ePaper

Privacy Policy

Last updated: February 6, 2026

ePaper (hereinafter referred to as "we") values your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the ePaper newsletter platform services (hereinafter referred to as "Services"). By using our Services, you agree to the data processing practices described in this Policy.

1. Data Collection

We collect the following types of data:

Account Information

When you register an account, we collect your email address, name, and password (stored in encrypted form). If you choose a paid plan, we collect necessary payment information through Stripe.

Usage Data

We automatically collect data related to service usage, including: login times, IP addresses, browser types, device information, page view history, and feature usage.

Newsletter Data

As a newsletter platform, we process subscriber lists you upload, newsletter content, sending records, and related statistics (such as open rates and click-through rates).

2. Data Usage

We use collected data for the following purposes:

  • Provide, maintain, and improve our Services
  • Process your account registration and identity verification
  • Process payments and subscription management
  • Send service-related notifications (such as system maintenance, plan changes)
  • Provide customer support
  • Analyze usage patterns to improve user experience
  • Prevent fraud and ensure service security
  • Comply with legal obligations

3. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

Essential Cookies: Maintain your login session and ensure the Service functions properly

Analytics Cookies: Understand how the Service is used to improve features and performance

Preference Cookies: Remember your language preferences and interface settings

You can manage or disable cookies through your browser settings, but this may affect some Service features.

4. Third-Party Services

We use the following third-party services to provide and improve our Services. These service providers only process your data to the extent necessary to provide services to us:

Stripe (Payment Processing)

We use Stripe to process all payment transactions. Your credit card information is processed directly by Stripe — we do not store full credit card numbers.

Supabase (Data Storage)

We use Supabase's managed PostgreSQL database service to store account data and service information.

AWS SES (Email Sending)

We use Amazon Simple Email Service (SES) as the default email sending service. Recipient email addresses are processed during sending.

5. Data Retention

We retain your data according to the following principles:

Account data: Retained while your account is active, deleted within 30 days of account closure

Newsletter content and subscriber data: Retained while your account is active, deleted within 30 days of account closure

Payment records: Retained for a minimum of 5 years as required by law

Usage logs: Automatically deleted after 90 days

6. Your Rights

Under applicable law, you have the following rights:

Right of Access: You may request a copy of the personal data we hold about you

Right of Rectification: You may request correction of inaccurate or incomplete personal data

Right of Erasure: You may request deletion of your personal data (to the extent permitted by law)

Right of Portability: You may request export of your data in a structured format

Right to Object: You may object to processing of your personal data based on our legitimate interests

To exercise these rights, please contact us using the information below. We will respond within 30 days of receiving your request.

7. Data Security

We take reasonable technical and organizational measures to protect your personal data, including but not limited to: SSL/TLS encrypted transmission, password hash storage, Docker container isolation, regular security backups, and access control. Please note that no method of internet transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Policy Changes

We may update this Privacy Policy from time to time. Significant changes will be communicated via email or in-service notification. Your continued use of our Services constitutes acceptance of the updated Privacy Policy. We recommend periodically reviewing this page for the latest privacy measures.

9. Contact Us

If you have questions about this Privacy Policy or need to exercise your data rights, please contact us:

Email: privacy@epaper.dev