Privacy.

1. The TL;DR

The longer version below covers the legal specifics. If anything seems contradictory, the plain English version is what we actually do — write to us if you spot a gap.

2. What we collect

We collect the minimum needed to run the business. Specifically:

From every visitor

• Anonymous page-view counts (which pages got visited, in aggregate)
• Approximate location (country / region) inferred from IP
• Browser and device class (Safari mobile, Chrome desktop, etc.) for compatibility

From customers

• Name, email, business name (provided at checkout)
• Billing address (if your card requires it)
• Stripe-tokenized payment data (we never see your raw card number)

From people who email us

• Whatever you put in the email — we keep the thread for support history

3. What we don't collect

We deliberately don't collect things we don't need:

• No tracking pixels from ad networks. No Meta pixel, no Google Ads tag, no LinkedIn Insight tag.
• No third-party cookies for retargeting or behavioral advertising.
• No keystroke logging or session replay. We don't watch how you scroll.
• No phone number unless you give it to us. Phone capture is opt-in via your support emails.

4. Cookies & tracking

We use exactly two categories of cookies:

1. Session cookies set by Stripe during checkout. Required to complete a purchase.
2. A first-party preference cookie for things like your dark/light mode preference (when applicable).

For aggregate analytics, we use a privacy-preserving tool that doesn't set any personally identifiable cookies. No GDPR cookie banner is shown because we don't set the cookies that would require one.

5. Sharing & subprocessors

We share data only with vendors that help us deliver the product. Current list:

• Stripe — payment processing
• Postmark — transactional email (purchase receipts, install instructions)
• Cloudflare — CDN + DDoS protection
• Plausible / Fathom — privacy-preserving aggregate analytics (no personal data)

If we add a new vendor that touches your data, we'll update this page and email customers in advance. We'll also publish the change in our.

We don't share data for advertising. We don't sell data to third parties. We don't run partnership programs that involve sharing customer lists.

6. Retention & deletion

Customer records are kept for 7 years after your last purchase, primarily for tax and accounting requirements. Email support threads are kept for 24 months unless you ask us to delete sooner.

Anonymous analytics (page views, etc.) are kept for 12 months and then aggregated into long-term trend data with no per-visitor information.

If you ask us to delete your account, we delete:

• Email, name, business name, support history
• Account state from our internal tools

We retain redacted records of your purchases (date + amount, no name/email) for tax reasons, as required by law.

7. Your rights

You can:

• Request a copy of all data we have on you. Email us; we'll deliver within 30 days.
• Request deletion (with the tax-retention caveat above).
• Correct inaccuracies — just email and we'll fix.
• Opt out of marketing emails (transactional emails like receipts will still go out).

If you're in California, EU, or UK, additional regional rights apply (CCPA / GDPR / UK-GDPR). The above rights cover what those laws require, but if you want to invoke them by name, let us know — we'll process your request the same way.

8. Changes

We update this page when something material changes — a new subprocessor, a new data category, a new retention rule. The date at the top reflects the most recent change.

For substantive changes that affect your data, we email customers at least 30 days before the change takes effect.

9. Contact

Questions, requests, or concerns about your data: hi@skerva.com. Real human reply, typically within one business day.

If you're reporting a security issue or suspected breach, please use the same address and put "SECURITY:" in the subject so we can prioritize it.