1. Introduction

DiscussionStream ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web-based discussion platform.

2. Information We Collect

2.1 Personal Information

We collect information you provide directly to us, including:

• Account Information: Name, email address, password (encrypted)
• Profile Information: Profile picture, display name, and personalization preferences
• Discussion Content: Discussion titles, questions, comments, and other content you create
• Payment Information: Billing details processed through Stripe (we do not store payment card information)

2.2 Usage Information

We automatically collect certain information when you use our Service:

• Device Information: IP address, browser type, operating system
• Usage Data: Pages visited, features used, time spent on the Service
• Real-time Data: Socket.IO connection data for live features
• Log Data: Server logs, error reports, and performance data

2.3 Cookies and Tracking

We use cookies and similar technologies to enhance your experience, maintain your session, and analyze usage patterns. You can control cookie settings through your browser preferences.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Service
• Process transactions and manage subscriptions
• Send you technical notices, updates, and support messages
• Respond to your comments, questions, and requests
• Monitor and analyze usage patterns and trends
• Detect, prevent, and address technical issues and security threats
• Comply with legal obligations and enforce our Terms of Service

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We share information with trusted third-party service providers:

• Stripe: Payment processing and subscription management
• Cloudinary: Image storage and processing for profile pictures
• MongoDB Atlas: Database hosting and data storage
• Railway: Application hosting and infrastructure
• Vercel: Frontend hosting and content delivery
• Resend: Email delivery services

4.2 Legal Requirements

We may disclose your information if required by law or if we believe such action is necessary to comply with legal processes, protect our rights, or ensure user safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure.

• Data encryption in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Secure payment processing through Stripe

6. Data Retention

We retain your personal information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Account Data: Retained until account deletion
• Discussion Content: Retained until deleted by user or account closure
• Payment Records: Retained as required by law and accounting standards
• Usage Data: Typically retained for up to 2 years for analytics purposes

7. Your Rights and Choices

7.1 Access and Control

You have the right to:

• Access and update your personal information through your account settings
• Delete your account and associated data
• Export your discussion data
• Opt out of non-essential communications

7.2 GDPR Rights (EU Users)

If you are in the European Union, you have additional rights:

• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

7.3 CCPA Rights (California Users)

California residents have the right to:

• Know what personal information is collected
• Know whether personal information is sold or disclosed
• Say no to the sale of personal information
• Access their personal information
• Request deletion of personal information
• Equal service and price, even if privacy rights are exercised

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us: