Privacy Policy

INTRODUCTION

Welcome to Direct2App. We are committed to protecting your privacy and being transparent about how we collect, use, and share your personal information. This Privacy Policy explains our data practices for our curated directory of SaaS and AI tools, where businesses discover software solutions through detailed reviews, pricing information, and expert recommendations.

Who We Are: Direct2App operates as a comprehensive directory platform featuring SaaS and AI tools with detailed reviews, pricing information, and expert recommendations. Our platform helps businesses discover software solutions while generating revenue through premium listing services.

Our Commitment: We believe in building trust through transparency. This policy explains your privacy rights and choices in clear, accessible language while maintaining legal precision to ensure compliance with applicable privacy laws.

INFORMATION WE COLLECT

Personal Information We Collect

Account Information:

• Email addresses (for account creation and tool submissions)
• Username and profile information
• Account preferences and settings

Submission Information:

• Email addresses provided when submitting tools for listing consideration
• Company information (if provided during tool submissions)
• Communication preferences

Technical Information:

• IP addresses and approximate location data
• Browser type, version, and settings
• Device information and operating system
• Referral URLs and website navigation patterns
• Usage analytics and site interaction data

Information Collected Through Third-Party Services

Google Analytics: We use Google Analytics to understand website usage patterns, measure performance, and improve user experience. This includes:

• Page views and session duration
• Geographic location (city/region level)
• Device and browser analytics
• Traffic sources and user flow patterns

Information We Do NOT Collect:

• Payment card information (handled exclusively by Stripe)
• Sensitive personal data such as social security numbers
• Precise GPS location data
• Health or medical information

HOW WE USE YOUR INFORMATION

We use your personal information for the following purposes:

Service Provision

• Creating and managing user accounts
• Processing tool submission requests
• Providing customer support and responding to inquiries
• Sending service-related notifications and updates

Platform Improvement

• Analyzing website usage to enhance user experience
• Developing new features and improving existing functionality
• Conducting research to better serve our community
• Maintaining platform security and preventing fraud

Communication

• Sending account-related notifications
• Providing updates about new tools and platform features
• Responding to support requests and feedback
• Marketing communications (with your consent)

Legal and Safety

• Complying with legal obligations and requests
• Protecting against fraud, abuse, and security threats
• Enforcing our terms of service
• Resolving disputes and legal claims

INFORMATION SHARING AND DISCLOSURE

We Do Not Sell Your Personal Information

Direct2App does not sell, rent, or trade your personal information to third parties for monetary compensation.

When We Share Information

Service Providers:

• Resend: For email communications and notifications
• Google Analytics: For website analytics and performance measurement
• Stripe: For payment processing (see Payment Processing section)

Legal Requirements:

• To comply with applicable laws, regulations, or legal processes
• To respond to valid governmental requests
• To protect our rights, property, or safety, or that of others
• To enforce our terms of service or other agreements

Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to appropriate safeguards.

Consent: We may share information with your explicit consent for specific purposes not covered in this policy.

PAYMENT PROCESSING

Stripe Payment Processing

Important Notice: All payment processing for premium listing services is handled exclusively by Stripe, Inc. Direct2App does not store, process, or have access to your payment card information.

What Stripe Handles:

• Credit card and payment method information
• Billing addresses and payment processing
• Transaction records and payment confirmations
• Payment-related fraud prevention

Stripe's Privacy Practices: Stripe processes payment information in accordance with their privacy policy available at stripe.com/privacy. Stripe maintains PCI DSS Level 1 compliance and implements industry-standard security measures for payment data protection.

Data Sharing with Stripe: We share only the necessary information with Stripe to process payments:

• Email address for receipt delivery
• Service details for transaction records
• Basic account identifiers for payment matching

Your Payment Rights: You have rights regarding your payment data processed by Stripe. For payment-related privacy requests, you may contact Stripe directly or reach out to us at [email protected] for assistance.

DATA RETENTION

Standard Retention Period: We retain personal information for 12 months from the date of collection or last account activity, whichever is later.

Retention Details by Data Type

Account Information: 12 months after account deletion or last activity Email Communications: 12 months from the date sent Analytics Data: 12 months in aggregated, non-personally identifiable form Tool Submission Data: 12 months from submission date

Extended Retention

We may retain information longer when:

• Required by applicable law or regulation
• Necessary for fraud prevention or security purposes
• Needed to resolve disputes or legal claims
• Required for legitimate business purposes with appropriate safeguards

Data Deletion

After the retention period expires, we securely delete or anonymize personal information unless legally required to retain it longer.

YOUR PRIVACY RIGHTS

Depending on your location, you may have the following rights regarding your personal information:

Universal Rights

Access: Request information about what personal data we hold about you Correction: Request correction of inaccurate or incomplete information Deletion: Request deletion of your personal information (subject to legal limitations) Portability: Request a copy of your data in a portable format

GDPR Rights (EU/UK Users)

Lawful Basis Objection: Object to processing based on legitimate interests Restriction: Request limitation of processing in certain circumstances Automated Decision-Making: Protection against solely automated decision-making Supervisory Authority: Right to lodge complaints with data protection authorities

CCPA/CPRA Rights (California Users)

Know: Right to know what personal information is collected, used, shared, or sold Delete: Right to delete personal information (subject to exceptions) Opt-Out: Right to opt-out of the sale of personal information (Note: We do not sell personal information) Non-Discrimination: Right not to receive discriminatory treatment for exercising privacy rights

Exercising Your Rights

To exercise your privacy rights:

• Email us at [email protected]
• Include sufficient information to verify your identity
• Specify which rights you wish to exercise
• We will respond within the timeframes required by applicable law

SECURITY MEASURES

We implement appropriate technical and organizational security measures to protect your personal information:

Technical Safeguards

• Industry-standard encryption for data transmission (TLS 1.2+)
• Secure data storage with encryption at rest
• Regular security assessments and updates
• Access controls and authentication requirements

Organizational Measures

• Privacy by design principles in system development
• Regular staff training on data protection practices
• Incident response procedures for security breaches
• Limited access to personal information on a need-to-know basis

Third-Party Security

Our service providers, including Google Analytics and Resend, implement their own security measures and are contractually obligated to protect your information.

Security Incidents: In the unlikely event of a data breach, we will notify affected users and relevant authorities as required by applicable law.

INTERNATIONAL DATA TRANSFERS

Direct2App operates globally, and your information may be transferred to and processed in countries other than your residence.

Transfer Safeguards

Adequacy Decisions: We rely on adequacy decisions where available Standard Contractual Clauses: We use EU Standard Contractual Clauses for transfers requiring additional safeguards Service Provider Agreements: Our third-party providers implement appropriate transfer mechanisms

Third-Party Transfers

• Google Analytics: Data processed globally with appropriate safeguards
• Resend: Email processing with standard contractual protections
• Stripe: Payment processing with international data transfer safeguards [1]

COOKIES AND TRACKING TECHNOLOGIES

Essential Cookies

• Account authentication and security
• Platform functionality and user preferences
• Load balancing and performance optimization

Analytics Cookies

• Google Analytics for usage statistics and platform improvement
• Performance monitoring and error tracking
• User experience optimization

Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect platform functionality.

Cookie Consent: We obtain appropriate consent for non-essential cookies based on your location and applicable laws.

EMAIL COMMUNICATIONS

Types of Emails

Transactional Emails:

• Account creation and verification
• Tool submission confirmations
• Security and policy updates
• Customer support responses

Marketing Emails:

• Platform updates and new features
• Curated tool recommendations
• Industry insights and tips

Email Preferences

Opt-Out Options:

• Unsubscribe links in all marketing emails
• Account settings for communication preferences
• Contact [email protected] for assistance

Email Provider: We use Resend for email delivery, which implements appropriate security measures and complies with anti-spam regulations.

CHILDREN'S PRIVACY

Direct2App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

If You're a Parent: If you believe your child has provided personal information to us, please contact [email protected] immediately. We will delete such information promptly upon verification.

International Considerations: In jurisdictions with higher age requirements, we comply with applicable local laws regarding minors' data protection.

BUSINESS TRANSFERS

In the event Direct2App undergoes a business transition such as a merger, acquisition, or sale of assets, your personal information may be part of the transferred assets.

Protection During Transfers:

• You will be notified of any ownership changes
• This Privacy Policy will continue to apply unless updated
• You will have the opportunity to exercise your rights under any new privacy policy

UPDATES TO THIS POLICY

We may update this Privacy Policy periodically to reflect changes in our practices, services, or applicable laws.

Notification of Changes

Material Changes: We will notify you via email or prominent website notice at least 30 days before material changes take effect Minor Updates: Non-material changes will be posted with an updated "Last Updated" date Continued Use: Your continued use of our services after changes take effect constitutes acceptance of the updated policy

Version History: Previous versions of this policy are available upon request at [email protected].

CONTACT US

For any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: [email protected]

Response Time: We respond to privacy inquiries within 5 business days

Mailing Address: [To be provided if required by jurisdiction]

Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at [email protected].

Supervisory Authorities

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.

This Privacy Policy demonstrates our commitment to transparency and your privacy rights. We encourage you to review this policy regularly and contact us with any questions about how we protect your personal information.