Privacy Policy
Effective Date: July 1, 2026
1. Introduction
RenderOps ("we", "us", "our") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.
2. Information We Collect
Account information: When you sign up, we collect your email address and (optionally) your name.
Usage data: We may collect anonymised information about how you use the Service (pages visited, features used) to improve the product. This data does not identify you personally.
Payment information: Payments are processed by our Merchant of Record. We do not store your credit card number or full payment details.
Content you process: For client-side tools (CSS inliner, spam checker, etc.), your email HTML is processed entirely in your browser and is never sent to our servers.
API requests: For server-side tools (ESP sync, Mirage countdown), your content passes through our Edge servers to fulfil the request. We do not store this content beyond the duration of the request.
3. How We Use Your Information
- To create and manage your account
- To provide and improve the Service
- To process payments and manage subscriptions
- To send transactional emails (account confirmation, receipts)
- To notify you of product updates if you opt in
- To comply with legal obligations
We do not sell your personal data to third parties.
4. Data Storage and Security
Account data is stored in Supabase, hosted on infrastructure in the EU/US. We use industry-standard encryption (TLS in transit, AES-256 at rest).
Session tokens are stored as httpOnly cookies and are not accessible to JavaScript running in your browser, which protects against XSS attacks.
5. Third-Party Services
We use the following third-party services:
- Supabase — database and authentication
- OpenAI — AI content generation (Newsroom tool)
- Payment MOR — Paddle, Stripe, or Lemon Squeezy for payment processing
- Vercel / Render — hosting and edge infrastructure
Each service operates under its own privacy policy.
6. Cookies
We use the following cookies:
- sb-access-token — httpOnly session cookie for authentication (expires in 7 days)
- sb-refresh-token — httpOnly token to refresh your session (expires in 30 days)
We do not use advertising cookies or third-party tracking cookies.
7. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access — request a copy of your personal data
- Rectification — request correction of inaccurate data
- Erasure — request deletion of your account and associated data
- Portability — request your data in a machine-readable format
- Objection — object to certain uses of your data
To exercise any of these rights, contact us at privacy@renderops.tech. We will respond within 30 days.
8. Data Retention
We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
9. Children
The Service is not directed at children under 16. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will delete the data immediately.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice in the Service. The effective date at the top of this page will be updated.
11. Contact
For privacy-related questions, contact us at privacy@renderops.tech.