Privacy Policy: Your Data, Your Rights

Learn about how we collect, use, and protect your personal information.

1. Introduction

About The Board and This Policy

The Board is an AI agent plan management service that helps you create, manage, and monitor step-by-step plans for AI agents. This Privacy Policy explains how The Board ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use our services.

This policy applies to all The Board services, including our web application, MCP server and API services, landing page, and all related features. Your privacy is important to us, and we are committed to being transparent about our data practices.

Effective Date

This Privacy Policy is effective as of July 7, 2025. We will notify you of any changes and encourage you to review this policy periodically to stay informed about how we protect your information.

2. Information We Collect

Information You Provide Directly

  • Account Information: Email address, name, and profile information through Clerk authentication
  • Plan Content: Plan titles, descriptions, requirements, steps, progress reports, and other content you create
  • API Keys: Generated keys for external AI agent access to your account
  • Communications: Support emails, feedback, and correspondence with us

Important: Avoid including sensitive information (passwords, financial details, personal IDs) in your plans.

Information We Collect Automatically

  • Technical Data: IP address, browser type, operating system, pages visited, API calls, and activity timestamps
  • Cookies: Session management and authentication cookies essential for service functionality
  • Analytics: Anonymous visitor behavior data from Google Analytics on our landing page

Information from Third Parties

  • Clerk: Authentication data, email, name, verification status, and login information
  • Stripe: Subscription status and billing information (we don't receive credit card details)

We only receive the minimum information necessary from trusted third-party providers to operate our services.

3. How We Use Your Information

We use the information we collect to provide, maintain, and improve The Board's services. Our use of your information is directly related to delivering the AI agent plan management functionality you expect from our platform:

To Provide and Maintain the Service

  • Store and Display Plans: We store your plans, including descriptions, requirements, steps, and progress reports, so you can access and manage them through our web application
  • Enable API Access: We process API key authentication to allow your external AI agents to securely submit, retrieve, and interact with your plans
  • Process Authentication: We maintain secure user sessions and process login credentials through our Clerk integration to protect your account

To Enable AI Agent Functionality

  • Plan Interaction: We allow external AI agents to submit new plans, retrieve existing plans, and modify plan content using your API keys
  • Step-by-Step Guidance: We provide detailed instructions and context to AI agents as they execute plans, ensuring they stay on track with complex tasks
  • Progress Tracking: We monitor and record plan execution progress, allowing you to see which steps are completed, in progress, or pending

To Process Payments

We work with Stripe to manage subscriptions and premium features, including processing Pro plan upgrades, handling billing cycles, and managing subscription cancellations. This enables us to provide enhanced features like extended data retention and advanced plan editing capabilities.

To Improve the Service

We analyze usage patterns to understand how users interact with The Board, identify bugs and performance issues, develop new features, and optimize our platform for better user experience. This analysis helps us make informed decisions about product development and service improvements.

To Communicate

We use your contact information to send important service updates, security alerts, subscription notices, billing confirmations, and responses to your support requests. We only send communications that are necessary for service operation or that you have requested.

For Security

We monitor our systems for unauthorized access attempts, suspicious activity, potential abuse, and security threats. This includes analyzing log data, tracking failed authentication attempts, and implementing measures to protect your account and data.

4. How We Share and Disclose Information

Third-Party Service Providers

We share minimum necessary information with trusted service providers to operate The Board:

  • Clerk: Authentication and account data for secure login services
  • Stripe: User ID only for payment processing (no personal details shared)
  • Google Analytics: Anonymous usage statistics from our landing page
  • Deno Deploy: Backend hosting for plan data and API processing
  • Cloudflare Pages: Web application hosting and content delivery
  • Surreal Cloud: Database hosting for your plans and account information

External AI Agents

Important: API keys give AI agents full access to your plans and data.

When you generate API keys, authorized AI agents can read, create, and modify all your plan content. AI agents operate independently and may make unpredictable changes. You are responsible for managing your API keys, monitoring AI agent activity, and revoking access when needed.

Legal Requirements

We may disclose information when required by law, to protect our rights and users' safety, or to investigate security threats. We disclose only the minimum necessary information and notify users when legally permitted.

Business Transfers

In mergers, acquisitions, or asset sales, your information may be transferred to the acquiring party. We ensure they agree to treat your information according to this Privacy Policy or provide notice of changes.

5. Data Security

Protecting your information is a top priority for The Board. We implement multiple layers of security measures to safeguard your data, though we recognize that no security system can provide absolute protection.

Security Measures We Implement

  • HTTPS Encryption: All data transmitted between your device and The Board is protected using HTTPS encryption, ensuring that your information is secure while in transit across the internet.
  • Access Controls and Authentication: We use Clerk's robust authentication system to control access to your account, including secure login processes, password management, and account verification measures.
  • API Key Authentication: External AI agent access is strictly controlled through secure API key authentication, ensuring that only authorized agents with valid keys can interact with your data.
  • Regular Security Updates: We maintain our systems with current security patches and updates to protect against known vulnerabilities and emerging threats.
  • Infrastructure Security: Our hosting partners (Deno Deploy, Cloudflare Pages, Surreal Cloud) implement industry-standard security measures including firewalls, intrusion detection, and access monitoring.

Data Storage Security

Current Status: We are committed to implementing encryption for data stored in our database to provide an additional layer of protection for your plan content and personal information. This enhancement is part of our ongoing security improvements.

Currently, your plan data is stored in plain text format in our database. While we implement access controls and work with secure hosting providers, this means that anyone with authorized database access could potentially read your plan content.

Security Limitations and Your Role

Important: No security system is perfect, and we cannot guarantee absolute security of your information. Potential risks include system vulnerabilities, unauthorized access attempts, and unforeseen security breaches despite our protective measures.

Your Security Responsibilities: You play a crucial role in maintaining security by using strong passwords, keeping your API keys confidential, not sharing login credentials, and avoiding the inclusion of highly sensitive information in your plans.

Incident Response

In the event of a suspected security breach that may affect your personal information, we will investigate promptly and notify affected users as required by applicable law, along with steps we're taking to address the situation.

6. API Keys and External Access

API keys are the primary mechanism that allows external AI agents to access and interact with your plans on The Board. Understanding how API keys work and your responsibilities for managing them is essential for maintaining security and controlling access to your data.

API Key Functionality

Full Access Authorization: API keys provide comprehensive access to your plans for external AI agents. This includes the ability to read all existing plans, create new plans, modify plan content, update step statuses, and perform nearly any action you can perform through the web interface.

When you generate an API key, you are essentially creating a secure credential that acts as your authorization for external AI agents to operate on your behalf within The Board ecosystem.

API Key Management

  • Creation: You can create new API keys at any time through your account settings page. Each API key is unique and tied specifically to your account.
  • Viewing: You can view your active API keys in your settings to monitor which keys are currently authorized to access your account.
  • Revocation: You have the ability to revoke any API key immediately, which will terminate all access for AI agents using that key. Revoked keys cannot be reactivated.
  • Regular Review: We recommend regularly reviewing your active API keys and revoking any that are no longer needed or may have been compromised.

Security Requirements

Security Warning: Keep your API keys secure and confidential. Do not share them publicly, embed them in client-side code, or include them in public repositories.

API keys should be treated with the same level of security as your account password. If an API key is compromised, unauthorized parties could access and modify your plans, potentially causing data loss or unwanted changes.

Access Monitoring and Logging

For security and troubleshooting purposes, we log all API access including which API key was used, what actions were performed, and when they occurred. This logging helps us monitor for suspicious activity and provides you with accountability for actions taken through your API keys.

Your Responsibility

Important: You are fully responsible for all actions taken using your API keys, whether those actions were authorized by you or performed by compromised credentials. This includes any data modifications, plan creations, or other activities performed by AI agents using your keys.

We strongly recommend monitoring your plans for unexpected changes and maintaining careful control over which AI agents have access to your API keys.

7. Data Retention

We retain your information for different periods depending on the type of data and your subscription level. Our retention policies are designed to provide service functionality while respecting your privacy and complying with legal requirements.

Plan Data Retention by Subscription Level

Automatic Deletion: Plan data is automatically deleted based on your subscription level and cannot be recovered after deletion.

  • Free Plan: All plan data (including plan content, steps, progress reports, and related information) is automatically deleted after 24 hours. This short retention period allows you to experience The Board's functionality while maintaining minimal data storage.
  • Pro Plan: Plan data is automatically deleted after 30 days, providing extended time for plan execution and management while still maintaining regular data cleanup.

Important: These automatic deletion timelines cannot be extended or reversed. We recommend backing up any important plan information before these retention periods expire.

Account and Personal Data

  • Active Accounts: We retain your personal information, account details, and API keys while your account remains active. This data is necessary for providing our services and maintaining your account access.
  • Deleted Accounts: When you delete your account, we remove your personal data, account information, and any remaining plan content within 30 days. Some information may be retained longer if required by law or for legitimate business purposes.

User-Controlled Deletion

Plans and Content: When you manually delete plans or plan content through The Board interface, this information is deleted immediately from our active systems. However, this data may remain in backups or logs for a limited time as part of our system operations.

System and Security Data

  • Security and Access Logs: We retain security logs, access logs, and API usage logs for 90 days to monitor system security, investigate potential issues, and provide customer support.
  • Technical Logs: System performance and error logs may be retained for up to 90 days to maintain service quality and troubleshoot technical issues.

Legal and Compliance Requirements

Legal Holds: In some circumstances, we may be required to retain data longer than our standard retention periods due to legal obligations, ongoing legal proceedings, or regulatory requirements. In such cases, we will retain only the minimum data necessary to comply with these requirements.

We will resume normal data retention practices once any legal holds are lifted or legal requirements no longer apply.

Data Minimization

We follow the principle of data minimization and only retain information as long as necessary to provide our services, comply with legal obligations, and protect our legitimate business interests. We regularly review our retention practices to ensure compliance with this principle.

8. Your Rights and Choices

You have several rights and options for controlling your information and how it's used within The Board. These rights help ensure you maintain control over your data and privacy.

Access and Portability

  • View Your Data: You can access all your plans, plan content, progress reports, and account information through The Board web application at any time while logged into your account.
  • Data Export: We are developing data export functionality that will allow you to download your plan data in a portable format. This feature is coming soon and will enable you to backup or transfer your information as needed.

Correction

You can edit and update your information directly through The Board interface:

  • Plan Content: Modify plan descriptions, requirements, steps, and other plan details at any time
  • Profile Information: Update your account information and settings through your profile page
  • Real-Time Updates: Changes take effect immediately and are reflected across all your plans and account data

Deletion

You have comprehensive control over deleting your information:

  • Individual Plans: Delete specific plans at any time through the web interface. Deleted plans are removed immediately from active systems.
  • Account Deletion: Delete your entire account, which will remove all associated data within 30 days. You can initiate account deletion from your profile page.
  • Support Requests: Contact us at support@mcpboard.dev for assistance with data deletion or if you encounter any issues with the self-service deletion options.

API Access Control

Manage external access to your data through comprehensive API key controls:

  • View Active Keys: See all currently active API keys and when they were created in your account settings
  • Immediate Revocation: Revoke any API key instantly, which immediately terminates access for any AI agents using that key
  • Access Monitoring: Review API key usage and activity to understand how your data is being accessed

Communication Preferences

Control how and when we communicate with you:

  • Marketing Communications: You can opt out of marketing emails, product updates, and promotional communications through email unsubscribe links or by contacting us.
  • Service-Critical Communications: Some communications are essential for account security and service operation (such as security alerts, billing notifications, and Terms of Service updates) and cannot be opted out of while maintaining an active account.

Note: If you have questions about exercising any of these rights or need assistance, please contact us at support@mcpboard.dev.

9. International Data Transfers

The Board operates globally and may process your information in the United States and other countries where our service providers are located. This section explains how we handle international data transfers and the protections we put in place.

Cross-Border Data Processing

Your information may be processed and stored in the United States and other countries where The Board or our service providers operate. This includes data processed by:

  • Deno Deploy: Backend and MCP server hosting (may involve international data centers)
  • Cloudflare Pages: Global content delivery network for web application hosting
  • Surreal Cloud: Database hosting services
  • Clerk: Authentication services
  • Stripe: Payment processing services

Data Protection Standards

When we transfer your information to countries outside your jurisdiction, we ensure appropriate safeguards are in place to protect your data. These safeguards may include:

  • Standard Contractual Clauses: We use standard contractual clauses approved by relevant regulatory authorities where required to ensure adequate protection for international data transfers.
  • Service Provider Agreements: Our contracts with international service providers include data protection obligations and requirements for handling your information securely.
  • Regulatory Compliance: We work with service providers who comply with applicable international data protection standards and regulations.

Your Consent

By using The Board, you acknowledge and consent to the transfer and processing of your information in the United States and other countries where we or our service providers operate. These countries may have different data protection laws than your country of residence.

If you have concerns about international data transfers, please contact us at support@mcpboard.dev to discuss your specific situation.

10. Children's Privacy

The Board is committed to protecting the privacy of children. We recognize the importance of safeguarding children's personal information and comply with applicable laws regarding children's privacy, including the Children's Online Privacy Protection Act (COPPA) and the General Data Protection Regulation (GDPR).

Age Restrictions

The Board is not intended for use by children:

  • United States and other jurisdictions: Our services are not directed to children under the age of 13
  • European Union: Our services are not directed to children under the age of 16
  • Other jurisdictions: We comply with applicable local age restrictions for online services

If you are under the applicable age limit in your jurisdiction, you may not create an account or use The Board without explicit parental or legal guardian consent and supervision.

No Knowing Collection

We do not knowingly collect, use, or disclose personal information from children under the applicable age limits. Our registration process is designed for adult users, and we do not specifically target advertising or marketing toward children.

The nature of our service—AI agent plan management—is typically used for professional, educational, or personal productivity purposes that are generally more relevant to adult users rather than children.

Parental Rights and Concerns

If you are a parent or legal guardian and believe that your child has provided personal information to The Board without your consent, please contact us immediately at support@mcpboard.dev. Include the following information in your message:

  • Your child's name and age
  • Your relationship to the child
  • Details about the account or information you believe was provided
  • Your preferred method of contact for follow-up

Our Response to Concerns

Upon receiving a verified report that we have collected personal information from a child under the applicable age limit without proper consent, we will:

  • Investigate the matter promptly and thoroughly
  • Delete the child's personal information from our systems as quickly as possible
  • Terminate any associated account
  • Take reasonable steps to prevent similar occurrences in the future

We take these concerns seriously and will respond to verified parental requests within a reasonable timeframe, typically within 48 hours of receiving a complete report.

Verification Process

To protect children's privacy and prevent fraudulent requests, we may require reasonable verification of a parent's or guardian's identity before taking action on requests related to children's information. This verification process helps ensure that only authorized individuals can make decisions about a child's personal information.

11. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information. This section explains your rights under the CCPA and how to exercise them.

Your California Privacy Rights

As a California resident, you have the following rights regarding your personal information:

Right to Know
  • Information Collection: You have the right to know what personal information we collect about you, including the categories of information, sources of collection, and business purposes for collection.
  • Information Sharing: You can request information about the categories of personal information we share and the categories of third parties with whom we share it.
  • Specific Information: You have the right to request the specific pieces of personal information we have collected about you.
Right to Delete

You have the right to request that we delete your personal information, subject to certain exceptions. We will honor deletion requests unless we need to retain the information for specific legal, business, or safety reasons as permitted by the CCPA.

Right to Opt-Out of Sale

Important: The Board does not sell your personal information to third parties. We do not engage in the sale of personal data as defined by the CCPA, so there is no need to opt-out of sales. We only share information with service providers as necessary to operate our business.

Right to Non-Discrimination

You have the right not to receive discriminatory treatment for exercising your CCPA rights. We will not deny you goods or services, charge different prices, or provide different quality of service based on your exercise of CCPA rights.

How to Exercise Your Rights

To exercise your CCPA rights, you can:

  • Access and Deletion: Use the tools available in your account settings to view or delete your information
  • Contact Us: Send a request to support@mcpboard.dev with "CCPA Request" in the subject line
  • Include Required Information: Provide sufficient information for us to verify your identity and locate your records

Verification Process

To protect your privacy and security, we will verify your identity before responding to CCPA requests. This may include:

  • Matching the information in your request with information we have on file
  • Requiring additional identifying information for sensitive requests
  • Using secure communication methods for response delivery

Response Timeline

We will respond to verified CCPA requests within 45 days of receipt. If we need additional time, we may extend this period by another 45 days and will notify you of the extension and the reason for it.

Categories of Information We Collect

For California residents, the categories of personal information we may collect include:

  • Identifiers: Email address, name, API keys
  • Internet Activity: Usage patterns, API calls, log data
  • Professional Information: Plan content, work-related data you provide
  • Commercial Information: Subscription status, payment history

12. European Privacy Rights (GDPR)

If you are located in the European Union (EU), European Economic Area (EEA), or the United Kingdom, the General Data Protection Regulation (GDPR) and similar laws provide you with enhanced rights regarding your personal data. This section explains our legal bases for processing your data and your rights under GDPR.

Legal Bases for Processing

We process your personal data under the following legal bases as defined by GDPR:

  • Consent: When you provide explicit consent for specific processing activities, such as marketing communications or optional features. You may withdraw consent at any time.
  • Contract: Processing necessary to perform our contract with you, including providing The Board services, managing your account, processing payments, and enabling AI agent interactions through API keys.
  • Legitimate Interests: Processing for our legitimate business interests, such as security monitoring, fraud prevention, service improvement, and system maintenance, while ensuring these interests don't override your fundamental rights and freedoms.
  • Legal Obligation: Processing required to comply with applicable laws, regulations, court orders, or other legal requirements.

Your Rights Under GDPR

As an EU/EEA/UK resident, you have the following rights regarding your personal data:

Access and Information Rights

You can request confirmation of whether we process your personal data and obtain access to that data, including information about processing purposes, data categories, recipients, and retention periods.

Correction and Completion Rights

You can have inaccurate personal data corrected and incomplete data completed. Most information can be updated directly through your account settings.

Deletion and Restriction Rights

You can request deletion of your personal data when it's no longer necessary, consent is withdrawn, or processing is unlawful. You can also request processing restrictions in specific situations, such as when contesting data accuracy.

Data Portability and Transfer Rights

You can receive your personal data in a structured, machine-readable format and transmit it to another service. We are developing export functionality to support this right.

Objection Rights

You can object to processing based on legitimate interests or for direct marketing. We will stop processing unless we demonstrate compelling legitimate grounds that override your rights.

How to Exercise Your Rights

To exercise your GDPR rights, you can:

  • Account Settings: Access, correct, or delete information directly through your account
  • Email Request: Contact us at support@mcpboard.dev with "GDPR Request" in the subject line
  • Specify Your Request: Clearly indicate which right you wish to exercise and provide sufficient information for verification

Response Timeline

We will respond to GDPR requests within one month of receipt. In complex cases, we may extend this period by two additional months and will inform you of the extension and reasons for delay.

Data Protection Officer

For GDPR-related questions or concerns, you may contact our Data Protection Officer at support@mcpboard.dev.

Supervisory Authority

You have the right to lodge a complaint with your local supervisory authority if you believe our processing of your personal data violates GDPR. You can find your supervisory authority contact information at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

While you have the right to lodge a complaint with a supervisory authority, we encourage you to contact us first at support@mcpboard.dev so we can address your concerns directly.

Data Transfers

When we transfer your personal data outside the EU/EEA, we ensure appropriate safeguards are in place, including standard contractual clauses approved by the European Commission or other legally recognized transfer mechanisms.

13. Third-Party Links

The Board may contain links to third-party websites, services, or resources that are not owned or controlled by us. This section explains our relationship with these external sites and your responsibilities when using them.

Third-Party Websites and Services

Our service may include links to external websites or services, including:

  • Documentation and privacy policies of our service providers (Clerk, Stripe, Google Analytics)
  • Helpful resources, tools, or services that may benefit users
  • Support documentation or external help resources
  • Integration guides or related services

No Responsibility for Third Parties

We are not responsible for and do not control the content, privacy policies, security practices, or terms of service of any third-party websites or services that you may access through links on The Board. These external sites operate independently and have their own data handling practices.

When you click on a link to a third-party website, you are leaving The Board and will be subject to the privacy policy and terms of service of that external site. We do not endorse, monitor, or verify the accuracy, completeness, or reliability of any third-party content.

Your Responsibility

Before providing any personal information to third-party websites or services, we strongly recommend that you:

  • Review Privacy Policies: Read and understand the privacy policy of any third-party site before sharing personal information
  • Understand Terms of Service: Familiarize yourself with the terms of service and user agreements of external sites
  • Verify Security: Ensure that third-party sites use appropriate security measures to protect your information
  • Exercise Caution: Be selective about what personal information you share with external services

Disclaimer of Liability

We disclaim all liability for any loss, damage, or other consequences that may result from your use of third-party websites or services linked from The Board. This includes but is not limited to:

  • Privacy breaches or data misuse by third-party services
  • Financial losses resulting from third-party transactions
  • Security incidents on external websites
  • Accuracy or reliability of third-party content or services
  • Availability or functionality of linked external resources

Reporting Concerns

If you encounter broken links, inappropriate content, or have concerns about third-party links on The Board, please contact us at support@mcpboard.dev. While we are not responsible for third-party content, we appreciate feedback to help us maintain a quality user experience.

Changes to Third-Party Links

We may add, modify, or remove third-party links at any time without notice. The presence of a link does not constitute an endorsement of the linked site or its content, and we make no representations about the continued availability of any external resources.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other operational needs. This section explains how we handle policy updates and how you will be notified of changes.

When We May Update This Policy

We may modify this Privacy Policy for various reasons, including:

  • Changes to our data collection, use, or sharing practices
  • Updates to comply with new laws or regulations
  • Introduction of new features or services that affect data processing
  • Changes to our third-party service providers or business operations
  • Clarifications or improvements to policy language for better understanding

How We Will Notify You

For material changes that significantly affect your privacy rights or how we handle your personal information, we will notify you through one or more of the following methods:

  • Email Notification: We will send an email to the address associated with your account explaining the changes and their effective date.
  • Prominent Notice: We will display a prominent notice on The Board website or within the application alerting you to policy changes.
  • In-App Notification: We may display notifications within The Board interface when you log in or use the service.

For minor changes such as formatting updates, corrections, or clarifications that do not materially affect your rights, we may update the policy without advance notice.

Effective Date and Review

We will always indicate the "Last Updated" date at the top of this Privacy Policy. This date shows when the current version became effective and helps you determine if the policy has changed since your last visit.

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information. You can always find the most current version of our Privacy Policy at this page.

Your Acceptance of Changes

By continuing to use The Board after the effective date of any changes to this Privacy Policy, you indicate your acceptance of the revised policy. If you do not agree with the updated policy, you should discontinue your use of The Board and may delete your account as described in our terms.

For significant changes that substantially alter how we collect, use, or share your personal information, we may require your explicit consent before the changes take effect, particularly for users in jurisdictions with strict data protection requirements.

Previous Versions

If you would like to review previous versions of this Privacy Policy, please contact us at support@mcpboard.dev. We maintain records of previous policy versions to provide transparency about how our privacy practices have evolved over time.

Questions About Changes

If you have questions about any changes to this Privacy Policy or need clarification about how updates may affect you, please contact us at support@mcpboard.dev. We are committed to helping you understand your privacy rights and our data practices.

15. Data Processing Details

Automated Data Processing

We receive automated notifications from Clerk (for account changes) and Stripe (for subscription changes) to keep your account information current. These notifications are processed securely and logged for troubleshooting purposes.

Sensitive Data Categories

Important: Do not include sensitive personal data in your plans.

We do not intentionally collect sensitive data such as health information, financial details, biometric data, government IDs, or personal identifiers. Since plan data is stored in plain text, avoid including sensitive information in your plan content.

User Recommendations

  • Keep plan content focused on tasks and processes, not sensitive details
  • Review plan content before sharing API keys with AI agents
  • Contact us at support@mcpboard.dev with data processing questions

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, we're here to help.

Contact Methods

General Questions: support@mcpboard.dev
Use this for questions about this Privacy Policy, data collection, or your privacy rights.

Privacy Rights Requests: support@mcpboard.dev
Use this for data access, correction, deletion, or portability requests. Include "CCPA Request" or "GDPR Request" in the subject line if applicable.

For Privacy Rights Requests, please include:

  • Your full name and account email address
  • Clear description of your request
  • Any information to help us locate your records

Response Times

  • General Questions: 3-5 business days
  • Privacy Rights Requests: 30 days (may be extended)
  • CCPA/GDPR Requests: 45 days/1 month respectively (with possible extensions)
  • Children's Privacy Concerns: 48 hours for verified concerns

Important Notes

All privacy communications are handled via email only. We may verify your identity before responding to certain requests to protect your personal information. We maintain records of privacy communications for follow-up and legal compliance.