PRIVACY POLICY
Last Updated: 2025-11-10 Effective Date: 2025-11-10
1. Introduction
Bodge LLC ("Bodge," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you:
- Visit our website at https://bodge.app (the "Site")
- Use our software-as-a-service platform (the "Service")
- Interact with us through email, social media, or other channels
Please read this Privacy Policy carefully. By accessing or using our Site or Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, do not use our Site or Service.
This Privacy Policy applies to information we collect:
- On this Site
- Through the Service
- In email, text, and other electronic messages between you and the Site or Service
It does not apply to information collected by third parties, including through any application or content that may link to or be accessible from the Site or Service.
2. Information We Collect
We collect several types of information from and about users of our Site and Service, including:
2.1 Personal Information You Provide
When you register for, access, or use our Service, we may collect:
Account Information:
- Email address
- Password
Communications:
- Support requests and correspondence
- Feedback and testimonial
2.2 Information Collected Automatically
When you access or use our Site or Service, we automatically collect:
Information That is Automatically or Implicitly Sent By Your Browser:
- IP address
- Browser type and version
- Operating system
- Device identifiers
- Pages visited and features used
- Time and date of visits
- Referring/exit pages
2.3 Information from Third Parties
We may receive information about you from third parties, including:
Service Providers:
- Stripe, Inc. - for payment processing
- GoatCounter.com - for simple page visit analytics
- Zoho Corporation Pvt. Ltd. - for transactional emails
- SMTP2GO - for newsletter emails
3. How We Use Your Information
We may use the information we collect for the following purposes:
3.1 To Provide and Maintain the Service
- Create and manage your account
- Process transactions and send transaction notifications
- Provide customer support and respond to inquiries
- Perform technical operations (hosting, security, backups)
- Troubleshoot and fix technical issues
3.2 To Improve and Develop the Service
- Analyze usage patterns and trends
- Test new features and functionality
- Conduct research and development
- Improve user experience and interface design
3.3 To Communicate With You
- Send service-related announcements and updates
- Respond to your comments, questions, and requests
- Send marketing communications (with your consent)
- Notify you about changes to our policies or terms
- Conduct surveys and collect feedback
3.4 For Security and Fraud Prevention
- Detect, investigate, and prevent fraudulent transactions
- Protect against security threats and abuse
- Monitor and analyze security incidents
- Enforce our Terms of Service
3.5 For Legal Compliance
- Comply with applicable laws and regulations
- Respond to legal requests (subpoenas, court orders)
- Protect our rights, privacy, safety, or property
- Resolve disputes and enforce agreements
3.6 With Your Consent
- For any other purpose disclosed to you at the time we collect your information
- With your explicit consent for specific uses
3.7 Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), UK, or Switzerland, our legal basis for collecting and using your personal information depends on the specific context:
- Contractual Necessity: Processing is necessary to perform our contract with you (e.g., providing the Service)
- Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., fraud prevention, improving the Service, marketing to existing customers)
- Legal Obligation: Processing is necessary to comply with applicable laws
- Consent: You have given explicit consent for specific processing activities
You have the right to withdraw consent at any time. See Section 6 (Your Privacy Rights).
4. How We Share Your Information
We do not sell, rent, or trade your personal information to third parties for their own marketing purposes without your explicit consent. We may share your information in the following circumstances:
4.1 Service Providers
We share information with third-party vendors who perform services on our behalf:
| Service Provider | Purpose | Data Shared |
|---|---|---|
| Stripe, Inc. | Payment processing | Billing information, transaction data |
| Zoho Corporation Pvt. Ltd. | Transactional emails | Email address |
| SMTP2GO | Newsletter emails | Email address |
These service providers are contractually obligated to:
- Use your information only for the specified purpose
- Implement appropriate security measures
- Comply with applicable data protection laws
4.2 Business Transfers
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Site before your information is transferred and becomes subject to a different privacy policy.
4.3 Legal Requirements
We may disclose your information if required to do so by law or in response to:
- Court orders or subpoenas
- Legal process or government requests
- Requests from law enforcement or regulatory authorities
- Legal claims or disputes
We may also disclose information when we believe, in good faith, that disclosure is necessary to:
- Protect our rights, property, or safety, or that of our users or the public
- Detect, prevent, or address fraud, security, or technical issues
- Enforce our Terms of Service
4.4 With Your Consent
We may share your information with third parties when you have given us explicit consent to do so.
4.5 Aggregated and De-identified Information
We may share aggregated or de-identified information that cannot reasonably be used to identify you. For example, we may share statistics about Service usage with business partners or the public.
4.6 Data Sales
We do not sell your personal information to third parties.
5. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
5.1 Retention Periods
| Data Category | Retention Period | Reason |
|---|---|---|
| Account information | Duration of account + 3 years | Provide Service, legal compliance |
| Transaction records | 3 years after transaction | Financial record-keeping, tax compliance |
| Usage logs | 3 years | Security, analytics, legal compliance |
5.2 Deletion and Anonymization
When we no longer need your personal information, we will:
- Securely delete it from our systems
- Anonymize it so it can no longer identify you
- Archive it in a secure, restricted environment (if required by law)
You can request deletion of your personal information at any time. See Section 6.4 (Right to Delete).
6. Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal information.
6.1 Rights for EEA, UK, and Swiss Residents (GDPR)
If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following rights:
Right to Access:
- Request a copy of the personal information we hold about you
- Receive information about how we process your data
Right to Rectification:
- Request correction of inaccurate or incomplete personal information
Right to Erasure ("Right to Be Forgotten"):
- Request deletion of your personal information in certain circumstances
Right to Restrict Processing:
- Request that we limit how we use your personal information
Right to Data Portability:
- Request a copy of your personal information in a structured, machine-readable format
- Request that we transfer your information to another service provider
Right to Object:
- Object to processing based on legitimate interests
- Object to direct marketing (including profiling)
Right to Withdraw Consent:
- Withdraw consent for processing activities at any time (does not affect lawfulness of prior processing)
Right to Lodge a Complaint:
- File a complaint with your local data protection authority
To exercise these rights, contact us at gdpr@bodge.app
6.2 Rights for California Residents (CCPA)
If you are a California resident, you have the following rights:
Right to Know:
- Request disclosure of the categories and specific pieces of personal information we have collected
- Request information about the categories of sources, business purposes, and third parties with whom we share information
Right to Delete:
- Request deletion of your personal information (subject to certain exceptions)
Right to Opt-Out of Sales:
- Opt out of the sale of your personal information (if we sell data)
Right to Non-Discrimination:
- We will not discriminate against you for exercising your CCPA rights
CCPA Request Process:
- Submit a request via ccpa@bodge.app
- We will verify your identity (may request additional information)
- We will respond within 45 days (may extend by 45 days if necessary)
Authorized Agent: You may designate an authorized agent to submit requests on your behalf. The agent must provide:
- Written authorization signed by you
- Proof of their identity
- Verification of your identity
6.3 Rights for Texas Residents (TDPSA)
If you are a Texas resident, you have the following rights:
Right to Know:
- Confirm whether we are processing your personal data
- Access your personal data
Right to Correct:
- Correct inaccuracies in your personal data
Right to Delete:
- Delete personal data you provided to us
Right to Data Portability:
- Obtain a copy of your personal data in a portable format
Right to Opt-Out of:
- Targeted advertising
- Sale of personal data
- Profiling in furtherance of automated decisions with legal or significant effects
Universal Opt-Out Mechanism: We honor Global Privacy Control (GPC) browser signals. Enable GPC in your browser to automatically opt out.
TDPSA Request Process:
- Submit a request via tdpsa@bodge.app
- We will respond within 45 days (may extend by 15 days if necessary)
- If we deny your request, you may appeal within 15 days
Appeal Process:
- Submit an appeal via tdpsa@bodge.app
- We will respond within 60 days
- If we deny your appeal, you may contact the Texas Attorney General
6.4 Rights for Residents of Other U.S. States
Residents of Virginia, Colorado, Connecticut, and Utah have similar rights under their respective state privacy laws. Contact us at privacy@bodge.app to exercise your rights.
7. Data Security
We implement reasonable administrative, technical, and physical safeguards to protect your personal information from unauthorized access, use, alteration, and disclosure.
7.2 Limitations of Security
No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security. You are responsible for:
- Keeping your account credentials confidential
- Notifying us immediately of any unauthorized access
- Using strong, unique password
7.3 Data Breach Notification
In the event of a data breach that compromises your personal information, we will:
- Notify you within the timeframe required by applicable law (e.g., 72 hours under GDPR)
- Describe the nature of the breach and the information affected
- Provide steps you can take to protect yourself
- Report the breach to relevant authorities as required by law
8. Children's Privacy
Our Service is not directed to children. We do not knowingly collect personal information from children.
If you are a child, do not:
- Register for an account
- Provide any personal information through the Service
- Use any features that require personal information
If we learn that we have collected personal information from a child without parental consent, we will delete that information as quickly as possible. If you believe we have collected information from a child, contact us immediately at privacy@bodge.app.
9. Third-Party Links and Services
Our Site and Service may contain links to third-party websites, applications, and services that are not operated by us. This Privacy Policy does not apply to third-party sites or services.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
How We Notify You:
- Material Changes: We will notify you via email (to the address associated with your account) and/or a prominent notice on our Site at least 30 days before the changes take effect
- Non-Material Changes: We will update the "Last Updated" date at the top of this Privacy Policy
Your Continued Use: Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes. If you do not agree to the revised Privacy Policy, you must stop using the Service and close your account.
Review Regularly: We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
11. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, contact us:
12. California "Shine the Light" Law
California Civil Code Section 1798.83 permits California residents to request certain information about our disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes without your consent.
13. Nevada Residents
Nevada law allows Nevada residents to opt out of the sale of certain types of personal information. We do not sell personal information as defined under Nevada law. If you are a Nevada resident and have questions, contact us at privacy@bodge.app.