Back to Home

AJAIA Privacy Policy

Effective Date: December 5, 2025

Last Updated: December 5, 2025

Introduction

This Privacy Policy describes how [LEGAL ENTITY NAME TO BE PROVIDED] ("AJAIA," "Company," "we," "us," or "our") collects, uses, shares, and protects your personal information when you use our AI-powered workflow automation platform, including our website at https://ajaia.subscriptionsense.com, desktop applications, browser extensions, APIs, and related services (collectively, the "Service").

We are committed to protecting your privacy and handling your personal information responsibly. Please read this Privacy Policy carefully to understand our practices. By using the Service, you consent to the collection and use of your information as described in this Privacy Policy.

⚠️ AI DISCLOSURE: AJAIA uses artificial intelligence (Anthropic's Claude) to process your data and generate content. When you interact with AJAIA's AI features, your data is transmitted to Anthropic for processing. See Section 11 for details.

Table of Contents

1. Information We Collect

We collect information in the following categories:

1.1 Information You Provide Directly

Data Category Specific Data Elements Purpose
Account Information Name, email address, password (hashed), organization name Account creation, authentication, communication
Billing Information Payment card details (processed by Stripe), billing address, transaction history Payment processing, invoicing, fraud prevention
Profile Information Job title, department, preferences, avatar Personalization, user experience
Support Communications Support tickets, emails, chat transcripts Customer support, service improvement
Feedback Surveys, feature requests, bug reports Product improvement

1.2 Information from Connected Platforms

When you connect Azure DevOps or Jira accounts, we access:

Data Category Specific Data Elements Purpose
Work Item Data Work item ID, title, type, state, description, acceptance criteria, story points, priority, tags, iteration path, area path AI analysis, epic breakdown, test case generation
Work Item Relationships Parent-child relationships, tested-by links, related items Context for AI analysis
Project Metadata Project name, organization URL, team information Service functionality
User Identifiers Assigned-to names, reporter names, user emails (from work items) Attribution in AI analysis
Comments and Attachments Work item comments, attached files (when you explicitly include them) Comprehensive analysis

Important: We access only the data necessary to provide requested functionality. We do not access your entire ADO/Jira instance—only the specific projects, work items, and data you explicitly connect or query.

Atlassian Compliance: In accordance with Atlassian Developer Terms Section 9, we do not sell, rent, license, or otherwise monetize End User Data obtained through Jira integrations.

1.3 Information Collected Automatically

Data Category Specific Data Elements Purpose
Device Information Device type, operating system, browser type and version, screen resolution Service optimization, troubleshooting
Usage Data Features used, actions taken, session duration, timestamps Analytics, product improvement
Log Data IP address, access times, pages viewed, errors encountered Security, debugging, performance monitoring
Performance Data Load times, error rates, crash reports Service reliability

1.4 Voice and Screen Data

Voice Input:

  • Voice recognition is processed locally on your device using Windows Speech Recognition API
  • No audio recordings are stored, transmitted to our servers, or retained
  • Only the resulting text transcript is sent to our servers for AI processing
  • Voice features are disabled by default and must be explicitly enabled
  • A visual indicator appears whenever voice recognition is active

Screen Captures:

  • Screenshots and recordings are captured only when you explicitly initiate them
  • A persistent visual indicator is displayed whenever screen recording is active
  • Screen recordings are limited to a maximum of 10 minutes per session
  • Captured content may be:
    • Sent to Anthropic for AI-powered visual analysis
    • Saved locally to your device at ~/Videos/AJAIA/ (user-controlled, disabled by default)
  • Enterprise policy checks are performed before capture to respect organizational restrictions
  • No automatic, scheduled, or background screen capture occurs
  • Local recordings remain on your device until you delete them; we do not access local files

Recording Consent Notice: By enabling voice or screen capture features, you consent to this processing. If you are located in a jurisdiction requiring all-party consent for recording (including California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania, and Washington), you represent that you have obtained any necessary consent from other parties before using these features in their presence or when their content may be captured.

Illinois BIPA Notice: Screen capture and voice features do not collect biometric identifiers (facial geometry, fingerprints, voiceprints, retina/iris scans, or other biometric data). We do not use facial recognition or voice biometrics. If we ever implement features that collect such data, we will provide separate written notice and obtain your explicit written consent before collection.

Enterprise Deployment Notice: If you deploy AJAIA to end users within your organization, you are responsible for:

  • Obtaining appropriate consent from end users for recording features
  • Complying with applicable workplace monitoring laws (including NY Labor Law §52-c, CT Gen. Stat. §31-48d, DE Code §19-7-705)
  • Providing required written notices to employees
  • Ensuring compliance with your organization's privacy policies

2. How We Use Your Information

We use your information for the following purposes:

2.1 Service Delivery

  • Providing and maintaining the Service
  • Processing work item analysis through AI
  • Generating user stories, test cases, and sprint plans
  • Authenticating users and managing accounts
  • Processing payments and managing subscriptions
  • Providing customer support

2.2 Service Improvement

  • Analyzing usage patterns to improve features
  • Identifying and fixing bugs and performance issues
  • Developing new features and services
  • Conducting research and analytics (using aggregated, de-identified data)

2.3 Communications

  • Sending transactional emails (account confirmations, receipts, password resets)
  • Sending service announcements and updates
  • Sending renewal reminders (30 days before annual renewal)
  • Sending marketing communications (only with your consent; you may opt out at any time)

2.4 Security and Compliance

  • Detecting and preventing fraud, abuse, and security threats
  • Enforcing our Terms of Service and Acceptable Use Policy
  • Complying with legal obligations
  • Responding to legal requests and protecting our rights

2.5 Personalization

  • Customizing your experience based on preferences
  • Remembering your settings across sessions
  • Providing relevant suggestions and recommendations

3. How We Share Your Information

We do not sell your personal information. We share your information only as described below:

3.1 Service Providers

We share information with third-party service providers who process data on our behalf:

Provider Purpose Data Shared Location
Anthropic AI processing Messages, work item data, screen captures (for AI analysis) United States
Stripe Payment processing Payment information, billing address United States
Vercel Hosting infrastructure All Service data United States (global edge)
Neon Database hosting Account data, configurations, metadata United States
SendGrid Email delivery Email addresses, email content United States

All service providers are bound by data processing agreements and are prohibited from using your data for any purpose other than providing services to us.

3.2 Azure DevOps and Jira

When you use integrations:

  • Your authentication tokens are stored encrypted in our database
  • We send queries to ADO/Jira on your behalf to retrieve work item data
  • We do not share your ADO/Jira data with any third party except Anthropic (for AI processing)
  • We do not sell, rent, or monetize ADO/Jira End User Data

3.3 Legal Requirements

We may disclose your information if required by law or if we believe in good faith that such disclosure is necessary to:

  • Comply with a legal obligation, subpoena, court order, or legal process
  • Protect and defend our rights or property
  • Prevent or investigate possible wrongdoing
  • Protect the personal safety of users or the public
  • Protect against legal liability

3.4 Business Transfers

If we are involved in a merger, acquisition, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website of any change in ownership or uses of your information.

3.5 With Your Consent

We may share your information for other purposes with your explicit consent.

4. Data Retention

4.1 Retention Periods

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy:

Data Type Retention Period Notes
User Account Until deletion request Permanently deleted upon verified request
All Associated User Data Until deletion request Deleted simultaneously with account via database cascade
Billing Records 7 years after transaction Required for tax and legal compliance
Audit Logs 730 days (2 years) or account deletion Deleted when account is deleted
Security Logs 730 days (2 years) or account deletion Deleted when account is deleted
Conversation History 365 days or account deletion Whichever occurs first
Usage Analytics 90 days (identifiable) Aggregated data may persist longer
Support Tickets 3 years after resolution For quality assurance
Anonymized/Aggregated Data Indefinite Cannot be linked to individuals

4.2 Account Deletion

Important: When you delete your account, all personally identifiable data is permanently and irreversibly deleted from our systems, including associated logs. We do not retain anonymized versions of account-linked data after deletion.

To delete your account:

  1. Navigate to Settings > Account > Delete Account
  2. Confirm your decision (this action is irreversible)
  3. Your data will be deleted within 30 days

Exception: We may retain certain data as required by law (e.g., billing records for tax compliance) or to resolve disputes, enforce agreements, or protect our legal rights. Such retained data will be minimized and securely stored.

4.3 Data Removal from AI Systems

When you delete your account:

  • Your conversations with our AI system are deleted from our servers
  • Data previously sent to Anthropic for processing is retained by Anthropic for up to 30 days for trust and safety purposes, then deleted
  • We cannot delete data from Anthropic's systems directly, but their retention is limited to 30 days

5. Data Security

5.1 Technical Safeguards

We implement industry-standard security measures to protect your data:

Security Measure Implementation
Encryption at Rest AES-256-GCM encryption for stored data
Encryption in Transit TLS 1.2+ for all data transmission
Password Security bcrypt hashing with 12 rounds; salted
Credential Storage Platform-specific secure storage (Windows Credential Manager, macOS Keychain)
Access Controls Role-based access; principle of least privilege
Authentication Secure session management; optional 2FA

5.2 Organizational Safeguards

  • Employee access to personal data is limited to those who require it for their job functions
  • Employees receive privacy and security training
  • Confidentiality agreements are required for all personnel
  • Regular security assessments and vulnerability testing
  • Documented incident response procedures

5.3 Compliance Status

  • SOC 2 Alignment: ~75% of SOC 2 Type II controls implemented
  • Formal SOC 2 Audit: Targeted for 2026
  • GDPR: Compliant (see Section 6.4 for details)
  • CCPA/CPRA: Compliant (see Section 14 for details)

5.4 Limitations

While we implement robust security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.

5.5 Security Incident Notification

In the event of a security incident involving unauthorized access to your personal data:

Notification Timeline:

  • We will notify affected users within 72 hours of confirming a breach involving personal data, consistent with GDPR Article 33 requirements
  • We will notify relevant supervisory authorities as required by law
  • For breaches affecting California residents, we will notify the California Attorney General if more than 500 residents are affected
  • We will comply with all applicable state breach notification laws

Notification Content:

  • Description of the incident and data categories affected
  • Approximate number of individuals and records affected
  • Likely consequences of the breach
  • Measures we have taken or propose to take
  • Contact information for our privacy team

Your Responsibilities: To help us respond effectively, please ensure your account email address is current. We cannot notify you of security incidents if your contact information is outdated.

6. Your Privacy Rights

6.1 Access and Portability

You have the right to:

  • Access the personal information we hold about you
  • Receive a copy of your data in a structured, machine-readable format
  • Request information about our data processing activities

How to Exercise: Navigate to Settings > Privacy > Export Data, or contact privacy@subscriptionsense.com.

6.2 Correction

You have the right to:

  • Correct inaccurate personal information
  • Complete incomplete personal information

How to Exercise: Update your information in Settings > Profile, or contact privacy@subscriptionsense.com.

6.3 Deletion

You have the right to:

  • Request deletion of your personal information
  • Delete your account and all associated data

How to Exercise: Navigate to Settings > Account > Delete Account, or contact privacy@subscriptionsense.com.

Exceptions: We may retain certain data as required by law or for legitimate business purposes (e.g., billing records, fraud prevention).

6.4 Additional Rights for EU/EEA Residents (GDPR)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation:

Lawful Basis for Processing (GDPR Article 6):

Processing Activity Lawful Basis Details
Account creation and management Contract (Art. 6(1)(b)) Necessary to provide the Service
Payment processing Contract (Art. 6(1)(b)) Necessary to fulfill subscription
AI analysis of work items Contract (Art. 6(1)(b)) Core Service functionality
Security logging and fraud prevention Legitimate Interest (Art. 6(1)(f)) Protecting users and Service integrity
Usage analytics for improvement Legitimate Interest (Art. 6(1)(f)) Improving Service quality
Marketing communications Consent (Art. 6(1)(a)) Only with explicit opt-in
Legal compliance Legal Obligation (Art. 6(1)(c)) Tax, regulatory requirements

Legitimate Interest Balancing: Where we rely on legitimate interests, we have conducted balancing tests to ensure our interests do not override your fundamental rights. You may request details of these assessments by contacting privacy@subscriptionsense.com.

Additional GDPR Rights:

  • Right to Object: You may object to processing based on legitimate interests
  • Right to Restrict Processing: You may request restriction of processing in certain circumstances
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw at any time
  • Right Not to Be Subject to Automated Decision-Making: See Section 11.3 for information about AI processing

Data Protection Officer: We have not appointed a formal DPO at this time. Privacy inquiries may be directed to privacy@subscriptionsense.com.

Response Time: We will respond to requests within 30 days (extendable by 60 days for complex requests, with notice).

6.5 Additional Rights for UK Residents

UK residents have rights equivalent to GDPR rights under the UK GDPR and Data Protection Act 2018. Contact us at privacy@subscriptionsense.com to exercise your rights.

6.6 Right to Lodge Complaints

If you believe we have violated your privacy rights, you have the right to lodge a complaint with a supervisory authority:

We encourage you to contact us first at privacy@subscriptionsense.com so we can address your concerns directly.

6.7 Data Portability and Export

You have the right to receive your personal data in a structured, commonly used, machine-readable format. To exercise this right:

  1. Log into your account and navigate to Settings > Privacy > Export Data
  2. Select the data categories you wish to export
  3. We will prepare your export within 30 days and notify you when it's ready
  4. Export files are provided in JSON format and remain available for download for 7 days

Available for Export:

  • Account information and preferences
  • Conversation history and AI interactions
  • Platform integration configurations (excluding tokens/credentials)
  • Usage analytics associated with your account

Not Available for Export (due to third-party terms or security):

  • Azure DevOps or Jira work item content (obtain directly from source platforms)
  • API credentials and authentication tokens
  • Derived analytics or aggregated insights

7. International Data Transfers

7.1 Data Location

Your data is primarily stored and processed in the United States. By using the Service, you consent to the transfer of your data to the United States.

7.2 Transfer Mechanisms

For transfers from the EU/EEA/UK to the United States, we rely on:

  • EU-US Data Privacy Framework: We [are certified under / rely on our service providers' certifications under] the EU-US Data Privacy Framework for applicable transfers
  • Standard Contractual Clauses (SCCs): We implement EU-approved Standard Contractual Clauses with our service providers as a backup transfer mechanism
  • Transfer Impact Assessments: We conduct Transfer Impact Assessments to evaluate the legal environment in recipient countries

7.3 Your Consent

By using the Service, you acknowledge that your data will be transferred to and processed in the United States, and you consent to such transfer. If you do not consent, you should not use the Service.

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Cookies Authentication, security, basic functionality Session / persistent
Functional Cookies Remembering preferences and settings Persistent
Analytics Cookies Understanding usage patterns (anonymized) Persistent

8.2 Third-Party Cookies

We may use third-party analytics services that place cookies on your device. These services help us understand how users interact with the Service.

8.3 Managing Cookies

You can manage cookies through your browser settings:

  • Chrome: Settings > Privacy and Security > Cookies
  • Firefox: Settings > Privacy & Security > Cookies
  • Safari: Preferences > Privacy > Cookies
  • Edge: Settings > Privacy & Security > Cookies

Note that disabling certain cookies may affect Service functionality.

8.4 Do Not Track

We do not currently respond to "Do Not Track" browser signals because there is no industry-standard interpretation. However, we do honor Global Privacy Control signals (see Section 8.5).

8.5 Global Privacy Control (GPC)

We honor Global Privacy Control (GPC) signals transmitted by your browser. When we detect a GPC signal:

  • We will treat it as a valid opt-out request for the sale or sharing of personal information
  • We will not use your data for cross-context behavioral advertising
  • The signal applies to the browser/device from which it is sent

To enable GPC, visit https://globalprivacycontrol.org for compatible browsers and extensions.

Note: Because we do not sell personal information or engage in cross-context behavioral advertising, GPC signals do not materially change how we process your data, but we honor them as a matter of best practice and legal compliance.

9. Children's Privacy

The Service is not intended for children under the age of 16 (or the age of digital consent in your jurisdiction, if higher). We do not knowingly collect personal information from children under 16.

If we learn that we have collected personal information from a child under 16, we will promptly delete that information. If you believe we have collected information from a child under 16, please contact us at privacy@subscriptionsense.com.

COPPA Notice (United States): We do not knowingly collect personal information from children under 13 as defined by the Children's Online Privacy Protection Act (COPPA). If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us immediately.

10. Third-Party Links and Services

The Service may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to third-party services.

We are not responsible for the privacy practices of third-party services. We encourage you to review the privacy policies of any third-party services you access through the Service.

Integrated Platforms: Your use of Azure DevOps and Jira through our integrations is also subject to Microsoft's and Atlassian's respective privacy policies. We recommend reviewing their policies:

11. AI-Specific Privacy Considerations

11.1 AI Interaction Disclosure

⚠️ IMPORTANT: When you use AJAIA's AI-powered features, you are interacting with Anthropic's Claude AI models. The AI assistant branded as "AJAIA" is an artificial intelligence system, not a human.

AI-generated content should be reviewed for accuracy before use, as responses may contain errors, inaccuracies, or reflect limitations in the AI's training data.

11.2 How AI Processing Works

When you use AI features, your data is processed as follows:

  1. Your Input: Your messages, work item data, and/or screen captures are collected
  2. Transmission: Data is transmitted securely (TLS 1.2+) to Anthropic's API
  3. Processing: Anthropic's Claude AI processes your input and generates a response
  4. Response: The AI response is returned to you through the Service
  5. Storage: Your conversation is stored in our database for continuity

What Anthropic Receives:

  • Your messages and prompts
  • Work item content from connected ADO/Jira (when you include it)
  • Screen captures (when you send them)
  • System context (your conversation history for that session)

What Anthropic Does NOT Receive:

  • Your account credentials or passwords
  • Your payment information
  • Data from unconnected platforms

11.3 Anthropic's Data Practices

Anthropic processes your data subject to their Usage Policy and Terms:

  • No Training on API Data: Anthropic does not use API customer data (including your data sent through AJAIA) to train their AI models
  • Retention Period: Anthropic retains API data for up to 30 days for trust and safety monitoring, then deletes it
  • Zero Retention Option: Enterprise customers may request zero data retention through separate arrangements
  • Safety Monitoring: Anthropic may review data to detect and prevent abuse, violations of their Usage Policy, and safety issues

For more information, see Anthropic's Privacy Policy at https://www.anthropic.com/privacy

11.4 Automated Decision-Making (GDPR Article 22)

AJAIA uses AI to:

  • Analyze work items and generate recommendations
  • Break down epics into user stories
  • Generate test cases and acceptance criteria
  • Provide sprint planning suggestions

This is NOT fully automated decision-making with legal or similarly significant effects. All AI outputs are suggestions that require human review and decision-making. The AI does not:

  • Make final decisions about your work items
  • Automatically modify your ADO/Jira data without your explicit action
  • Make decisions with legal or similarly significant effects on you

Human Oversight: You maintain full control over whether to accept, modify, or reject AI-generated suggestions. We recommend reviewing all AI outputs before implementation.

11.5 AI Output Accuracy

AI-generated outputs may:

  • Contain factual errors or "hallucinations"
  • Reflect biases present in training data
  • Be incomplete or outdated
  • Not be suitable for your specific context

You are responsible for reviewing AI outputs before use. Do not rely on AI outputs for consequential decisions without appropriate human professional oversight.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated Privacy Policy on our website with a new "Last Updated" date
  • Sending email notification to your registered email address at least 30 days before material changes take effect
  • Displaying a prominent notice within the Service

Your continued use of the Service after the effective date of any changes constitutes acceptance of the updated Privacy Policy. If you do not agree to any changes, you should stop using the Service before the changes take effect.

We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Inquiries:
privacy@subscriptionsense.com

General Support:
support@subscriptionsense.com

Legal Inquiries:
legal@subscriptionsense.com

Mailing Address:
[PHYSICAL ADDRESS TO BE PROVIDED]

Response Time: We aim to respond to all privacy inquiries within 30 days. For complex requests, we may extend this period by up to 60 days with notice.

14. State-Specific Disclosures

14.1 California Residents (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Categories of Personal Information Collected (in the preceding 12 months):

  • Identifiers (name, email, IP address)
  • Commercial information (transaction history, subscription status)
  • Internet activity (usage data, log data)
  • Professional information (job title, organization)
  • Inferences drawn from the above

Business Purposes for Collection:

  • Providing the Service
  • Processing payments
  • Customer support
  • Analytics and improvement
  • Security and fraud prevention
  • Legal compliance

Sale and Sharing of Personal Information:

We do NOT sell your personal information as defined by the CCPA.
We do NOT share your personal information for cross-context behavioral advertising.

Your California Rights:

  • Right to Know: Request disclosure of personal information collected, used, and shared
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out of Sale/Sharing: Not applicable (we do not sell/share)
  • Right to Limit Use of Sensitive Personal Information: Request limitation of sensitive PI use
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

How to Exercise Your Rights:

  • Email: privacy@subscriptionsense.com
  • Through your account: Settings > Privacy
  • We will verify your identity before processing requests
  • We will respond within 45 days (extendable by 45 days with notice)

Authorized Agents: You may designate an authorized agent to submit requests on your behalf. We may require verification that you authorized the agent.

California Shine the Light: California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing. We do not disclose personal information to third parties for direct marketing purposes.

14.2 Virginia Residents (VCDPA)

Virginia residents have rights under the Virginia Consumer Data Protection Act:

  • Right to confirm processing and access data
  • Right to correct inaccuracies
  • Right to delete personal data
  • Right to data portability
  • Right to opt out of targeted advertising, sale, and profiling

Contact privacy@subscriptionsense.com to exercise your rights. We will respond within 45 days.

14.3 Colorado Residents (CPA)

Colorado residents have rights under the Colorado Privacy Act:

  • Right to opt out of targeted advertising, sale, and profiling
  • Right to access, correct, and delete personal data
  • Right to data portability

We honor universal opt-out signals (including GPC) for Colorado residents. Contact privacy@subscriptionsense.com to exercise your rights.

14.4 Connecticut Residents (CTDPA)

Connecticut residents have rights under the Connecticut Data Privacy Act:

  • Right to access, correct, delete, and port personal data
  • Right to opt out of targeted advertising, sale, and profiling

We honor universal opt-out signals (including GPC) for Connecticut residents. Contact privacy@subscriptionsense.com to exercise your rights.

14.5 Indiana Residents (ICDPA)

Effective January 1, 2026

Indiana residents will have rights under the Indiana Consumer Data Protection Act:

  • Right to Confirm and Access: Confirm whether we process your data and access it
  • Right to Correct: Correct inaccuracies in your personal data
  • Right to Delete: Delete personal data you provided or we obtained
  • Right to Portability: Receive your data in a portable format (we may provide a representative summary instead of full copies in certain circumstances)
  • Right to Opt Out: Opt out of targeted advertising, sale of personal data, and profiling

Indiana-Specific Notes:

  • "Sale" Definition: Under Indiana law, "sale" requires monetary exchange. We do not sell personal data for money.
  • Response Time: We will respond to requests within 45 days (extendable by 45 days with notice)
  • Universal Opt-Out Signals: Indiana law does not require us to honor universal opt-out signals, but we honor GPC signals as a best practice
  • Appeals: If we deny your request, you may appeal by contacting privacy@subscriptionsense.com within 60 days

14.6 Texas Residents (TDPSA)

Texas residents have rights under the Texas Data Privacy and Security Act:

  • Right to confirm processing, access, correct, delete, and port personal data
  • Right to opt out of targeted advertising, sale, and profiling

We honor universal opt-out signals (including GPC) for Texas residents. Contact privacy@subscriptionsense.com to exercise your rights.

14.7 Other State Laws

We comply with all applicable state privacy laws. If you are a resident of a state with a comprehensive privacy law (including Montana, Oregon, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, Tennessee, Maryland, Minnesota, and others as they become effective), contact privacy@subscriptionsense.com to exercise your rights.

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.

Last Updated: December 5, 2025