1.1 Information You Provide to Us

When you create an account or use our Service, we may collect:

• Account Information: Name, email address, profile picture (provided via Google OAuth)
• URLs Submitted: URLs you enter for status checking and DNS propagation analysis
• Favorites: URLs you save to your favorites list
• Payment Information: Billing details processed through Stripe (we do not store credit card information directly)
• Communications: Information you provide when contacting customer support or providing feedback

1.2 Information Automatically Collected

When you access or use the Service, we automatically collect:

• Usage Data: Information about how you use the Service, including check history, timestamps, and frequency of use
• Device Information: Browser type, operating system, device type, and screen resolution
• IP Address: Your Internet Protocol (IP) address for rate limiting and security purposes
• Cookies and Similar Technologies: Session data, authentication tokens, and preferences (see Section 8)
• Log Data: Server logs including request/response data, error messages, and performance metrics

1.3 Information from Third-Party Services

• Google OAuth: Profile information (name, email, profile picture) when you sign in with Google
• Stripe: Payment and subscription status information

We use the information we collect for the following purposes:

• Provide the Service: Process URL checks, generate status reports, and provide DNS propagation data
• Account Management: Create and manage your account, authenticate users, and maintain user profiles
• Payment Processing: Process subscriptions, manage billing, and prevent fraud
• Personalization: Save your favorites, remember preferences, and customize your experience
• Rate Limiting: Enforce usage limits based on subscription tiers and prevent abuse
• Service Improvement: Analyze usage patterns, identify bugs, and enhance features
• Security: Detect and prevent unauthorized access, fraud, and other malicious activities
• Communication: Send service-related notifications, updates, and respond to inquiries
• Legal Compliance: Comply with legal obligations and enforce our Terms of Service
• Analytics: Understand user behavior, measure performance, and generate aggregate statistics

Storage Infrastructure: User data is stored securely using Amazon Web Services (AWS) DynamoDB, a fully managed NoSQL database service. AWS maintains SOC 2 Type II compliance and implements industry-standard security controls.

Data Location: Your data is primarily stored in the United States (US-East-1 region). By using the Service, you consent to the transfer and storage of your information in the United States.

Security Measures: We implement appropriate technical and organizational measures to protect your data, including:

• Encryption in transit using HTTPS/TLS protocols
• Encryption at rest for stored data
• Authentication and authorization controls
• Regular security audits and vulnerability assessments
• Access controls limiting data access to authorized personnel only
• Secure API endpoints with rate limiting and authentication

Data Retention: We retain your personal information for as long as your account is active or as needed to provide the Service. When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal, tax, or regulatory purposes.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but will notify you of any data breach as required by law.

We share your information with third-party service providers who assist us in operating the Service:

We do NOT sell your personal information to third parties. We only share data with service providers who are contractually obligated to protect your information and use it only for the purposes we specify.

We may also disclose your information when required by law, to protect our rights, or in connection with a business transfer (merger, acquisition, sale of assets).

If you are a resident of the European Economic Area (EEA), United Kingdom, or Switzerland, you have certain data protection rights under the General Data Protection Regulation (GDPR). We are committed to facilitating the exercise of these rights:

Exercising Your Rights: To exercise any of these rights, please contact us at snapitsaas@gmail.com. We will respond to your request within 30 days.

You also have the right to lodge a complaint with a supervisory authority if you believe we have violated your data protection rights.

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we collect
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (note: we do not sell personal information)
• Right to Non-Discrimination: Not be discriminated against for exercising your privacy rights

To exercise these rights, contact us at snapitsaas@gmail.com.

Data Export: You can request a copy of your data at any time by contacting us at snapitsaas@gmail.com. We will provide your data in JSON or CSV format within 30 days.

Account Deletion: To delete your account and all associated data:

1. Email us at snapitsaas@gmail.com with the subject "Account Deletion Request"
2. Include your account email address in the request
3. We will confirm your identity and process the deletion within 30 days

Upon deletion, we will permanently remove your account information, favorites, and usage history. Some data may be retained in backup systems for up to 90 days. Anonymized aggregate data may be retained for analytics purposes.

We use cookies and similar tracking technologies to enhance your experience. Cookies are small data files stored on your device that help us recognize you and remember your preferences.

Types of Cookies We Use:

• Essential Cookies: Required for authentication, session management, and core functionality
• Preference Cookies: Remember your language selection and other settings
• Security Cookies: Detect fraudulent activity and enforce rate limits
• Analytics Cookies: Help us understand usage patterns and improve the Service

Managing Cookies: Most web browsers allow you to control cookies through settings. However, disabling cookies may limit your ability to use certain features of the Service.

Local Storage: We use browser local storage to save your authentication token, rate limit data, and user preferences. This data is stored locally on your device and not transmitted to our servers except when necessary for authentication.

The Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at snapitsaas@gmail.com. We will delete such information from our systems promptly.

Your information may be transferred to and processed in the United States and other countries where our service providers operate. These countries may have data protection laws that differ from those in your country.

For users in the EEA, UK, or Switzerland, we ensure that adequate safeguards are in place for international transfers, including Standard Contractual Clauses approved by the European Commission.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Privacy Policy on this page
• Updating the "Last Updated" date at the top
• Sending an email notification to your registered email address (for significant changes)

Your continued use of the Service after such modifications constitutes your acceptance of the updated Privacy Policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to all privacy-related inquiries within 30 days.