Privacy Policy

Last updated: January 2026

My1Reminder ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly to us, including:

• Account Information: Name, email address, password, business name, phone number, and country
• Customer Data: Your customers' names, addresses, phone numbers, and visit history that you enter into the Service
• Payment Information: Billing address and payment card details (processed securely by Stripe)
• Communications: Any messages you send to us or through our Service

1.2 Information Collected Automatically

When you use the Service, we automatically collect:

• Usage Data: Pages visited, features used, actions taken
• Device Information: Browser type, operating system, device type
• Log Data: IP address, access times, referring URLs

1.3 Information from Third Parties

We may receive information from:

• Stripe: Payment confirmation and subscription status
• Twilio: SMS delivery status and inbound message content

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process transactions and send related information
• Send SMS reminders to your customers on your behalf
• Send you technical notices, updates, and support messages
• Respond to your comments, questions, and requests
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraudulent or unauthorized activity
• Comply with legal obligations

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal bases for processing are:

• Contract Performance: Processing necessary to provide the Service you requested
• Legitimate Interests: Processing for our legitimate business interests (security, improvement, analytics)
• Legal Compliance: Processing necessary to comply with legal obligations
• Consent: Where you have given explicit consent for specific processing

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third parties who perform services on our behalf (Stripe for payments, Twilio for SMS, Supabase for data storage)
• Legal Requirements: When required by law, court order, or governmental authority
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you have given us permission to share

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal purposes.

6. Your Rights (GDPR)

If you are in the EEA, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your personal data
• Portability: Request your data in a machine-readable format
• Restriction: Request restriction of processing
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please use the account settings page or contact us at [email protected]. We will respond within 30 days.

7. Data Export

You can export your data at any time through the Settings > Account section of the Service. This includes your customer data, visit history, and invoices in CSV format.

8. Account Deletion

You can delete your account at any time through the Settings > Account section. When you delete your account:

• All your personal data will be permanently deleted
• All customer data you have stored will be deleted
• Any active subscriptions will be cancelled
• This action cannot be undone

9. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Row-level security policies in our database
• Regular security audits and testing
• Access controls and authentication requirements
• Secure payment processing through PCI-compliant providers

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses approved by the European Commission.

11. Cookies and Tracking

We use essential cookies to enable core functionality of the Service. We do not use advertising or tracking cookies. You can control cookies through your browser settings.

12. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn we have collected such information, we will delete it promptly.

13. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read their privacy policies.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through the Service. The updated policy will be effective when posted.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]
Data Protection Officer: [email protected]

16. Supervisory Authority

If you are in the EEA and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.

In Ireland, this is the Data Protection Commission:
www.dataprotection.ie