Saasifyy

Privacy Policy

Last updated: April 2, 2026

1. Introduction

Saasifyy ("we", "our", "the Platform") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our SaaS marketplace platform.

2. Information We Collect

We collect the following types of information:

Account Information

  • Full name and email address
  • Password (stored securely using bcrypt hashing)
  • Account role (Customer, Developer, or Admin)
  • Business name and business email (for developer accounts)

Payment Information

  • Payment details are processed directly by Stripe
  • We store Stripe customer IDs and subscription IDs, not card details
  • Transaction history (amounts, dates, status)

Usage Information

  • Products viewed and subscriptions created
  • Reviews and ratings submitted
  • WordPress subsite activity (for developers)

3. How We Use Your Information

  • To create and manage your user account
  • To process subscription payments and manage billing
  • To provision and manage WordPress subsites for developers
  • To send transactional emails (verification, password reset, subscription notifications)
  • To display reviews and ratings on product pages
  • To provide analytics dashboards for developers and administrators
  • To enforce our Terms of Service and prevent abuse

4. Data Storage & Security

We take data security seriously and implement the following measures:

  • Passwords are hashed using bcrypt with salt rounds
  • JWT tokens for secure authentication with short-lived access tokens
  • HTTPS encryption for all data in transit
  • Secure HTTP headers via Helmet.js (HSTS, CSP, X-Frame-Options)
  • Rate limiting to prevent brute-force attacks
  • Database hosted on Supabase with encrypted connections
  • HttpOnly cookies for refresh tokens to prevent XSS theft

5. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe — Payment processing (PCI-DSS compliant)
  • Supabase — Database hosting (PostgreSQL)
  • Resend — Transactional email delivery
  • WordPress — Multi-tenant site hosting for developer products

Each service has its own privacy policy. We recommend reviewing their policies for details on how they handle your data.

6. Cookies

We use essential cookies for authentication (refresh tokens stored as HttpOnly cookies) and subscription access verification on WordPress subsites. We do not use tracking cookies or third-party advertising cookies.

7. Data Retention

We retain your account data for as long as your account is active. Transaction records are retained for accounting and legal compliance purposes. If you delete your account, your personal information will be removed, but anonymized transaction records may be retained for financial reporting.

8. Your Rights

You have the right to:

  • Access and view your personal data through your account dashboard
  • Update or correct your account information
  • Delete your account and associated personal data
  • Export your data upon request
  • Opt out of non-essential email communications

9. Children's Privacy

Saasifyy is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If we learn that we have collected data from a minor, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Platform after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or how we handle your data, please reach out via our contact page or email us at support@saasifyy.tech.