Privacy Policy

How we collect, use, and protect your information

Last updated: July 7, 2025

Our Commitment to Your Privacy

GhostPOV is built with privacy as a fundamental principle. We collect only the information necessary to provide our services, never sell your data, and maintain complete transparency about our practices.

We may use privacy-focused analytics provided by our hosting platform (Vercel) to monitor traffic and improve performance. These analytics do not collect personal or advertising-related data.

1. Information We Collect

1.1 Account Information

When you create an account with GhostPOV, we collect the following information:

Your email address (required for all sign-up methods)
Your name and profile image (when using Google or GitHub OAuth)
Your password (for email sign-up only, encrypted and stored securely)

1.2 Usage Data

To provide our core services, we store:

Echo posts you create and their content
Anonymous feedback received on your posts
AI-generated insights and summaries you request
Basic usage statistics to improve our service

1.3 Technical Information

We automatically collect certain technical information when you use our service:

IP address and general location information
Browser type and version
Device information and operating system
Pages visited and features used

2. How We Use Your Information

We use your information solely for the following purposes:

2.1 Service Provision

Provide and maintain the GhostPOV platform
Process and deliver anonymous feedback
Generate AI-powered insights and summaries
Manage your account and preferences

2.2 Security and Authentication

Authenticate your identity and secure your account
Prevent fraud and abuse
Provide spam and abuse filtering for premium users
Monitor for suspicious activities

2.3 Payment Processing

Process payments through our trusted partner Razorpay
Manage subscription status and billing
Send payment confirmations and receipts

2.4 Service Improvement

Analyze usage patterns to improve our platform
Develop new features and functionality
Ensure optimal performance and reliability

3. Data Storage and Security

3.1 Data Storage

Your data is stored securely using industry-standard cloud infrastructure provided by MongoDB Atlas. We rely on industry-standard security measures and practices to ensure your information is protected.

3.2 Security Measures

We implement comprehensive security measures to protect your information:

End-to-end encryption for all data transmission
Secure password hashing using industry-standard algorithms
Regular security audits and vulnerability assessments
Multi-factor authentication for administrative access
Automated backup and disaster recovery systems

3.3 Payment Security

We do not store any payment card information on our servers. All payment transactions are securely processed by Razorpay, which is PCI DSS compliant and maintains the highest standards of payment security.

4. Data Sharing and Disclosure

4.1 Third-Party Services

We integrate with the following trusted third-party services:

Google OAuth: For authentication (email, name, profile image)
GitHub OAuth: For authentication (email, name, profile image)
Razorpay: For payment processing
Vercel: For hosting and analytics
MongoDB Atlas: For secure data storage

4.2 Data Sharing Policy

We do not sell, rent, or share your personal information with third parties for marketing purposes. We may share your information only in the following circumstances:

With your explicit consent
To comply with legal obligations or court orders
To protect our rights, property, or safety
In connection with a business transfer or acquisition

4.3 International Transfers

We use secure cloud services like MongoDB Atlas to store your data. These servers might be located in different countries — not just your own. That means your information may be transferred and stored outside your home country.

5. Your Rights and Data Control

5.1 Access and Portability

View all your stored data through your account dashboard
Request a complete copy of your data

5.2 Modification and Deletion

Delete your account at any time
Delete individual echo posts and associated data
Modify your email address (for email-based accounts)
Change your password and security settings

5.3 Account Deletion

When you delete your account, all your data including echo posts, received feedback, AI summaries, and account information are permanently removed from our database and servers. This action is irreversible.

6. Cookies and Tracking

6.1 Essential Cookies

We use only essential cookies that are necessary for the core functionality of our service:

Authentication cookies to maintain your login session
Security cookies to prevent unauthorized access

6.2 No Tracking Policy

We do not use cookies for tracking, advertising, or behavioral analysis. We do not implement third-party tracking scripts or pixels that could compromise your privacy.

7. Data Retention

7.1 Retention Periods

Account data: Retained while your account is active
Echo posts and feedback: Retained until you delete them or your account
Payment records: We do not collect or store your payment details. All transactions are securely processed by Razorpay.
Technical logs: We do not retain technical logs beyond what is necessary for immediate operation of the service.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will:

Notify you of any material changes via email
Update the “Last updated” date at the top of this policy
Post changes prominently on our website
Provide at least 30 days notice before significant changes take effect

9. Contact Us

If you have any questions about this Privacy Policy, your data, or our privacy practices, please contact us at: privacy@ghostpov.xyz

We aim to respond to all inquiries within 24-72 hours during business days.

This Policy is effective as of July 7, 2025.