Back to Home

Privacy Policy

Last Updated: April 27, 2026

1. Introduction

This Privacy Policy explains how SubBuddy ("we", "us", or "our") collects, uses, shares, stores, and deletes personal information when you use our website, web application, Chrome extension, and related services (collectively, the "Service").

It is intended to describe our actual product behavior, including account creation, subscription tracking, paid plans, imports, calendar export, family sharing, and optional AI-assisted email parsing.

If you do not agree with this Privacy Policy, please do not use the Service.

2. Information We Collect

The information we collect depends on how you use SubBuddy and which features you choose to use.

In practice, the Service currently processes the following categories of data:

  • Account and profile data, such as your email address and any profile information you add or update, including name, surname, username, avatar, plan tier, and account preferences.
  • Subscription-management data that you enter or generate in the Service, such as subscription name, category, amount, currency, billing interval, renewal or start dates, status, notes, tags, payment-method labels, manually entered last four digits, related email account labels, and family-sharing associations.
  • Billing and payment metadata. Payments are processed by Stripe, not by SubBuddy directly. We may receive and store limited billing information such as Stripe customer IDs, Stripe subscription IDs, plan status, billing period information, and checkout or subscription event metadata. Stripe may collect payment card details, billing address details, and tax-related checkout information directly through its checkout flow.
  • Imported or connected data. If you import a CSV file, the file is parsed in your browser and the subscriptions you choose to save are then sent to the Service. If you use the Chrome extension or Gmail parsing features, we may process email text, subject lines, sender information, extracted subscription details, and related metadata needed to detect subscription activity.
  • Family-sharing and invitation data, such as invitation email addresses, invitation tokens, family membership records, and limited profile information visible to family members within shared features.
  • Technical, device, and usage data, including authentication/session cookies, locale preferences, basic analytics events, IP or request metadata received by our infrastructure providers, and tokenized calendar export identifiers.

3. How We Use Your Information

We use personal information to operate and improve the Service, perform our contract with you, comply with legal obligations, and protect the Service and its users.

  • To create and secure your account, authenticate you, and maintain your profile and preferences.
  • To store, display, organize, and analyze your subscription data, including reminders, spending summaries, calendar events, and premium features.
  • To process billing, activate paid plans, manage free trials, detect subscription status changes, and provide customer billing support through Stripe.
  • To process optional imports and parsing features, including CSV imports and extension-based email parsing, and to generate extracted subscription suggestions or AI-assisted results when you request those features.
  • To support family-sharing features, including creating families, inviting members, and showing shared information to authorized family participants.
  • To monitor performance, understand product usage, prevent abuse or fraud, enforce our Terms, and comply with legal, tax, accounting, and security obligations.

4. Sharing Your Information

We do not sell your personal information. We share information only when needed to provide the Service, when you ask us to use a feature that requires a third party, when information is visible inside a sharing feature you enabled, or when required by law or necessary to protect rights and security.

  • Supabase, which we use for authentication, database, storage, and related backend infrastructure.
  • Stripe, which processes paid subscriptions, lifetime purchases, billing events, and customer billing portal activity.
  • Vercel Analytics and related hosting/infrastructure services used to measure product usage and operate the site.
  • Google Gemini or similar AI providers, but only when you use optional AI-assisted parsing features that require server-side analysis of submitted email content.
  • Email delivery providers and serverless functions used to send transactional emails, such as family invitations and renewal-related messages.
  • Other users within your family-sharing features, to the extent your subscription data, family membership details, or limited profile information are shown to invited family participants.

We may also disclose information if required by law, legal process, or to investigate and prevent fraud, abuse, security incidents, or violations of our Terms.

5. Data Retention, Deletion, and Export

We keep personal information for as long as your account is active, as long as it is needed to provide the Service, or as long as we have a legitimate legal, accounting, security, or operational reason to retain it.

If you use the in-app account deletion feature, we currently attempt to delete your authenticated user account and rely on database relationships to remove related records that are configured to cascade from that account.

Some information may remain for a limited time in backups, logs, billing records, abuse-prevention systems, or other systems where retention is required or reasonably necessary for legal, tax, accounting, security, or technical reasons.

SubBuddy does not currently promise a universal self-serve export for every category of user data. Where export functionality is available, such as calendar export in ICS format for supported plans, or where technically feasible in the future, we may allow export or access to certain user data in a commonly used format.

6. Your Rights and Choices

Depending on where you live, you may have privacy rights under applicable law. We try to give you practical control inside the product wherever possible.

  • You can access and update much of your account, subscription, and billing-status information from within the Service.
  • You can delete individual subscriptions and, where available, use the in-app account deletion flow to request deletion of your account.
  • You can contact us to request access, correction, deletion, or other privacy-related assistance, subject to verification and applicable law.
  • Mandatory rights provided by the laws of your country, state, or place of residence remain available to you and are not limited by this Privacy Policy.

7. Cookies, Sessions, and Analytics

We use cookies and similar technologies that are reasonably necessary to operate the Service, including authentication/session cookies, locale or preference storage, and token-based features such as calendar access. These technologies help keep you signed in, remember settings, and secure the Service.

We also use analytics tools, including Vercel Analytics, to understand product usage and improve the Service. Your browser or device may allow you to limit or clear some cookies or stored preferences, but doing so may affect how the Service works.

8. Security and International Processing

We use technical and organizational measures designed to protect personal information, including access controls and the security features provided by our infrastructure vendors. No system can be guaranteed to be completely secure.

Because we use global service providers, your information may be processed in countries other than your own, subject to the safeguards and legal requirements that apply to those providers and transfers.

9. Changes to This Privacy Policy

We may update this privacy notice from time to time. The updated version will be indicated by an updated "Last Updated" date.

10. Contact Us

If you have questions or comments about this notice, you may email us at subbuddymanager@gmail.com