Privacy Policy
Last updated: June 20, 2024.
How We Protect Your Privacy
on modul.day and when you use our services
Modul offers many services to help you manage your daily life. As part of operating our services, we collect data about you and your business. This data is not only essential for the functioning of our services but also for the security of our services and all our users.
This policy explains what information is collected, why it is collected, and how we use it.
The Information We Collect
Most of the personal data we collect is directly provided by our users when they sign up and use our services. Other data is collected by recording interactions with our services.
Account Data & Contact Information: When you register on our website to use our product or complete one of our contact forms, you voluntarily provide us with certain information. This usually includes your name, your company's name, your email address, and sometimes your phone number, your postal address (when an invoice is required), and a personal password.
We never record or store our customers' credit card information and always use trusted third-party payment processors (Stripe) to handle credit card transactions, including recurring payments.
Browser Data: When you visit our website and access our online services, our servers also passively record a summary of the information sent by your browser for statistical, security, and legal purposes: your IP address, the date and time of your visit, your browser version and platform, and the web page that directed you to our website.
Your browser may also be used to store and retrieve your current session data using a session cookie.
User Data: When you create an account on modul.day, we store all the data submitted to our database; any information or content you submit or upload to our database belongs to you, and you have full control over it.
The other sections of this policy explain:
- how we process this data,
- how long we retain it,
- how you can access or request the deletion of this data,
- and which third-party service providers are involved.
How We Use This Information
Account Data & Contact Information: We use your contact details to provide our services, respond to your inquiries, and for billing and account management purposes. We may also use this information for marketing and communication purposes (our marketing messages always include an option to unsubscribe at any time). We also use this data in an aggregated/anonymized form to analyze service trends.
Browser Data: This automatically recorded data is analyzed anonymously to maintain and improve our services.
Client Databases: We collect and process this data only on your behalf, to perform the services you have subscribed to and based on the instructions you explicitly provided during the registration or configuration of your Modul service and database.
Our support teams and engineers may access this information in a limited and reasonable manner to resolve any issues related to our services or to assist you upon your explicit request, if required by law, or to ensure the security of our services.
Access, Update, or Delete Your Personal Data
Account Data & Contact Information: You have the right to access and update the personal data you previously provided to us. You can do this at any time by logging into your personal account on modul.day. If you wish to permanently delete your account or personal data for legitimate reasons, please contact our team at [email protected] to make the request. We will take all reasonable steps to permanently delete your personal data unless we are required to retain it for legal reasons (usually for administration, billing, and tax reporting purposes).
Other sections of this policy explain:
- what is recorded,
- how we process this data,
- how long we retain it,
- and which third-party service providers are involved.
Security Retention Period: We retain a copy of your data in our backups for security reasons, even after it has been deleted from our live systems. Contact [email protected] for more details.
Security
We recognize the importance and sensitivity of your personal data and implement numerous measures to ensure that this data is processed, stored, and preserved securely against data loss and unauthorized access.
Third-Party Service Providers / Subcontractors
We use several service providers to support our operations. They help us with various services, such as payment processing, web analytics, cloud hosting, marketing, and communication.
Whenever we share data with these service providers, we ensure they use it in accordance with data protection laws, and the processing they perform for us is limited to our specific purpose and is covered by a specific data processing agreement.
Below is a list of the service providers we currently use, why we use them, and what type of data we share with them.
A. Subcontractors
These third-party service providers process data for which Modul is the data controller or processor on behalf of Modul.
Important: Due to the significant variability of resources and services provided by these subcontractors, Modul customers cannot choose which subcontractor will be used to process their data.
| Subcontractors | Purpose | Shared Data |
|---|---|---|
| Vercel | Infrastructure and hosting of modul.day. | Currently hosted by Vercel: Production data of modul.day and its affiliated services, browsing data on the site. |
| Supabase | Data storage | Shared with Supabase: All data entered on Modul, login, files, etc. |
| Posthog | Analytics |
B. Data Controllers and Third-Party Processors
These third-party service providers process data for which Modul is the data controller, as processors on behalf of Modul, or they receive such data as data controllers, for the specific purpose of performing the services they were engaged for.
| Service Provider | Purpose | Shared Data |
|---|---|---|
| Stripe | Payment processing on modul.day. | Shared with Stripe: Order details (amount, description, reference), customer name and email. |
| Only stored by Stripe: Credit card information. | ||
| CloudFlare | Distributed caching of static resources and images on modul.day. | Used by CloudFlare: Browser and device characteristics, CloudFlare cookies. |
| FormBrick | Form management. | Management of data submitted via satisfaction forms on Modul. |
| Resend | Email management. | For sending marketing emails, or for managing your account. |
C. Login
To facilitate the login process, we rely on third-party services at Modul.
| Service Provider | Purpose | Shared Data |
|---|---|---|
| Login using a Google account. | Retrieved by Modul: using Google to log in to Modul involves sharing the first and last name registered on Google, the email address, and the link to the profile picture. These data are stored by our provider Supabase. We only make the user’s name and profile picture public. In accordance with Google's recommendations. |
Data Retention
Account Data & Contact Information: We retain this data only for as long as necessary to fulfill the purpose for which it was collected, as stated in this policy, including any legal retention periods or the time necessary to pursue a legitimate and reasonable promotion of our products and services.
Browser Data: We may retain this data for up to 12 months, unless we need to keep it in relation to a legitimate concern regarding the security or performance of our services or if required by law. Any session information on the server side is retained only for 3 months when actively used, otherwise, it is deleted after 7 days.
Client Data: We retain this data only for as long as necessary to provide the services you have subscribed to. For Modul hosted data, if you cancel the service, your data is immediately destroyed upon your explicit request.
Security Retention Period: According to our security policy, we strive to protect your data from accidental or malicious deletion. Therefore, after we have deleted your personal data (Account Data & Contact Information) from our database upon your request or after you have deleted personal data, the data is not immediately removed from our backup systems, which are secure and immutable. Personal data may be retained for up to 12 months in these backups, until their automatic destruction.
We commit not to use these backup copies of your deleted data for any purpose other than maintaining the integrity of our backups unless required by you or the law.
Location of Physical Data / Data Transfers
Hosting Services
Hosting Locations:
- Americas: United States
- Europe: Germany, France
Backup Locations: Backups are replicated across multiple continents to meet our disaster recovery objectives and are located in the following countries, regardless of the original hosting region:
- United States
- France
- Germany
Note: It is not possible to choose or restrict backup locations. Hosting data only within the EU is not supported.
International Staff
In some cases, the personal data mentioned in this privacy policy may be accessed by Modul staff in other countries. This access will always be performed for the same purposes and with the same privacy and security precautions as if it were carried out by our local staff, ensuring that all the guarantees we provide remain applicable.
Disclosure to Third Parties
Unless explicitly stated otherwise, we do not sell, trade, or transfer your personal data to third parties. We may share or disclose aggregated or de-identified information for research purposes or to discuss trends or statistics with third parties.
Cookies
Cookies are small pieces of text sent by our servers to your computer or device when you access our services. They are stored in your browser and later sent back to our servers so that we can provide contextual content. Without cookies, using the web would be a much more frustrating experience. We use them to support your activities on our website, such as your session (so you don’t have to log in again) or your cart.
Cookies are also used to help us understand your preferences based on your previous or current activity on our website (the pages you visited), your language, and country, which enables us to provide improved services. We also use cookies to help us compile aggregate data about site traffic and interaction, so we can offer better experiences and tools in the future.
We also use third-party services such as Google Analytics, which set and use their own cookies to identify visitors and provide their own contextual services.
Here is an overview of the cookies that may be stored on your device when
you visit our website:
| Cookie Category | Purpose | Cookies |
|---|---|---|
| Session & Security | Authenticate users, protect user data, and enable the website to provide the services that users expect. | sb-...-auth-token sb-...-auth-token-code-verifier |
| Posthog | ph_phc_4URI...NcakHo_posthog ph_phc_QmU7iQyt...3Qg1we_posthog |
You can set your computer to warn you each time a cookie is being sent, or you can choose to disable all cookies. Each browser is slightly different, so check your browser's Help menu to learn the correct way to modify your cookies or refer to the following links.
We currently do not support the Do Not Track feature, as there is no industry standard for compliance.
Policy Updates
We may update this privacy policy to clarify, reflect any changes on our website, or comply with legal obligations. The "Last updated" mention at the top of the policy indicates the latest revision, which is also the effective date of these changes. We provide access to all archived versions of this policy, so you can see the changes.
Contact Us
If you have any questions about this Privacy Policy or your personal data, please feel free to contact [email protected].