Privacy Notice
Last updated: June 18, 2026
1. Who we are
Stackdd ("Stackdd", "we", "us") provides the Stackdd service. For personal data we collect about you in connection with the Service, Stackdd is the data controller.
2. Data we collect
- Account data — name, email address, login credentials, profile details.
- Content data — links, media, and other content you upload to your Stackdd page.
- Usage and telemetry — pages visited, clicks on your links, device and browser information, approximate location derived from IP.
- Support data — messages and attachments you send to support.
- Payment data — handled by Paddle as Merchant of Record; we receive a subscription status and a transaction reference, not your full card details.
3. How we use your data
- To create your account and provide the Service (legal basis: performance of contract).
- To process payments and manage subscriptions through Paddle (performance of contract).
- To prevent fraud, abuse and security incidents (legitimate interests).
- To improve and develop the Service (legitimate interests).
- To respond to support requests (performance of contract / legitimate interests).
- To send service-related communications, and marketing where you've consented (consent, where required).
- To comply with legal obligations (legal obligation).
4. Who we share data with
- Paddle — our Merchant of Record, for sale of the product, subscription management, payments, tax compliance and invoicing.
- Service providers / subprocessors — hosting, database, authentication, analytics and customer support tooling that help us run the Service.
- Professional advisers — legal, accounting and similar advisers when needed.
- Authorities — where required to comply with law or valid legal process.
We do not sell your personal data.
5. International transfers
Some of our providers may process data outside your country of residence, including outside the UK and EEA. Where this happens, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.
6. Retention
We keep personal data for as long as your account is active, and for a limited period afterwards to meet legal, tax and accounting obligations or to resolve disputes. When data is no longer needed, we delete or anonymise it.
7. Your rights
Depending on where you live, you may have rights to access, correct, delete, restrict or object to the processing of your personal data, to data portability, to withdraw consent, and to lodge a complaint with your local data protection authority. We respond to verified requests within the timeframes required by law (within 1 month under UK/EU GDPR).
8. Security
We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls and audit logging. No system is perfectly secure, but we work to keep your data safe.
9. Cookies
We use essential cookies required to run the Service (for example, to keep you signed in). Where we use analytics or marketing cookies, we ask for your consent and you can change your preferences at any time through your browser settings.
10. Contact
To exercise your rights or ask a privacy question, contact us through the support channel listed in your account.