Freedom Forecast

Privacy Policy

Last updated: June 20, 2026

1. Data Storage & Security

Your data is stored in a managed cloud database protected by row-level security so that only you can read or modify your own scenarios. Passwords are hashed and never stored in plain text. Communications are encrypted in transit using TLS. We maintain appropriate technical and organizational measures to protect personal information against unauthorized access, loss, or disclosure.

2. Who We Are

Freedom Forecast is operated by Mary Kathryn Taylor (the "Seller", "we", "us"), doing business as Freedom Forecast. For purposes of applicable data protection laws, Mary Kathryn Taylor is the data controller of the personal information described in this Policy.

3. Information We Collect

  • Account data: email address and hashed password.
  • Scenario data: the financial inputs you save (age, savings, spending, return rate, etc.).
  • Purchase data: order ID, purchase date, amount, and refund status received from our payment processor.
  • Support & feedback: messages you send through our feedback form or support email.
  • Technical data: IP address, browser type, device identifiers, and basic usage telemetry needed to operate and secure the Service.

4. How We Use Your Information & Legal Bases

  • Provide the Service (authenticate, save and display scenarios, deliver purchased access) — legal basis: performance of a contract.
  • Process payments (via Paddle as Merchant of Record) — legal basis: performance of a contract.
  • Security, fraud prevention, and service integrity — legal basis: legitimate interests.
  • Respond to support requests and feedback — legal basis: legitimate interests and, where applicable, consent.
  • Comply with legal obligations (tax, accounting, lawful requests) — legal basis: legal obligation.

We do not sell or rent your personal information, and we do not use it for advertising or cross-site tracking.

5. Data Sharing & Subprocessors

We share personal information only with the categories of recipients needed to run the Service:

  • Paddle.com Market Ltd ("Paddle") — our payment processor and Merchant of Record. Paddle handles checkout, payments, tax, invoicing, refunds, and related fraud prevention. See Paddle's Privacy Policy.
  • Supabase — managed database, authentication, and storage hosting provider.
  • Cloudflare — application hosting, content delivery, and security/DDoS protection.
  • Email delivery providers — used to send transactional emails (password resets, confirmations, receipts).
  • Professional advisers (legal, accounting) and government authorities where required by law.

6. Data Retention

  • Account & scenario data: kept while your account is active. Deleted within 30 days after you delete your account, except where retention is required by law.
  • Purchase records: retained for up to 7 years to comply with tax and accounting obligations.
  • Support & feedback messages: retained for up to 2 years for quality and dispute resolution.
  • Technical/security logs: retained for up to 12 months.

When data is no longer needed, it is deleted or anonymized.

7. Your Rights

Depending on where you live, you may have the right to access, correct, delete, restrict, or port your personal information, to object to certain processing, and to withdraw consent. You can update or delete your scenarios at any time from the dashboard, and you can delete your account from your account settings or by contacting us through our feedback page. You also have the right to lodge a complaint with your local data protection authority.

8. International Transfers

Our service providers may process data in the United States, the European Union, and the United Kingdom. Where personal data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

9. Cookies

We use only essential cookies and local storage required to keep you signed in and to operate core features of the Service. We do not use advertising or cross-site tracking cookies.

10. Children's Privacy

The Service is intended for adults and is not directed to children under 13. We do not knowingly collect information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date above.

12. Contact

Questions about privacy can be sent to us through our feedback page.