Privacy Policy

SystemDecoder ("we", "us", or "our") is committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service. This policy applies to all users of systemdecoder.app and any related services, applications, or platforms we operate.

2.1 Information you provide directly:

• Account information: name, email address, and profile photo provided via Google OAuth sign-in
• Profile information: optional profession or role you choose to provide
• Payment information: billing details processed by our third-party payment processor (we do not store raw card data)
• Communications: any messages or support requests you send us

2.2 Information collected automatically:

• Usage data: pages visited, features used, simulation interactions, session duration
• Device and browser information: IP address, browser type, operating system, device identifiers
• Log data: server access logs, error logs, performance metrics
• Cookies and similar tracking technologies: session cookies, preference cookies, analytics identifiers

We use the information we collect to:

• Provide, operate, and maintain the Service
• Authenticate your identity and manage your account
• Process payments and manage subscription billing
• Send transactional emails (e.g., billing receipts, subscription updates)
• Send product updates and announcements (you may opt out at any time)
• Analyse usage patterns to improve and personalise the Service
• Detect, prevent, and address technical issues, fraud, or abuse
• Comply with legal obligations

We do not sell your personal data to third parties. We do not use your data to train machine learning or AI models without your explicit consent.

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data on the following legal bases:

• Contract performance: Processing necessary to provide the Service under our agreement with you
• Legitimate interests: Analytics, security, fraud prevention, and product improvement
• Legal obligation: Compliance with applicable laws and regulations
• Consent: Marketing communications and optional analytics (where consent is required)

We use the following categories of cookies:

• Strictly necessary: Session cookies required for authentication and Service operation. These cannot be disabled.
• Functional: Cookies that remember your preferences and settings.
• Analytics: Cookies that help us understand how users interact with the Service (e.g., page views, feature usage). These may be disabled via your browser settings.

You can control cookie settings through your browser. Note that disabling certain cookies may affect the functionality of the Service.

We may share your information with:

• Service providers: Third-party vendors who assist us in operating the Service (e.g., cloud hosting providers, payment processors, email delivery services). These providers are contractually bound to protect your data.
• Authentication providers: Google, for OAuth-based sign-in. Your use of Google sign-in is subject to Google's Privacy Policy.
• Legal authorities: Where required by law, court order, or governmental regulation, or when we believe disclosure is necessary to protect our rights or the safety of others.
• Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you prior to your data becoming subject to a different privacy policy.

We retain your personal data for as long as your account is active or as needed to provide the Service. We also retain data as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

Upon account deletion, we will delete or anonymise your personal data within 90 days, except where we are required to retain it for legal or regulatory compliance purposes.

We implement industry-standard security measures to protect your personal data, including encryption in transit (TLS/HTTPS), encryption at rest, access controls, and regular security reviews. However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

If we become aware of a data breach that affects your rights and freedoms, we will notify you and relevant authorities in accordance with applicable law.

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. Where we transfer personal data from the EEA or UK to third countries, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Restriction: Request that we limit processing of your data
• Portability: Request a machine-readable export of your data
• Objection: Object to processing based on legitimate interests
• Withdrawal of consent: Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at systemdecoder.team@gmail.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete such data. If you believe we have inadvertently collected data from a child, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will provide more prominent notice (e.g., email notification). Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

For privacy-related questions, requests, or concerns, please contact our privacy team at: