Privacy Policy

VendorPulse ("we", "us", "our") operates the website vendorpulse.biz — a software release tracking and notification service. This Privacy Policy explains how we collect, use, and protect your personal information.

Information you provide:

• Account data: Your name, email address, and profile image, obtained when you sign in via GitHub or Google OAuth.
• Notification preferences: Your chosen notification channels (email, Slack) and frequency settings.
• Alternate notification email: An optional secondary email address you may provide for notifications (Premium feature).
• Vendor submissions: Information you submit when proposing new vendors for tracking.

Information collected automatically:

• Usage data: Pages visited, features used, and general interaction patterns, collected to improve the Service.
• Log data: IP address, browser type, and referring URLs, retained for security and debugging purposes.

Payment information: We do not store payment card details. Payments are processed securely by Stripe. We only receive a customer ID and subscription status from Stripe.

• To create and manage your account.
• To send you release notifications for vendors you watch, according to your preferences.
• To send transactional emails (welcome, billing receipts).
• To process and manage your subscription via Stripe.
• To respond to support enquiries.
• To improve, maintain, and secure the Service.
• To comply with legal obligations.

We do not sell your personal information to third parties. We do not use your data for advertising.

We share your data only with trusted third-party service providers necessary to operate the Service:

• Stripe — payment processing. Stripe Privacy Policy
• Resend — transactional email delivery. Resend Privacy Policy
• GitHub / Google — OAuth sign-in providers. We only receive your name, email, and profile picture from these providers.

We may also disclose your information if required by law, court order, or to protect the rights, property, or safety of VendorPulse or others.

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., billing records).

We use only essential session cookies required for authentication. We do not use tracking cookies or third-party advertising cookies.

We implement industry-standard security measures including HTTPS encryption, hashed credentials, and access controls. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

Depending on your location, you may have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data ("right to be forgotten").
• Object to or restrict processing of your data.
• Data portability.

To exercise any of these rights, contact us at support@vendorpulse.biz. We will respond within 30 days.

The Service is not directed to children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on the Service or by email. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

If you have any questions or concerns about this Privacy Policy, please contact us at support@vendorpulse.biz or via our Contact page.