# Privacy Policy > **PLACEHOLDER — REQUIRES LAWYER REVIEW BEFORE LAUNCH** This template covers the data handling already implemented in the Poddly backend. A practising attorney must review and adapt before the marketing site goes live. ## What we collect - **Account**: email address (verified at signup), pricing plan, account status, timestamps. - **API keys**: SHA-256 hash + 12-character prefix only. We do not retain the secret material. - **Usage events**: per-request endpoint, status code, response time. Used for billing-period rollups and anomaly detection. - **IP addresses**: hashed with a secret pepper before storage. Used only for the per-IP signup throttle. Raw IPs are never persisted. ## Third-party processors - **Stripe** (US) — billing, subscriptions, payment-method storage, fraud screening (Stripe Radar). Stripe is a Stripe-Privacy-Shield signatory and a GDPR data processor under our DPA. - **Cloudflare** (US/global) — DDoS protection, edge rate-limiting, TLS termination. Cloudflare receives raw IP addresses at the edge; we never see them at our origin. - **Resend** (US) — transactional email delivery (verification, receipts, anomaly warnings). ## Your rights EU/UK/CA users may exercise all rights under GDPR / UK GDPR / CCPA: - **Access**: `GET /v1/me/export` returns a JSON snapshot of everything we hold for your account. - **Erasure**: `DELETE /v1/me` hard-deletes your account and all associated records. Stripe customer + invoice records persist there; cancel the subscription via the Customer Portal first. - **Rectification**: contact [email protected]. ## Retention - Account + API keys: until you delete the account. - Usage events: 90 days, then dropped from the partitioned table. - usage_daily rollups: indefinite (billing math + dashboard). ## Contact [email protected]