Chartly Inc. ("Chartly," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our charting platform, website, mobile applications, and related services (collectively, the "Service").

This Privacy Policy applies to all users of our Service, including visitors to our website, registered users, and customers who subscribe to our paid plans. By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.

If you have any questions about this Privacy Policy or our data practices, please contact us using the information provided in the "Contact Us" section below.

2.1 Information You Provide

We collect information you provide directly to us, including:

• Account Information: Name, email address, username, password, and profile information
• Billing Information: Payment details, billing address, and tax identification numbers
• Communication Data: Messages sent through our support system, feedback, and survey responses
• Content Data: Charts, visualizations, datasets, and other content you create or upload
• Organization Data: Company name, team member information, and workspace settings

2.2 Information We Collect Automatically

When you use our Service, we automatically collect certain information:

• Usage Information: Features used, time spent, actions taken, and performance metrics
• Device Information: Device type, operating system, browser type, and unique device identifiers
• Log Information: IP address, access times, pages viewed, and referring URLs
• Location Information: General geographic location based on IP address
• Cookies and Tracking: Information from cookies, web beacons, and similar technologies

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Authentication providers (Google, Microsoft, etc.)
• Payment processors and billing providers
• Analytics and marketing service providers
• Data integration partners and APIs
• Public databases and social media platforms

We use the information we collect for the following purposes:

3.1 Service Provision

• Provide, maintain, and improve our charting platform
• Process and store your charts and visualizations
• Enable collaboration and sharing features
• Provide customer support and technical assistance
• Process billing and manage subscriptions

3.2 Communication

• Send service-related notifications and updates
• Respond to your inquiries and support requests
• Send marketing communications (with your consent)
• Provide product updates and feature announcements

3.3 Analytics and Improvement

• Analyze usage patterns and user behavior
• Improve our Service and develop new features
• Conduct research and analytics
• Monitor and analyze trends and usage

3.4 Security and Legal

• Protect against fraud, abuse, and security threats
• Comply with legal obligations and regulatory requirements
• Enforce our Terms of Service and other policies
• Protect our rights and the rights of our users

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• Cloud hosting and infrastructure providers
• Payment processing and billing services
• Analytics and monitoring services
• Customer support platforms
• Email and communication services

4.2 Business Transfers

In connection with any merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to appropriate protections.

4.3 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes or government requests
• Protect our rights, property, or safety
• Protect the rights, property, or safety of our users
• Investigate potential violations of our policies

4.4 With Your Consent

We may share information with third parties when you explicitly consent to such sharing, including when you use integration features or share content publicly.

5.1 Security Measures

We implement comprehensive security measures to protect your information:

• Encryption in transit and at rest using industry-standard protocols
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection and security practices
• Incident response and breach notification procedures

5.2 Data Processing

We process your data in secure facilities with appropriate physical and technical safeguards. Our data processing practices are designed to minimize access to personal information and ensure data integrity.

5.3 Limitations

While we implement strong security measures, no system is completely secure. We cannot guarantee absolute security but are committed to maintaining reasonable protections and promptly addressing any security incidents.

6.1 Retention Periods

We retain your information for as long as necessary to:

• Provide the Service and maintain your account
• Comply with legal obligations and regulatory requirements
• Resolve disputes and enforce our agreements
• Improve our Service and user experience

6.2 Account Deletion

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes.

6.3 Backup Data

Information may persist in backup systems for up to 90 days after deletion for disaster recovery purposes, after which it is permanently deleted.

You have the following rights regarding your personal information:

7.1 Access and Portability

• Request access to your personal information
• Receive a copy of your data in a portable format
• Export your charts and visualizations

7.2 Correction and Updates

• Correct inaccurate or incomplete information
• Update your account and profile information
• Modify your communication preferences

7.3 Deletion and Restriction

• Request deletion of your personal information
• Restrict processing of your data
• Object to certain uses of your information

7.4 Exercising Your Rights

To exercise these rights, contact us using the information in the "Contact Us" section. We will respond to your request within 30 days and may require verification of your identity.

8.1 Types of Cookies

We use the following types of cookies and tracking technologies:

• Essential Cookies: Required for basic functionality and security
• Performance Cookies: Help us understand how users interact with our Service
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Provide insights into usage patterns and performance

8.2 Cookie Management

You can control cookies through your browser settings or our cookie management tool. Note that disabling certain cookies may affect the functionality of our Service.

8.3 Third-Party Tracking

We use third-party analytics and advertising services that may place cookies on your device. These services have their own privacy policies governing their use of information.

Chartly is based in the United States, and your information may be transferred to, processed, and stored in the United States and other countries where we or our service providers operate.

9.1 Transfer Safeguards

When transferring data internationally, we implement appropriate safeguards, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where available
• Binding Corporate Rules for intra-group transfers
• Other legally recognized transfer mechanisms

9.2 Data Protection Standards

Regardless of where your data is processed, we maintain consistent data protection standards and ensure appropriate security measures are in place.

10.1 Integrations

Our Service may integrate with third-party applications and services. When you connect these integrations, information may be shared according to your authorization and the third party's privacy policy.

10.2 External Links

Our Service may contain links to external websites or services. We are not responsible for the privacy practices of these third parties, and we encourage you to review their privacy policies.

10.3 Social Media

Our Service may include social media features that allow you to share content or connect your social media accounts. These features are governed by the privacy policies of the respective social media platforms.

Our Service is not intended for children under 13 years of age (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children under this age.

If we become aware that we have collected personal information from a child under the applicable age without parental consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12.1 CCPA Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to know what personal information we collect and how it's used
• Right to delete personal information we have collected
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

12.2 Exercising CCPA Rights

To exercise your CCPA rights, please contact us using the "Contact Us" information below. We may require verification of your identity and California residency.

12.3 Authorized Agents

You may designate an authorized agent to make requests on your behalf. We may require proof of authorization and verification of your identity.

13.1 Legal Basis

We process personal information under the following legal bases:

• Contract: To provide the Service and fulfill our contractual obligations
• Legitimate Interest: To improve our Service and ensure security
• Consent: For marketing communications and optional features
• Legal Obligation: To comply with applicable laws and regulations

13.2 Data Subject Rights

Under GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your personal data
• Restrict processing
• Data portability
• Object to processing
• Withdraw consent

13.3 Data Protection Officer

We have appointed a Data Protection Officer who can be contacted regarding GDPR compliance and data protection matters at dpo@chartly.com.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

14.1 Notification of Changes

When we make material changes to this Privacy Policy, we will:

• Update the "Effective Date" at the top of this policy
• Notify you via email or through our Service
• Provide prominent notice on our website
• Allow you to review changes before they take effect

14.2 Continued Use

Your continued use of our Service after the updated Privacy Policy becomes effective constitutes acceptance of the changes. If you do not agree to the updated policy, please stop using our Service.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: