated against for exercising your privacy rights.
- Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information beyond what is necessary for account creation and payment processing, and we do not use it for purposes requiring a right to limit under CCPA/CPRA.
To exercise these rights, please contact us using the information provided in the "Contact Us" section below. We will need to verify your identity before processing your request.
Cookies and Tracking Technologies
We use cookies and similar technologies (like `localStorage`) to operate and improve our website and services. Cookies are small text files stored on your device. Here's how we use them:
- Essential Cookies: These are necessary for the website to function correctly. They include cookies used for user authentication and session management (via Clerk), security (e.g., CSRF protection), and enabling core site features like payment processing (via Stripe). These cannot be disabled through our systems.
- Analytics Cookies: We use cookies provided by Vercel Analytics and Vercel Speed Insights to collect aggregated data about website traffic and user interaction patterns. This helps us understand how our site is used and improve its performance and content.
- Functional Technologies: We may use technologies like `localStorage` to remember your preferences or choices, such as whether you have dismissed the newsletter signup banner.
We do not use third-party cookies for targeted advertising across different websites.
You can typically control cookies through your browser settings. Most browsers allow you to view, manage, delete, and block cookies for a website. Please note that if you disable essential cookies, some parts of our website may not function properly.
Third-Party Websites
Our website may contain links to other websites not operated by us. If you click on a third-party link, you will be directed to that third party's site. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We strongly advise you to review the Privacy Policy of every site you visit.
Children's Privacy
Our services are not intended for individuals under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you believe that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to remove that information from our servers.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top. You are advised to review this Privacy Policy periodically for any changes. Changes are effective when they are posted on this page.
Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:
Email: mike@systemsculpt.com