Legal

Privacy Policy

Effective date: March 7, 2026  ·  Last updated: March 7, 2026

Satisphy ("we," "our," or "us") operates satisphy.io. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website and services.

1. Information We Collect

1.1 Information You Provide Directly

  • Account information: When you register, we collect your email address, display name, and a hashed version of your password. We never store your password in plain text.
  • Payment information: We do not collect or store your payment card details. All payment processing is handled by Lemon Squeezy, our payment processor and merchant of record. When you subscribe, Lemon Squeezy collects your billing information directly. We receive only a subscription status and customer reference ID from them.
  • Communications: If you contact us by email, we retain your message and contact details to respond to your inquiry.

1.2 Information Collected Automatically

  • Log data: When you access our service, our servers automatically record your IP address, browser type and version, operating system, referring URL, pages visited, and the date and time of your visit.
  • Device information: We collect information about the device you use to access Satisphy, including hardware model, operating system version, and screen resolution, primarily to ensure the simulator renders correctly on your device.
  • Usage data: We collect information about how you use Satisphy, including which sim modes you open, session duration, settings you apply, and features you use. This data is used to improve the product and is not linked to identifiable individuals beyond your account.
  • Cookies and similar technologies: We use essential session cookies to keep you logged in. See our Cookie Policy for details.

1.3 Information from Third Parties

  • Lemon Squeezy: When your subscription is created, renewed, or cancelled, Lemon Squeezy sends us a webhook notification containing your subscription status, plan type, and renewal date. We store this information to determine your access level.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the service: To create and manage your account, authenticate your login, and grant access to the features included in your subscription plan.
  • Billing and subscriptions: To verify your subscription status and provide or restrict access to features accordingly.
  • Transactional communications: To send you emails related to your account — such as subscription confirmation, renewal reminders, password reset requests, and important service updates. These emails are necessary to provide the service and cannot be opted out of while you have an active account.
  • Customer support: To respond to your questions, resolve disputes, and troubleshoot issues.
  • Product improvement: To understand how users interact with Satisphy so we can fix bugs, improve performance, and build features that matter.
  • Security and fraud prevention: To detect and prevent unauthorized access, abuse, or illegal activity.
  • Legal compliance: To comply with applicable laws, regulations, or legal processes, and to enforce our Terms of Service.

We do not sell your personal data. We do not use your data for targeted advertising.

3. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data under the following legal bases:

  • Contractual necessity: Processing your account information and subscription data is necessary to perform the contract we have with you (our Terms of Service).
  • Legitimate interests: We process usage data and log data to improve the product, detect security threats, and operate our business. We only do this where our legitimate interests are not overridden by your rights.
  • Legal obligation: We may process your data to comply with applicable laws.
  • Consent: For any processing not covered above, we will ask for your explicit consent.

4. How We Share Your Information

We do not sell or rent your personal data. We share your information only with the following categories of service providers who assist us in operating Satisphy:

  • Lemon Squeezy (VitalSource Technologies, LLC): Our payment processor and merchant of record. Lemon Squeezy processes your payment details and manages your subscription. They are subject to their own Privacy Policy. We share your email address and name with Lemon Squeezy to create a billing record, and we receive subscription status updates from them via webhook.
  • Supabase: Our database provider, hosted on AWS infrastructure in the United States. Your account data (email, name, hashed password, subscription status) is stored in Supabase. Supabase is SOC 2 Type II certified.
  • Vercel: Our application hosting provider. Vercel serves the Satisphy web application and processes request log data. Vercel is certified under the EU-US Data Privacy Framework.

We may also disclose your information when required by law, court order, or government authority, or when we believe disclosure is necessary to protect the rights, property, or safety of Satisphy, our users, or others.

If Satisphy is acquired by or merged with another company, your information may be transferred as part of that transaction. We will notify you via email and/or a notice on our website before your data is transferred and becomes subject to a different privacy policy.

5. International Data Transfers

Satisphy is operated from the United States. If you are located outside the United States, your information will be transferred to, stored, and processed in the United States. We rely on our service providers' compliance with applicable data transfer mechanisms (such as Standard Contractual Clauses and the EU-US Data Privacy Framework) to ensure your data is adequately protected.

6. Data Retention

We retain your personal data for as long as your account is active. If you cancel your subscription, your account and data are retained for 90 days to allow you to reactivate. After 90 days of inactivity following cancellation, your account may be deleted.

If you request deletion of your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it by applicable law (for example, financial transaction records may be retained for up to 7 years for tax compliance purposes).

Anonymized or aggregated usage data that cannot be linked back to you may be retained indefinitely for product analytics purposes.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

7.1 Rights for All Users

  • Access: You can view and update your account information from your dashboard at any time.
  • Deletion: You may request that we delete your account and personal data by emailing satisphyio@gmail.com. We will respond within 30 days.
  • Portability: You may request a copy of the personal data we hold about you in a structured, machine-readable format.

7.2 Additional Rights for EEA/UK Residents (GDPR)

  • Rectification: You have the right to request correction of inaccurate personal data.
  • Restriction: You may request that we restrict the processing of your data in certain circumstances.
  • Objection: You may object to processing based on our legitimate interests.
  • Withdraw consent: Where we rely on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
  • Lodge a complaint: You have the right to lodge a complaint with your local data protection authority.

7.3 California Residents (CCPA/CPRA)

California residents have the right to know what personal information we collect and how it is used, the right to delete personal information, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising these rights. To exercise your rights, contact us at satisphyio@gmail.com.

8. Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Passwords are hashed using bcrypt before storage — we cannot recover your plain-text password.
  • All data is transmitted over HTTPS/TLS encryption.
  • Access to production systems and databases is restricted to authorized personnel only.
  • Our database provider (Supabase) is SOC 2 Type II certified.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at satisphyio@gmail.com.

9. Children's Privacy

Satisphy is not directed to children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at satisphyio@gmail.com and we will promptly delete it.

10. Third-Party Links

Our service may contain links to third-party websites (such as Lemon Squeezy's checkout). We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies before providing any personal information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (to the address associated with your account) and by updating the "Last updated" date at the top of this page at least 14 days before the changes take effect. Your continued use of the service after the effective date constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

We will respond to all requests within 30 days.