Privacy Policy

1. Introduction

Organisatio ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

• Email address (for access codes and communications)
• Name (optional, for personalized communications)
• Payment information (processed securely by Stripe)
• IP address and device information

2.2 Automatically Collected Information

We automatically collect certain information when you visit our website:

• Browser type and version
• Operating system
• Pages visited and time spent
• Referring website
• Device information

3. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: To provide access to our process templates and frameworks
• Communication: To send access codes, confirmations, and support messages
• Payment Processing: To process payments securely through Stripe
• Analytics: To improve our website and services
• Legal Compliance: To comply with legal obligations

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

• Contract Performance: To fulfill our obligations when you purchase our services
• Legitimate Interest: To improve our services and prevent fraud
• Consent: For marketing communications (where applicable)
• Legal Obligation: To comply with applicable laws

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• Service Providers: With trusted third-party services (Stripe, Google Analytics, etc.)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger or acquisition

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption of data in transit and at rest
• Secure payment processing through Stripe
• Regular security assessments
• Access controls and authentication
• Data backup and recovery procedures

7. Data Retention

We retain your personal data only for as long as necessary:

• Account Data: Until you request deletion or for 7 years for tax purposes
• Access Codes: For the duration of your access period
• Analytics Data: For 26 months (Google Analytics standard)
• Payment Data: As required by financial regulations

8. Your Rights (GDPR)

Under GDPR, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a structured format
• Restriction: Limit how we process your data
• Objection: Object to certain types of processing
• Withdraw Consent: Withdraw consent where applicable

To exercise these rights, contact us at privacy@organisatio.com

9. Cookies and Tracking

We use cookies and similar technologies to:

• Remember your preferences
• Analyze website usage
• Improve user experience
• Provide personalized content

You can control cookies through your browser settings. However, disabling cookies may affect website functionality.

10. Third-Party Services

We use the following third-party services:

• Stripe: Payment processing (see Stripe Privacy Policy)
• Google Analytics: Website analytics (see Google Privacy Policy)
• Supabase: Database services (see Supabase Privacy Policy)
• Resend: Email delivery (see Resend Privacy Policy)

11. International Data Transfers

Your data may be transferred to and processed in countries outside your residence. We ensure appropriate safeguards are in place for such transfers, including:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions
• Other appropriate safeguards

12. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending an email notification
• Displaying a notice on our website

14. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@organisatio.com

15. Complaints

If you believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with your local data protection authority.