Back to home

Privacy Policy

Last updated: April 13, 2026

1. Information We Collect

We collect the following types of information:

  • Account Information: Name, email address, and password hash when you create an account
  • Usage Data: Pages created, features used, and interaction patterns
  • Payment Information: Processed securely by Stripe — we do not store credit card numbers
  • Third-Party Data: Product data scraped from URLs you provide (AliExpress, Shopify)
  • Technical Data: IP address, browser type, and device information for security

2. How We Use Your Information

  • To provide and maintain the Service
  • To process payments and manage subscriptions
  • To generate AI-powered content based on your requests
  • To send important service notifications
  • To detect and prevent fraud and abuse
  • To improve the Service and user experience

3. Data Storage and Security

Your data is stored in PostgreSQL databases hosted on secure cloud infrastructure. Sensitive data such as Shopify access tokens is encrypted using AES-256-GCM encryption. Passwords are hashed using bcrypt with a cost factor of 12. We implement rate limiting, account lockout, and CSRF protection to safeguard your account.

4. Third-Party Services

We integrate with the following third-party services:

  • Stripe: Payment processing — governed by Stripe's Privacy Policy
  • DeepSeek / OpenAI: AI content generation — product data is sent to generate content
  • Shopify: Store integration via OAuth — we store encrypted access tokens
  • Supabase: Database hosting — governed by Supabase's Privacy Policy

5. Cookies

We use essential cookies for authentication (session tokens) and security (CSRF state). We do not use third-party tracking cookies. You can manage cookie preferences through the cookie consent banner on our website.

6. Your Rights (GDPR)

If you are in the European Economic Area, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your personal data
  • Portability: Request your data in a machine-readable format
  • Objection: Object to processing of your personal data
  • Restriction: Request restriction of data processing

To exercise these rights, contact us at privacy@flashpage.net. We will respond within 30 days.

7. Data Retention

We retain your account data for as long as your account is active. If you delete your account, your personal data will be permanently removed within 30 days. Generated pages and content will be deleted immediately upon account deletion. We may retain anonymized usage analytics for product improvement.

8. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or a prominent notice on the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related inquiries, contact our Data Protection Officer at privacy@flashpage.net