Privacy Policy

1. Who we are

DealTrack ("we", "our", "us") is a sponsorship deal tracking tool for content creators. We are the data controller for the personal data described in this policy. You can contact us at support.dealtrack@gmail.com.

2. Data we collect

We collect the following personal data when you use DealTrack:

• →Account data: your name and email address, provided when you register.
• →Deal data: brand names, amounts, platforms, deadlines, and notes you enter.
• →Payment data: handled by Stripe. We store only a Stripe customer ID — no card numbers.
• →Usage data: pages visited and actions taken, collected via server logs for security and debugging.
• →Communications: if you contact us, we retain that correspondence.

3. How we use your data

We use your data to:

• →Provide, maintain, and improve the DealTrack service.
• →Send transactional emails: account confirmation, password reset, and deal reminders (Pro plan only).
• →Process payments through Stripe.
• →Respond to support requests.
• →Comply with legal obligations.

We do not sell your data to third parties. We do not use your data for advertising.

4. Legal basis (GDPR)

If you are in the European Economic Area (EEA), we process your data under the following legal bases:

• →Contract performance: to provide the service you signed up for.
• →Legitimate interests: to improve our service and prevent fraud.
• →Legal obligation: to comply with applicable laws.
• →Consent: for optional email communications (you may withdraw consent at any time).

5. Data retention

We retain your account and deal data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it by law.

6. Third-party services

We use the following sub-processors:

7. Cookies

DealTrack uses only essential cookies required for authentication (session management). We do not use tracking or advertising cookies. No cookie consent banner is required.

8. Your rights (GDPR)

If you are in the EEA, you have the right to:

• →Access the personal data we hold about you.
• →Rectify inaccurate data.
• →Erase your data ("right to be forgotten").
• →Restrict or object to processing.
• →Data portability — receive your data in a machine-readable format.
• →Withdraw consent at any time without affecting prior processing.
• →Lodge a complaint with your local data protection authority.

To exercise any of these rights, email us at support.dealtrack@gmail.com. We will respond within 30 days.

9. Security

We use row-level security so each user can only access their own data. Data is encrypted in transit (TLS) and at rest. We apply the principle of least privilege to all internal access.

10. Changes to this policy

We may update this policy from time to time. We will notify you of material changes by email or via an in-app notice. The effective date at the top of this page will always reflect the latest version.