Back to Home

Privacy Policy

Last updated: December 4, 2024 | Version: 1.0

1. Introduction

This Privacy Policy describes how Comment Mode ("we", "our", "us") collects, uses, and protects your personal information when you use our service.

We are committed to protecting your privacy and complying with applicable data protection laws, including GDPR and CCPA.

2. Data We Collect

We collect the following information to provide and improve our service:

  • Account Information: Email address, name, username
  • Site Data: URLs, slugs, optional passwords for sites
  • Comments/Notes: Feedback comments, screenshots, element selectors, page URLs
  • Activity Logs: Records of user actions (site creation, deletion, etc.)
  • Technical Data: IP addresses, browser information, device type, browser dimensions
  • Payment Information: Processed through Stripe (we do not store credit card details)
  • Team Data: Team memberships, invitations, roles

3. How We Use Your Data

We use your data for the following purposes:

  • Provide and maintain the Comment Mode service
  • Process payments and manage subscriptions
  • Send service-related communications (notifications, updates)
  • Provide customer support
  • Improve our service and develop new features
  • Comply with legal obligations
  • Prevent fraud and ensure security

4. Third-Party Services

We use the following third-party services to operate Comment Mode:

  • Firebase Authentication: User authentication and account management
  • Stripe: Payment processing and subscription management
  • Resend: Email delivery for notifications and magic links
  • Railway: Hosting and database services
  • IP Geolocation Services: ipapi.co and ip-api.com for location detection (optional feature)

These services have their own privacy policies and may process your data according to their terms. We ensure all third-party services are compliant with applicable data protection laws.

5. Data Storage and Security

Your data is stored securely using industry-standard encryption and security measures. We use:

  • HTTPS encryption for all data transmission
  • Encrypted database connections
  • Secure password hashing (bcrypt) for site passwords
  • Regular security audits and updates
  • Access controls and authentication requirements

Data is stored on servers provided by Railway, which may be located in various regions including the United States. We take reasonable steps to protect your data, but no method of transmission or storage is 100% secure.

6. Your Rights (GDPR/CCPA)

You have the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your account and data
  • Right to Data Portability: Export your data in a machine-readable format
  • Right to Object: Object to processing of your data
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Withdraw Consent: Withdraw consent for data processing
  • CCPA Rights: California residents have additional rights under CCPA

To exercise these rights, visit your Privacy Settings in your account or contact us at support@commentmode.com.

7. Cookies and Local Storage

We use the following cookies and local storage:

  • Authentication Cookies: Firebase authentication tokens (essential)
  • Local Storage: Site passwords, email for sign-in, preferences (essential for functionality)
  • Third-Party Cookies: Stripe payment processing (essential for payments)

For more details, see our Cookie Policy.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide the service. When you delete your account, we delete your data within 30 days, except where we are required to retain it for legal, tax, or regulatory purposes.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence, including the United States where our hosting provider (Railway) operates. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where required by law, to protect your data in accordance with applicable data protection regulations.

10. Children's Privacy

Our service is not intended for users under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at support@commentmode.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to the address associated with your account or through in-app notification. The "Last updated" date at the top of this page indicates when changes were made. Your continued use of Comment Mode after changes take effect constitutes acceptance of the updated policy.

12. Contact Information

For privacy-related questions, to exercise your rights, or to request access to or deletion of your data, please contact us:

Email: privacy@commentmode.com
Support Email: support@commentmode.com
Address: [Your Business Address - Please provide your business address for sole trader registration]

We aim to respond to all privacy inquiries within 5 business days.