Privacy Policy

1. Introduction

Weavelyn is operated by Griffoncrest ("we", "us", or "our"). This Privacy Policy describes how we collect, use, and protect your personal information when you use the Weavelyn platform ("Service"), including our website, application, and related services.

2. Information We Collect

We collect information in the following ways:

Account Information

When you create an account, we collect your name, email address, and workspace details. If you subscribe to a paid plan, our payment processor (Razorpay) collects billing information on our behalf.

Client Intake Data

Data submitted through intake forms created by our users is stored on our platform. This data is owned by the workspace that created the form. We process this data solely to provide the Service and do not use it for any other purpose.

Usage Data

We collect anonymized usage data to improve the Service, including pages visited, features used, and general interaction patterns. We use PostHog for product analytics.

Cookies

We use essential cookies required for the Service to function (authentication, session management). We may use analytics cookies to understand how the Service is used.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process payments and manage subscriptions
• Send transactional emails (receipts, plan changes, security alerts)
• Respond to support requests
• Monitor for abuse and ensure security
• Comply with legal obligations

We do not sell your personal information or client intake data to third parties. We do not use client intake data to train machine learning models.

4. Data Storage and Security

Your data is stored using Supabase, which provides encryption at rest and in transit. We follow industry best practices for application security, including secure authentication, role-based access controls, and regular security reviews.

While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

5. Third-Party Services

We use the following third-party services to operate the platform:

• Supabase — database and authentication
• Razorpay — payment processing
• Resend — transactional email delivery
• PostHog — product analytics
• Sentry — error tracking
• Cloudflare — hosting, CDN, and deployment

Each of these providers has their own privacy policy governing the data they process on our behalf.

6. Data Retention

We retain your account data for as long as your account is active. Client intake data is retained for as long as the workspace that created it remains active. When a workspace is deleted, associated data is permanently removed within 30 days.

You may request deletion of your account and associated data at any time by contacting us.

7. Your Rights

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Request export of your data (contact us and we will email it to you)
• Withdraw consent for non-essential data processing

To exercise any of these rights, please contact us at our contact page.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice on the Service. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us.