How we handle data

We collect only what we need to run the service, support customers, and improve the product. We avoid dark patterns and respect regional privacy laws (GDPR/UK GDPR/CCPA/CPRA).

• Data we collect. Account details, billing info (via Stripe), usage/analytics events (only with consent), and support communications.
• How we use it. Provide and secure the service, troubleshoot, bill, and improve the product.
• Processors. Stripe for billing, hosting providers for infrastructure, and any subprocessors listed on the Subprocessors page.
• Retention. We keep data only as long as necessary for the purpose collected or as required by law.
• Cookies & consent. Non-essential analytics/marketing cookies are opt-in. Preferences can be changed anytime.
• Data subject rights. Access, correction, deletion, and export requests are supported. Contact privacy@owlcto.com.
• International transfers. We use appropriate safeguards (e.g., SCCs) where required.
• Security. See our Security page for controls; incidents are handled under documented procedures.

Contact: privacy@owlcto.com for privacy questions or DSRs.