Privacy Policy

Last updated: March 2025

This Privacy Policy describes how Architects Software Solutions ("we", "us", "our"), based in Israel, collects, uses, and protects information when you use AnnoPro ("the Service").

1. Information We Collect

Account information: When you register, we collect your email address and a hashed (bcrypt) password. We never store your password in plain text.

Payment information: Payments are processed by Paddle.com. We do not store credit card numbers. Paddle shares with us a customer ID and subscription status.

License activation data: When the AnnoPro plugin validates your license, we collect and store your machine ID (Windows MachineGuid), hostname, and timestamps. This is used solely to enforce seat limits.

Usage data: We may collect basic server logs (IP address, request timestamps) for security and operational purposes.

2. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To process payments and manage your subscription
  • To send transactional emails (license key delivery, payment receipts)
  • To enforce license seat limits
  • To respond to support requests

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. Data Sharing

We share your data only with the following service providers, strictly to operate the Service:

  • MongoDB Atlas — database hosting (AWS infrastructure)
  • Paddle.com — payment processing and subscription management
  • Resend — transactional email delivery
  • Vercel — web hosting

All providers are contractually obligated to protect your data.

4. Data Retention

We retain your account and license data for as long as your account exists. Activation records are retained to audit seat usage. You may request deletion of your account and associated data at any time by emailing us.

5. Security

We implement industry-standard security practices including bcrypt password hashing, HTTPS-only communication, and environment-variable-based secret management. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Cookies

We use session cookies strictly for authentication purposes (managed by NextAuth.js). We do not use tracking or advertising cookies. You may disable cookies in your browser, but this will prevent you from logging in.

7. Your Rights

Depending on your location, you may have the right to access, correct, or delete your personal data. To exercise these rights, email us at yadidhadad@gmail.com. We will respond within 30 days.

8. Children

The Service is not directed to children under 16. We do not knowingly collect personal data from children.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by email or by posting a notice on the website. Continued use of the Service after changes constitutes acceptance.

10. Contact

For privacy-related questions, contact: yadidhadad@gmail.com