Privacy Policy

1. Introduction

Welcome to Spread Suite ("we," "our," or "us"). We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website spreadsuite.llc and use our services.

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when you:

• Create an account: Name, email address, password, phone number (optional), timezone
• Book a reading: Preferred dates/times, reading preferences, questions for the guide
• Make a payment: Payment information is processed securely by Stripe; we do not store full card details
• Communicate with us: Feedback, support requests, reviews
• Become an affiliate guide: Business information, availability, service offerings

2.2 Information Collected Automatically

When you access our website, we automatically collect:

• Device information: Browser type, operating system, device type
• Log data: IP address, access times, pages viewed, referring URL
• Cookies: Session cookies, preference cookies (see our Cookie Policy)

2.3 Information from Third Parties

We may receive information from:

• Payment processors: Transaction confirmations from Stripe
• Analytics providers: Aggregated usage data (if enabled)

3. How We Use Your Information

We use your personal data to:

• Provide and maintain our services
• Process bookings and payments
• Connect customers with affiliate guides
• Send booking confirmations and reminders
• Respond to your inquiries and support requests
• Improve our website and services
• Detect and prevent fraud or abuse
• Comply with legal obligations
• Send marketing communications (only with your consent)

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data based on:

• Contract: Processing necessary to fulfill our service agreement with you (e.g., processing bookings)
• Consent: Where you have given explicit consent (e.g., marketing emails, optional cookies)
• Legitimate Interest: For purposes like fraud prevention, security, and service improvement
• Legal Obligation: When required by law (e.g., tax records, legal requests)

5. Information Sharing

We do not sell your personal data. We may share your information with:

• Affiliate Guides: Your booking details and questions are shared with your chosen guide to provide the service
• Payment Processors: Stripe processes payments securely on our behalf
• Service Providers: Email providers, hosting services (under strict data protection agreements)
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In the event of a merger, acquisition, or sale of assets

6. Data Retention

We retain your data for as long as necessary to provide our services and comply with legal obligations:

• Account data: Until you delete your account (plus 30 days for processing)
• Booking records: 3 years for service quality and disputes
• Payment records: 7 years for tax compliance
• Security logs: 1 year for fraud prevention
• Marketing consent: Until you withdraw consent

After these periods, data is securely deleted or anonymized.

7. Your Rights (GDPR)

Under GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a portable format
• Object: Object to processing based on legitimate interest
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, visit your account settings or contact us at privacy@spreadsuite.llc.

You also have the right to lodge a complaint with your local data protection authority.

8. Cookies & Tracking

We use cookies for essential site functionality and, with your consent, for analytics and marketing. For detailed information, see our Cookie Policy.

You can manage your cookie preferences at any time by clicking the cookie settings link in our footer.

9. Data Security

We implement industry-standard security measures including:

• SSL/TLS encryption for all data in transit
• Encrypted password storage (bcrypt)
• Two-factor authentication for sensitive accounts
• Regular security audits and updates
• Access controls and monitoring
• Secure payment processing via PCI-compliant Stripe

While we strive to protect your data, no method of transmission over the Internet is 100% secure.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your own. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by the European Commission
• Transfers to countries with adequate data protection laws
• Binding corporate rules where applicable

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new policy on this page
• Updating the "Last Updated" date
• Sending an email notification for significant changes

We encourage you to review this policy periodically.

13. Contact Us

For any questions about this Privacy Policy or to exercise your data rights, contact us at:

For GDPR-specific requests, you may also visit our GDPR Rights page.