Privacy Policy

Last updated: March 4, 2026

1. Overview

This Privacy Policy describes how Assay ("we", "us", "our") collects, uses, and protects information when you use assay.tools (the "Service"). We are committed to protecting your privacy and being transparent about our data practices.

2. Information We Collect

Information you provide

  • Email address — When you subscribe to our newsletter or submit feedback
  • Payment information — Processed by Stripe; we do not store credit card numbers
  • Feedback content — Messages submitted through the feedback form

Information collected automatically

  • IP addresses — For rate limiting and security
  • Request logs — API endpoints accessed, timestamps, user agents
  • API keys — For authenticated API and submission access

Information we do NOT collect

  • We do not use cookies for tracking or advertising
  • We do not use third-party analytics services
  • We do not sell or share your data with advertisers

3. How We Use Your Information

  • To provide and operate the Service
  • To process payments and deliver purchased reports
  • To send newsletter updates (only if you subscribed)
  • To respond to feedback and support requests
  • To enforce rate limits and prevent abuse
  • To improve the Service based on usage patterns

4. Data Sharing

We share data only with:

  • Stripe — Payment processing (email, payment details)
  • Railway — Infrastructure hosting (request logs)

We do not sell, rent, or trade your personal information to any third party.

5. Data Retention

  • Email subscriptions are retained until you unsubscribe
  • Feedback submissions are retained for up to 2 years
  • Payment records are retained as required by tax and accounting law
  • Server logs are retained for up to 90 days

6. Your Rights

All users

  • Request access to your personal data
  • Request deletion of your personal data
  • Unsubscribe from marketing emails at any time

EU/EEA residents (GDPR)

  • Right to access, rectification, and erasure
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority

California residents (CCPA)

  • Right to know what personal information is collected
  • Right to request deletion of personal information
  • Right to opt out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your rights

7. Security

We implement reasonable security measures to protect your data, including HTTPS encryption for all communications, secure credential storage, and access controls. However, no method of transmission or storage is 100% secure.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced on the website. Continued use of the Service constitutes acceptance of the updated policy.

9. Contact

For privacy-related requests or questions, contact us at hello@assay.tools.

To request data deletion, email us with the subject "Data Deletion Request" and we will respond within 30 days.