Privacy Policy
Last updated: [DATE]
[LEGAL ENTITY NAME] ("we") operates Boxnozi. This policy explains what personal data we collect, why, and your rights over it.
1. What we collect
Account data (name, email, hashed password), billing data (handled by Stripe — we store customer and invoice identifiers, never full card numbers), and usage data (logins, page views, support messages).
2. Why we process it
To provide the Service, process payments, send transactional email (verification, receipts, renewal reminders), prevent fraud, and meet legal obligations.
3. Third parties
Stripe (payments), our SMTP provider (transactional email), our hosting provider (infrastructure). We do not sell personal data.
4. Retention
Account data is retained while your account is active and for up to [N] years after closure as required by tax and accounting law. You can request deletion at any time subject to those obligations.
5. Your rights
Access, correction, deletion, portability, and objection, as applicable under your local law (including GDPR for EU residents). Write to support@boxnoza.com to exercise any of these.
6. Cookies
We use a single session cookie for authentication. No tracking or advertising cookies.
7. Changes
We'll post updates to this page and, for material changes, notify you by email.
Replace bracketed fields with your actual entity details and legal review before publication.