Privacy Policy

Last Updated: January 17, 2025

1. Introduction

This Privacy Policy explains how ProjectLab ("we," "our," "us," or "Company") collects, uses, shares, and protects your personal information when you use our service at www.projectlab.space ("Service"). We are committed to protecting your privacy and handling your data in an open and transparent manner.

2. Information We Collect

2.1. Account Information

We collect:

Email address
Name
Google account information (if using Google authentication)
Password (encrypted, if using email registration)
Account preferences and settings

2.2. Service Data

We collect:

Project information and metadata
Space configurations and settings
Usage data and activity logs
Collaboration records
Status history
Task and event data
User-generated content within projects

2.3. Technical Information

We automatically collect:

IP address
Browser type and version
Device type and operating system
Access times and dates
Pages viewed
Essential cookies and session data

3. How We Use Information

3.1. Primary Uses

We use your information to:

Provide and maintain the Service
Process payments and transactions
Send service notifications
Respond to support requests
Improve the Service
Debug and fix issues
Ensure security and prevent fraud
Fulfill our contract with you

3.2. Communication

We may contact you regarding:

Service updates and maintenance
Security alerts
Payment processing
Account-related notifications
Support responses
Legal notices

3.3. What We Don't Do

We explicitly DO NOT:

Track users for marketing purposes
Use analytics cookies
Share data with third parties for marketing
Use Google Analytics
Create user profiles for advertising
Sell your personal information

4. Data Storage and Security

4.1. Infrastructure

We use:

Supabase for database services
Vercel for hosting
Industry-standard security measures
Encrypted data transmission
Secure data storage

4.2. Security Measures

We implement:

Data encryption in transit and at rest
Regular security audits
Access controls and authentication
Monitoring and logging
Secure backup procedures
Incident response plans

4.3. Data Retention

Active account data is retained while your account is active
Deleted account data is removed within 30 days
Backup data is retained for disaster recovery purposes
Legal compliance data is retained as required by law

5. Cookies and Similar Technologies

5.1. Essential Cookies

We use only essential cookies for:

Authentication and session management
Security features
Service functionality
User preferences
Load balancing

You can:

Control cookie settings through your browser
Delete cookies at any time
Opt out of non-essential cookies (though we don't use any)

5.3. What We Don't Use

We do not use cookies for:

Analytics
Advertising
User tracking
Marketing
Behavioral analysis

6. Third-Party Services

6.1. Service Providers

We use:

Supabase (database)
Vercel (hosting)
Google (authentication option)
Payment processor (for subscription management)

6.2. Data Processing Agreements

All third-party services are governed by their respective privacy policies
We maintain data processing agreements with service providers
We ensure GDPR compliance where applicable

6.3. Limited Access

Third-party access is limited to necessary service provision
We do not sell or rent your data to third parties
Service providers are bound by confidentiality obligations

7. Data Rights

7.1. Your Rights

You have the right to:

Access your personal data
Correct inaccurate data
Request data deletion
Export your data
Restrict processing
Object to processing
Withdraw consent
File a complaint with supervisory authorities

7.2. Exercising Your Rights

To exercise these rights:

Use the relevant features in your account settings
Contact us at daniel@projectlab.space
Allow up to 30 days for response
Verify your identity when required

8. International Data Transfers

8.1. Data Location

Data is primarily stored in North Virginia, United States
We may transfer data internationally as needed for service provision
All international transfers comply with relevant data protection laws

8.2. Transfer Safeguards

We ensure:

Appropriate security measures
Legal compliance
Data protection agreements
Standard contractual clauses where required

9. Children's Privacy

Our Service is not intended for children under 13
We do not knowingly collect data from children
Parents/guardians should contact us if they believe we have inadvertently collected such data

10. Legal Basis for Processing

We process personal data based on:

Contract performance
Legal obligations
Legitimate interests
Consent where required

11. Changes to Privacy Policy

11.1. Updates

We will notify users of material changes via:

Email
Service notification
Website announcement

11.2. Acceptance

Continued use after changes constitutes acceptance
Previous versions will be archived
Users will be notified 30 days before material changes

12. Data Breaches

In case of a data breach, we will:

Notify affected users promptly
Inform relevant authorities as required
Take immediate corrective action
Provide guidance on protective measures

13. Contact Information

For privacy-related inquiries:

Email: daniel@projectlab.space
Website: www.projectlab.space
Response time: Within 2 business days

14. Additional Rights and Information

14.1. California Privacy Rights

California residents have additional rights under CCPA.

14.2. European Economic Area Rights

EEA residents have specific rights under GDPR.

14.3. Documentation

We maintain:

Records of processing activities
Impact assessments where required
Consent records
Data transfer agreements

15. Dispute Resolution

Any privacy-related disputes will be:

Addressed promptly
Handled fairly and transparently
Resolved according to applicable laws
Subject to appropriate jurisdiction