Privacy Policy

1. Introduction

ChangeLog ("we", "our", or "us") is operated by Evant Group. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our variation register software service.

By using ChangeLog, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you register, we collect your name, email address, company name, and password. If you sign up via Google, we receive your name and email from your Google account.

2.2 Project & Variation Data

We store the project information and variation data you enter into the system, including project names, client details, variation descriptions, values, dates, and any documents you upload.

2.3 Usage Data

We automatically collect information about how you interact with our service, including pages visited, features used, and actions taken. This helps us improve the product.

2.4 Payment Information

Payment processing is handled by Stripe. We do not store your full credit card details. Stripe's privacy policy governs payment data.

3. How We Use Your Information

• To provide and maintain our service
• To process your transactions and manage your subscription
• To send you service-related communications (e.g., weekly digests, account notifications)
• To respond to your inquiries and provide customer support
• To improve our service and develop new features
• To detect and prevent fraud or abuse
• To comply with legal obligations

4. Data Sharing

We do not sell your personal information. We may share data with:

• Service providers: Companies that help us operate (e.g., Supabase for hosting, Stripe for payments, Resend for emails)
• Team members: If you're on a Team plan, other users in your organization can access shared project data
• Legal requirements: If required by law, court order, or government request
• Business transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Row-level security policies in our database
• Regular security audits and monitoring
• Secure authentication with password hashing

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. If you delete your account, we will delete your data within 30 days, except where we need to retain it for legal or legitimate business purposes.

Free tier accounts with no activity for 90 days may be automatically deleted.

7. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data ("right to be forgotten")
• Export your data in a portable format
• Object to or restrict certain processing
• Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@evantgroup.com.

8. Cookies

We use essential cookies to maintain your session and preferences. We do not use third-party tracking cookies or advertising cookies.

9. International Transfers

Your data may be processed in countries outside your own. Our infrastructure is hosted on Supabase (AWS regions). We ensure appropriate safeguards are in place for international transfers.

10. Children's Privacy

ChangeLog is not intended for users under 18. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or through the service. Continued use after changes constitutes acceptance.

12. Contact Us

If you have questions about this Privacy Policy, please contact us:

Evant Group
Email: privacy@evantgroup.com