Privacy Policy

1. Scope

This Privacy Policy applies to Creadefy and our website. It covers personal information we handle when you create an account, issue credentials, verify credentials, or contact support.

2. Data we collect

We collect the minimum data needed to run Creadefy. The exact data depends on how you use the product.

• Account data: name, email, and authentication details.
• Organisation and workspace data: organisation name, team members, and settings.
• Credential data: templates, events, recipients, and issued credential identifiers.
• Files you upload: certificate templates, images, and other assets you choose to store.
• Support and feedback: messages you send us and any attachments you include.
• Usage and security data: basic logs and signals used to keep the service reliable and secure.

3. How we use data

We use data to operate, maintain, and improve Creadefy.

• Provide core product features, including issuance and verification.
• Authenticate users and prevent abuse, spam, and fraud.
• Process payments and manage subscriptions when applicable.
• Send important service emails (for example, verification and security messages).
• Respond to support requests and product feedback.
• Debug issues and monitor reliability.

4. How we share data

We do not sell your personal information. We may share data in limited cases:

• Service providers that help us run Creadefy (hosting, storage, email, and payments).
• Legal and safety reasons, when required by law or to protect users and the platform.
• Business transfers, if we go through a merger, acquisition, or asset sale.
• Your instructions, when you choose to share a credential or verification link.
• Third-party content providers (for example, Unsplash) when you use optional features like image search in the template builder. We do not share your Creadefy account details with them, but the search terms you enter are sent to the provider to return results.

5. Public verification

Creadefy supports public verification. When a credential is meant to be verified by others, a verification page or link may be accessible publicly.

Only the information required to verify the credential should be included. If you are an issuer, you are responsible for the content you place on credentials.

6. Cookies

We use cookies and similar technologies for essential functionality. This includes keeping you signed in and protecting the platform.

If we use analytics cookies, we aim to keep them minimal. We do not run invasive tracking.

7. Retention

We keep data for as long as needed to provide the Service. We may retain limited records for backups, billing, legal compliance, and security.

8. Your choices

You can update your account information from your dashboard. You can also contact us to request access, deletion, or export of your data. Some requests may be limited by legal requirements or legitimate business needs.

9. Changes to this policy

We may update this Privacy Policy from time to time. If changes are material, we will provide reasonable notice.

10. Contact

If you have questions about privacy, contact us.