Privacy Policy

Last updated: Apr 10, 2025

1. Introduction

This Privacy Policy describes how Exchange Rate Management ("we," "our," or "us") collects, uses, and discloses your information when you use our website, services, applications, APIs, or widgets (collectively, the "Services"). By accessing or using our Services, you agree to the collection, use, and sharing of your information as described in this Privacy Policy.

2. Information We Collect

We collect several types of information from and about users of our Services, including:

  • Personal Information: Email address, name, billing address, payment information (processed securely through Stripe), company information, and any other information you voluntarily provide to us
  • Account Information: Username, password (encrypted), account preferences, subscription status, and usage history
  • Usage Data: Information about how you use our Services, including IP address, browser type, device information, operating system, pages visited, time spent on pages, features used, and other similar information
  • Website Data: Information about websites where you embed our exchange rate widget, including domain name, configuration settings, traffic statistics, and integration methods
  • Exchange Rate Data: Information about exchange rates you configure, manage, and access, including currencies, rates, update frequencies, and historical data
  • Communications: Information provided when you contact us for support, respond to surveys, or interact with our team
  • Technical Data: Log data, server logs, error reports, browser fingerprints, and analytics data

3. How We Collect Information

We collect information:

  • Directly from you when you provide it to us, such as when you register for an account, subscribe to a paid plan, update your exchange rates, or contact our support team
  • Automatically as you navigate through and interact with our Services, using cookies, local storage, web beacons, pixel tags, and similar technologies
  • From third-party services like Supabase for authentication, Stripe for payment processing, and analytics providers
  • From your browser or device when you visit our website or use our Services
  • From API calls and widget usage when implemented on your websites

4. How We Use Your Information

We use the information we collect for various purposes, including to:

  • Provide, maintain, and improve our Services
  • Process payments, manage subscriptions, and send billing notices
  • Send you technical notices, updates, security alerts, and administrative messages
  • Respond to your comments, questions, and requests, and provide customer service
  • Monitor and analyze trends, usage, and activities in connection with our Services
  • Detect, investigate, and prevent fraudulent transactions, unauthorized access to our Services, and other illegal activities
  • Personalize your experience and deliver content and product features relevant to your interests
  • Facilitate your use of API integrations and widgets
  • Improve our website, products, services, marketing, and customer relationships
  • Comply with legal obligations and enforce our terms of service

5. Legal Basis for Processing (For EEA, UK, and Similar Jurisdictions)

If you are located in the European Economic Area (EEA), United Kingdom, or similar jurisdictions, we collect and process your personal information on the following legal bases:

  • Performance of a Contract: Processing necessary to provide the Services you request and to perform our contractual obligations
  • Legitimate Interests: Processing that serves our legitimate business interests, such as improving our Services, marketing, and preventing fraud
  • Consent: Processing based on your specific consent, such as for marketing communications
  • Legal Obligation: Processing necessary to comply with applicable laws and regulations

6. How We Share Your Information

We may share your information:

  • With service providers who perform services on our behalf, including payment processing, data analysis, email delivery, cloud hosting, customer service, and marketing assistance
  • With business partners with whom we jointly offer products or services, but only when you explicitly opt in to such sharing
  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request
  • To enforce our Terms of Service and other agreements, including for billing and collection purposes
  • If we believe disclosure is necessary to protect the rights, property, or safety of our company, our users, or others
  • In connection with a business transaction such as a merger, acquisition, or asset sale, in which case the recipient will be required to honor this Privacy Policy

We do not sell, rent, or otherwise disclose your personal information to third parties for their marketing purposes without your explicit consent.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Account information is retained as long as your account remains active. If you delete your account, we will delete or anonymize your personal information within 90 days, except for information that we are legally required to retain or need to maintain for legitimate business purposes.

8. Data Security

We implement appropriate technical and organizational security measures designed to protect your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. These measures include encryption of personal data, regular security assessments, controlled access to your data, and security training for our staff.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You are responsible for maintaining the secrecy of any credentials used to access your account and for any activity under your account.

9. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

  • Access: You can request a copy of the personal information we hold about you
  • Correction: You can request that we correct inaccurate or incomplete information
  • Deletion: You can request that we delete your personal information in certain circumstances
  • Restriction: You can request that we restrict the processing of your information in certain circumstances
  • Data Portability: You can request a machine-readable copy of your personal information
  • Objection: You can object to our processing of your personal information in certain circumstances
  • Withdraw Consent: You can withdraw any consent you previously provided

To exercise these rights, you can:

  • Access, correct, or delete your personal information by logging into your account settings
  • Contact us at info@exchangerate.management with your specific request
  • Opt out of receiving promotional emails by following the unsubscribe instructions in those emails
  • Control cookies through your browser settings and other tools

We will respond to your request within 30 days or as required by applicable law. We may request specific information to verify your identity before fulfilling your request.

10. Cookie Policy

We use cookies and similar technologies (such as web beacons and pixels) to enhance your experience, analyze usage, and assist in our marketing efforts. These technologies may collect information such as your IP address, browser type, operating system, referring URLs, device information, and other similar details.

We use the following types of cookies:

  • Essential cookies: Required for the operation of our Services
  • Analytical/performance cookies: Allow us to recognize and count visitors and analyze how users move around our Services
  • Functionality cookies: Enable us to personalize content and remember your preferences
  • Targeting cookies: Record your visit to our website, the pages you visit, and the links you follow to improve the relevance of our Services to your interests

You can control cookies through your browser settings and other tools. However, if you disable or refuse cookies, some parts of our Services may be inaccessible or not function properly.

11. International Data Transfers

Your information may be transferred to, stored, and processed in countries outside of your country of residence, including the United States, where our servers are located or our service providers operate. These countries may have different data protection laws than your country.

If you are located in the EEA, UK, or other jurisdictions with data protection laws that differ from the laws of the country where we store data, we ensure appropriate safeguards are in place to protect your personal information. These safeguards may include Standard Contractual Clauses approved by the European Commission or other measures required under applicable data protection law.

12. Children's Privacy

Our Services are not intended for children under 16 years of age, and we do not knowingly collect personal information from children under 16. If we learn we have collected personal information from a child under 16, we will delete that information promptly. If you believe we might have any information from or about a child under 16, please contact us at info@exchangerate.management.

13. Third-Party Links and Services

Our Services may contain links to third-party websites, services, or applications that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites or services you visit.

14. Changes to Our Privacy Policy

We may update our Privacy Policy from time to time. The date at the top of this Privacy Policy indicates when it was last revised. If we make material changes to how we treat your personal information, we will notify you through a notice on our website, by email to the primary email address specified in your account, or as required by applicable law. Your continued use of our Services after any changes to the Privacy Policy constitutes your acceptance of such changes.

15. Data Protection Officer

To communicate with our Data Protection Officer about our processing of your personal information, please email us at info@exchangerate.management.

16. California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information. These include the right to know what personal information we collect, the right to delete your personal information (with certain exceptions), and the right to opt out of sales of personal information. To exercise these rights, please contact us at info@exchangerate.management.

17. Contact Information

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us at:

Email: info@exchangerate.management
Address: [Your Company Address]

We will respond to your inquiry as soon as reasonably possible, typically within 30 days.