Privacy Policy

1. Introduction

CatMai SRL ("we", "us", or "our") respects your privacy and is committed to protecting your personal data when using CatMai.

This policy explains what data we collect, why we collect it, and how you can exercise your rights under GDPR and applicable laws.

2. Data Controller

3. Data We Collect

3.1 Data provided directly by you

• Identification data: first name, last name, email address
• Account data: encrypted password, account preferences
• Payment data: card-related details are processed by Stripe
• Event data: details for events you create and manage
• Communications: messages sent through the contact form

3.2 Data collected automatically

• Technical data: IP address, browser type, operating system
• Usage data: visited pages, session duration, actions performed
• Cookies: according to our Cookie Policy

3.3 Data from third parties

• Social login: if you sign in with Google, we receive your name and email
• Payment processor: Stripe provides us with payment confirmations

4. Legal Basis & Purpose

• Contract performance: to provide the services you request
• Consent: for marketing and non-essential cookies
• Legitimate interest: to improve security and service quality
• Legal obligation: accounting, tax and legal compliance

5. Purposes of processing

• Provide and manage your account
• Process payments and manage subscriptions
• Communicate service updates and operational notices
• Improve and personalize user experience
• Ensure platform security and fraud prevention
• Comply with legal obligations
• Direct marketing only with valid consent

6. Data sharing

We do not sell personal data. We share data only with trusted processors and only when necessary.

• Service providers: Supabase (hosting), Stripe (payments), Vercel (hosting)
• Authorities: when legally required
• Business partners: only with explicit consent

7. International transfers

• We use adequacy decisions where available
• We implement EU-approved Standard Contractual Clauses
• We work with certified providers where applicable

8. Data retention

• Account data: during account lifetime + 30 days after deletion
• Payment data: 10 years (tax/legal obligations)
• Usage data: 2 years
• Communications: 3 years
• Cookies: according to the Cookie Policy

9. Your rights

You can request access, rectification, deletion, restriction, portability, or objection by contacting us at privacy@timesimplify.com.

We respond to valid privacy requests within 30 days.

10. Data security

• SSL/TLS encryption for communications
• Modern password hashing and secure authentication flows
• Restricted access based on need-to-know principle
• Continuous monitoring and backup strategy

11. Children

Our service is not intended for individuals under 16 years old. If we identify such data, we remove it without undue delay.

12. Cookies

We use cookies and similar technologies. For full details, please read our Cookie Policy.

13. Policy updates

We may update this policy periodically. Material changes are communicated via email or in-product notice.

14. Complaints

If you believe your data was processed unlawfully, you can lodge a complaint with your data protection authority.

15. Contact