Privacy Policy

Account information: name, email, phone, country of residence. Company information: company name, EIN/ITIN/PIB, state of formation. Identity documents: passport or driver license images, Articles of Organization.

Payment information is processed by our payment partners — we do not store card numbers. Usage data includes pages visited, features used, and IP address.

We use your information to provide our services (address, documents, mail), verify your identity (KYC screening), process payments, send transactional emails, improve our platform, and comply with legal obligations.

We share data with: payment processors (Stripe, 2Checkout) for billing, Supabase for data hosting, Resend for email delivery, Cloudflare for security, and OFAC/sanctions databases for compliance screening.

We never sell personal data to third parties.

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Application-level encryption protects sensitive fields. Access is controlled through Row Level Security policies. Documents are stored in private buckets with time-limited signed URLs.

Active accounts: data retained while subscription is active. Cancelled accounts: data retained for 1 year, then personal information is anonymized. Financial records: retained for 7 years per tax and legal requirements.

You may request earlier deletion through your dashboard or by contacting privacy@warmshell.io.

You have the right to access, correct, delete, and export your data. You may opt out of marketing communications at any time. These rights apply regardless of your location, consistent with GDPR and CCPA standards.

For privacy inquiries: privacy@warmshell.io