Privacy Policy

Last updated: March 18, 2026

Introduction

CreateaSaaS ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services. Please read this policy carefully. By using CreateaSaaS, you consent to the data practices described here.

Information We Collect

  • Account Information: Name, email address, password (hashed), and billing information when you create an account.
  • Project Data: Configuration data, API keys, and project settings for your connected projects.
  • Usage Data: Pages visited, features used, timestamps, IP addresses, browser type, and device information.
  • Payment Data: Processed by Polar.sh. We store transaction IDs and subscription status but not full payment card details.
  • Support Communications: Any messages or communications you send to us.

How We Use Your Information

We use collected information to:

  • Provide and maintain the Service
  • Process transactions
  • Send transactional emails (account confirmations, billing, security alerts)
  • Improve our services
  • Monitor for abuse and security threats
  • Respond to support requests
  • Send marketing communications (with your consent, you can opt out anytime)

SDK & Analytics Data

If you use CreateaSaaS's analytics SDK in your SaaS applications, the SDK collects data about your end users (page views, sessions, events) as configured by you. You are the data controller for this data. We process it on your behalf as a data processor. You are responsible for providing appropriate privacy notices to your end users and obtaining necessary consents.

Data Sharing

We do not sell your personal data. We share data with:

  • Polar.sh: Payment processing (name, email, billing details)
  • Service Providers: Essential services like email delivery (Resend)
  • Legal Requirements: When required by law or to protect our rights

We require all third-party providers to respect the security of your data and treat it in accordance with the law.

Data Retention

  • Account data is retained while your account is active and for 30 days after deletion.
  • Project data is deleted when projects are removed from your account.
  • Analytics data retention depends on your plan: Free Trial — 14 days, Pro — 1 year, Business — 2 years.
  • Billing records are retained for 7 years for tax compliance.

You can request data export or deletion at any time.

Security

We implement industry-standard security measures:

  • Encrypted data transmission (TLS/SSL)
  • Hashed passwords
  • JWT-based authentication with httpOnly cookies
  • Rate limiting on all API endpoints
  • Regular security audits

Per-project data isolation ensures your analytics data stays separate from other customers. While we strive to protect your data, no method of transmission over the Internet is 100% secure.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data
  • Restrict processing
  • Object to marketing communications
  • Withdraw consent at any time

To exercise these rights, contact us at heynoblehero@gmail.com.

Cookies

We use minimal cookies essential for the Service: authentication tokens and session preferences. For detailed information about our cookie practices, please see our Cookie Policy.

Children's Privacy

CreateaSaaS is not intended for users under 18 years of age. We do not knowingly collect data from children. If we learn we have collected data from a child, we will delete it promptly. If you believe a child has provided us data, contact us immediately.

GDPR Compliance

For users in the European Economic Area (EEA), we process data under the following legal bases:

  • Contract performance (providing the Service)
  • Legitimate interests (improving services, security)
  • Consent (marketing)
  • Legal obligations (tax records)

You have additional rights under GDPR including data portability and the right to lodge a complaint with a supervisory authority.

CCPA Compliance

California residents have the right to:

  • Know what personal information is collected
  • Request deletion
  • Opt out of the sale of personal information (we do not sell personal information)
  • Non-discrimination for exercising privacy rights

To exercise your CCPA rights, contact us at heynoblehero@gmail.com.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact

If you have questions about this Privacy Policy or our data practices, contact us at heynoblehero@gmail.com.