Privacy Policy

Effective Date: 4/9/2025

1. Introduction

Welcome to Illutix. We provide data visualization services, including real-time collaboration features. This privacy policy explains how we collect, use, and protect your personal data when you use our services. By using our platform, you agree to the practices outlined in this policy.

2. Information Collection

We collect the following types of information:

  • Personal Identifiable Information (PII): Your name, email address, and profile image when you register and edit profile.
  • Authentication Data: We use Supabase Auth and allow users to sign in via Google or GitHub OAuth.
  • Uploaded Content: Profile images and other user-generated content are stored using Supabase Storage.
  • Payment Information: We use Stripe to securely handle payments and subscriptions. We do not store sensitive card data.
  • Technical Data: Device type, browser type, operating system, and basic usage data. Vercel Analytics is used without cookies.

3. Use of Information

  • Subscription Management: To process and manage your subscription via Stripe.
  • Authentication: To allow secure access using Supabase Auth with OAuth providers.
  • Collaboration: To enable sharing and visibility of your name/email with collaborators.
  • Analytics: To analyze usage patterns with privacy-friendly, cookie-less tracking via Vercel Analytics.
  • Communication: To send service updates or optional marketing emails (if opted in).
  • Customer Support: To assist with inquiries or troubleshoot issues.
  • Legal Compliance: To comply with legal obligations or enforce our Terms of Service.

4. Information Sharing and Disclosure

We may share your data with trusted service providers for specific functions:

  • Stripe: For secure payment processing.
  • Supabase: For authentication, database, and file storage.
  • Vercel: For hosting and analytics.

We do not sell or share your personal data with third parties for marketing without your consent. We may disclose your data if required by law, legal process, or to protect our rights.

Your name and email may be visible to other users in collaborative features of our platform.

GDPR: For EEA users, we only share data in compliance with the General Data Protection Regulation.

5. Security Measures

We implement industry-standard security practices to protect your data, including HTTPS (SSL/TLS), access control, and secure cloud infrastructure.

Payment Information: All payment data is handled by Stripe and protected by their security measures.

6. User Rights

You have the following rights under GDPR:

  • Right to Access – Request a copy of your personal data.
  • Right to Rectification – Request corrections to your data.
  • Right to Erasure – Request data deletion under certain conditions.
  • Right to Restrict Processing – Request limited use of your data.
  • Right to Data Portability – Receive your data in a structured format.
  • Right to Object – Object to direct marketing or profiling.
  • Right to Withdraw Consent – Withdraw consent at any time.

Please contact us at contact@illutix.com to exercise these rights.

CCPA: If you are a California resident, you may have additional rights. Contact us for more information.

7. Cookies and Tracking Technologies

We use minimal cookies and privacy-first analytics. Vercel Analytics allows us to measure performance and usage without setting any cookies.

Essential cookies may be used for authentication/session management via Supabase.

You can disable cookies in your browser settings, but this may affect functionality.

8. Changes to This Policy

We may update this Privacy Policy occasionally. The "Effective Date" at the top will reflect the latest version. We may notify you of significant changes via email or in-app notice.

9. Contact Information

If you have questions about this policy or your data, contact us at:
contact@illutix.com

We currently do not operate from a formal physical office address. We will update this policy if that changes.

10. Data Protection Contact

As a small startup, we do not have a formally designated Data Protection Officer. However, our founder is responsible for data protection compliance and can be contacted at:
yoshisean@illutix.com

11. International Data Transfers

If you are located in the European Economic Area (EEA), your personal data may be transferred outside the EEA. We take appropriate safeguards to ensure your data is protected, including the use of Standard Contractual Clauses where applicable.