This Privacy Policy describes how Encredi handles personal information for authentication, authorization, account management, billing, usage metering, and related operational support.
1. Scope
This Privacy Policy explains how Encredi collects, uses, stores, and protects personal information in connection with its services.
2. Information We Collect
We may collect account identifiers, profile information, authentication metadata, organization membership, usage events, and billing-related records.
Depending on configuration, this may include email address, username, provider identity references, role grants, organization membership, API usage signals, and operational audit logs.
We may also collect device, browser, and connection metadata necessary for fraud prevention, abuse detection, and security monitoring, consistent with applicable law.
3. How We Use Information
We use information to provide and secure services, authenticate users, manage authorization, process billing, support customers, and improve reliability.
We may also use aggregated or de-identified service telemetry to monitor performance, detect abuse patterns, and improve product quality.
4. Data Minimization and Purpose Limitation
We design systems to collect and process only data reasonably required for defined service purposes. Data is not used for unrelated purposes without an appropriate legal basis.
5. Legal Basis
Where required, we process personal data based on contract performance, legitimate interests, legal obligations, or user consent.
6. Sharing and Processors
We may share data with trusted service providers (such as cloud, payment, messaging, and analytics vendors) only as needed to operate the service.
Processors are required to handle data under confidentiality and security obligations consistent with applicable law and contractual commitments.
7. Data Retention
We retain data as long as necessary for service delivery, compliance, auditability, and dispute resolution, then delete or anonymize where appropriate.
Retention windows may differ by record type, including account metadata, security logs, billing transactions, and usage records.
8. Security
We implement administrative, technical, and organizational safeguards to protect personal data from unauthorized access, loss, or misuse.
Security controls may include encryption in transit, access control policies, secrets management, logging, and incident response procedures.
9. International Transfers
Data may be processed in countries where we or our processors operate, subject to safeguards required by applicable law.
10. Your Rights
Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, object to processing, or request data portability.
To exercise applicable rights, contact your administrator or support channel. We may verify identity and legal authority before fulfilling requests.
11. Cookies and Session Technologies
We use cookies and similar technologies for authentication, session continuity, security controls, and service functionality.
Some cookies are essential and cannot be disabled without affecting core login and security flows.
12. Children's Privacy
The service is not intended for children under the age required by applicable law to provide valid consent. If we become aware of unauthorized collection, we will take appropriate action.
13. Governing Law and Jurisdiction
This policy and related disputes are governed by the laws of the State of North Carolina. Exclusive jurisdiction lies with courts located in the State of North Carolina, subject to mandatory local consumer protections.
14. Changes to This Policy
We may update this policy periodically. Material updates are communicated through service notices or other appropriate channels.
15. Contact
For privacy requests or questions, contact admin@encredi.com.