Privacy Policy

Last updated: February 14, 2026

1. Information We Collect

We collect the following types of information:

  • Account Information: Email address, name, and authentication credentials when you create an account (including via third-party sign-in providers such as Google)
  • Payment Information: Billing details processed securely through our payment processor, Stripe. We do not store your full credit card number on our servers.
  • Usage Data: How you interact with our Service, including picks viewed, features used, and preferences
  • Device Information: Browser type, operating system, device type, screen resolution, and IP address
  • Log Data: Server logs that may include your IP address, access times, pages viewed, and referring URLs

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our Service
  • Process payments and manage subscriptions
  • Authenticate your identity and maintain account security
  • Send important updates about your account or the Service
  • Analyze usage patterns to improve user experience
  • Detect, prevent, and address fraud, abuse, or technical issues
  • Comply with legal obligations

3. Data Sharing & Third-Party Processors

We do not sell, rent, or trade your personal information. We may share data with the following categories of service providers who process data on our behalf:

  • Authentication: Supabase (account management, database), Google (OAuth sign-in)
  • Payment Processing: Stripe (subscription billing)
  • Hosting & Infrastructure: Vercel (web hosting), Amazon Web Services (data processing)
  • Database: MongoDB Atlas (data storage)
  • Analytics: We may use third-party analytics tools to understand Service usage
  • Legal Requirements: When required by law, subpoena, court order, or to protect our rights, property, or safety

Each third-party processor is contractually obligated to handle your data in accordance with their own privacy policies and applicable data protection laws. We encourage you to review their privacy policies.

4. Data Security

We implement commercially reasonable administrative, technical, and physical security measures designed to protect your personal information. These include encryption of data in transit (TLS/SSL) and at rest, secure authentication mechanisms, and access controls limiting who can access personal data.

However, no method of electronic transmission or storage is completely secure. While we strive to use commercially reasonable means to protect your information, we cannot guarantee its absolute security. You acknowledge that you provide your personal information at your own risk.

5. Data Breach Notification

In the event of a security breach that results in unauthorized access to, or disclosure of, your personal information, we will:

  • Investigate and take reasonable steps to contain and remediate the breach
  • Notify affected users via email and/or through the Service within a reasonable timeframe, and no later than required by applicable law
  • Notify relevant regulatory authorities as required by applicable law
  • Provide information about what data was affected and steps you can take to protect yourself

To the fullest extent permitted by applicable law, SickFade's liability for any data breach shall be limited to the amounts you have paid to SickFade in the one (1) month preceding the breach. SickFade shall not be liable for any indirect, incidental, consequential, special, or punitive damages arising from a data breach, including but not limited to identity theft, unauthorized account access on third-party platforms, or emotional distress.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Request deletion of your data ("right to be forgotten")
  • Export your data in a portable format
  • Opt out of marketing communications
  • Restrict or object to certain processing of your data
  • Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at support@sickfade.com. We will respond to your request within 30 days or as required by applicable law.

7. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
  • No Sale of Personal Information: We do not sell personal information as defined under the CCPA

8. Children's Privacy

Our Service is not directed to anyone under the age of 21. We do not knowingly collect personal information from anyone under 21 years of age. If we become aware that we have collected personal information from someone under 21, we will take steps to delete that information promptly. If you believe we may have collected information from a person under 21, please contact us at support@sickfade.com.

9. Cookies & Tracking Technologies

When you first visit our site, a cookie consent banner will inform you of our cookie usage. By clicking "Got it," you acknowledge our use of cookies as described below.

Essential cookies: Authentication, session management, security, and storing your cookie consent preference.

Analytics cookies: We use Google Analytics (GA4) to understand how users interact with our Service, such as pages visited and time on site.

Advertising cookies: We use X (Twitter) conversion tracking to measure the effectiveness of our advertising campaigns.

Affiliate cookies: We use Rewardful to track affiliate referrals. If you arrive via an affiliate link, a cookie is set to attribute the referral.

UTM cookies: We capture UTM parameters (e.g., utm_source, utm_campaign) from URLs to understand how visitors find our site. These cookies expire after 7 days.

You can control cookie settings through your browser, but disabling essential cookies may impair your ability to use the Service.

10. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. After account deletion, we may retain certain data for a limited period as necessary to comply with legal obligations, resolve disputes, enforce our agreements, or for legitimate business purposes. Anonymized or aggregated data that cannot identify you may be retained indefinitely.

11. International Data Transfers

Our Service is operated in the United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using the Service, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy on this page with an updated "Last updated" date, and where required by law, via email or through the Service. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

13. Contact Us

For privacy-related inquiries, data requests, or to report a security concern, please contact us at support@sickfade.com