Legal

Privacy Policy

Last updated: May 26, 2026 · Effective immediately

CraftersQ Inc. ("CraftersQ", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our platform at craftersq.com.

1. Information We Collect

1.1 Information You Provide

  • Account Data: Name, email address, password (hashed), company name
  • Billing Data: Payment method (processed by Stripe — we do not store full card numbers), billing address, transaction history
  • Content Data: Websites, pages, images, text, and other content you create on the Platform
  • Communications: Support tickets, emails, chat messages, feedback

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, click patterns, session duration, AI prompts
  • Device Data: IP address, browser type, operating system, device identifiers, screen resolution
  • Analytics Data: Website performance metrics, error logs, API usage
  • Cookies: Session cookies, authentication tokens, preference cookies, analytics cookies

1.3 Information from Third Parties

  • Payment Processors: Transaction status, subscription details from Stripe
  • OAuth Providers: Email and profile data if you sign in with Google or other providers
  • Analytics Services: Aggregated usage data from integrated analytics tools

2. How We Use Your Information

We use your information for the following purposes:

  • Providing, maintaining, and improving the Platform and its features
  • Processing payments, subscriptions, and transaction fees
  • Communicating with you about your account, services, and updates
  • Providing customer support and responding to inquiries
  • Enforcing our Terms of Service and Acceptable Use Policy
  • Detecting, preventing, and addressing fraud, abuse, and security issues
  • Generating aggregated, anonymized analytics to improve our services
  • Complying with legal obligations and responding to lawful requests
  • Sending marketing communications (with your consent, and with opt-out available)

3. How We Share Your Information

3.1 Service Providers

We share data with trusted third-party providers who assist in operating the Platform:

  • Stripe: Payment processing, subscription management, Connect payouts
  • Cloud Hosting: Server infrastructure and data storage
  • AI Providers: Content generation (prompts may be processed by AI model providers)
  • Email Services: Transactional emails and notifications
  • Analytics: Usage tracking and performance monitoring

3.2 Legal Requirements

We may disclose information when required by law, subpoena, court order, or government request, or when we believe disclosure is necessary to protect our rights, safety, or property.

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

3.4 With Your Consent

We may share your information for other purposes with your explicit consent.

3.5 We Do NOT

  • Sell your personal information to third parties
  • Share your data for third-party advertising purposes
  • Provide your account data to other CraftersQ users without your consent

4. AI & Content Generation

4.1 Prompts & Inputs

When you use AI features, your prompts and inputs may be sent to third-party AI model providers (e.g., OpenAI) for processing. These providers have their own data handling policies. We do not use your prompts to train our own models without consent.

4.2 Generated Outputs

AI-generated content (websites, text, images) is stored on our servers as part of your account. We may analyze aggregated, anonymized generation patterns to improve our services.

5. Data Retention

  • Active accounts: Data retained while your account is active
  • After cancellation: Website data retained for 30 days, then permanently deleted
  • Billing records: Retained for 7 years for tax and legal compliance
  • Support communications: Retained for 3 years
  • Usage logs: Retained for 12 months, then anonymized
  • Upon request: Personal data deleted within 30 days of a verified deletion request

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of personal data we hold about you
  • Rectification: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data ("right to be forgotten")
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Restriction: Request restriction of processing in certain circumstances
  • Withdraw Consent: Withdraw consent where processing is consent-based

To exercise these rights, email us at privacy@craftersq.com. We will respond within 30 days.

7. Cookies & Tracking

7.1 Essential Cookies

Required for the Platform to function (authentication, session management). Cannot be disabled.

7.2 Analytics Cookies

Help us understand how the Platform is used. Can be opted out via browser settings.

7.3 Preference Cookies

Remember your settings and preferences. Optional.

We do NOT use third-party advertising cookies or cross-site tracking.

8. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS/HTTPS) and at rest
  • Password hashing with bcrypt
  • Access controls and principle of least privilege
  • Regular security audits and vulnerability scanning
  • DDoS protection and web application firewalls

While we take reasonable precautions, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

Our servers are located in Canada and the United States. If you access the Platform from outside these regions, your data may be transferred internationally. We ensure appropriate safeguards are in place for cross-border transfers in compliance with applicable laws.

10. Children's Privacy

The Platform is not intended for users under 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with data, contact us immediately and we will delete it.

11. Your Responsibilities (Website Owners)

If you build a website that collects data from visitors or customers, you are the data controller for that data. You are responsible for:

  • Publishing your own privacy policy on your website
  • Obtaining necessary consents from your visitors
  • Complying with GDPR, CCPA, PIPEDA, or other applicable privacy laws
  • Responding to data subject requests from your visitors
  • Ensuring your use of CraftersQ for data processing has a lawful basis

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or platform notification. The "Last updated" date at the top reflects the latest revision.

13. Contact Us

For privacy-related questions or to exercise your rights:

14. Applicable Laws

This policy is designed to comply with:

  • PIPEDA (Personal Information Protection and Electronic Documents Act) — Canada
  • GDPR (General Data Protection Regulation) — European Union
  • CCPA/CPRA (California Consumer Privacy Act) — California, USA

Where there is a conflict between this policy and mandatory local law, the local law prevails.