Privacy Notice

Last updated: June 13, 2026

1. Who we are

DelayDHD is operated by Rebecca-kay Francis ("we", "us"), who is the data controller for personal data collected through the Service.

2. Personal data we collect

• Account data: name (if provided), email address, hashed password / authentication tokens.
• User content: tasks, brain dumps, notes, and chat messages you create in the Service.
• Usage & telemetry: feature usage counts, plan tier, log of requests, error reports.
• Device & technical data: IP address, browser type, device identifiers, cookies.
• Support data: messages you send to us through support channels.

Payment data (card details, billing address, tax IDs) is collected directly by our Merchant of Record, Paddle, and is not stored by us.

3. How we use your data

• Creating and managing your account (legal basis: performance of contract).
• Providing the Service and AI features (performance of contract).
• Security, fraud prevention, and abuse detection (legitimate interests).
• Product improvement and analytics (legitimate interests).
• Customer support (performance of contract).
• Marketing communications, where you have opted in (consent).
• Complying with legal obligations (legal obligation).

4. Who we share data with

• Service providers / subprocessors who host and operate the Service (cloud hosting, database, AI model providers, error monitoring, analytics).
• Paddle.com, our Merchant of Record, which handles payments, subscription billing, tax compliance, invoicing, and refund processing.
• Professional advisers such as accountants and lawyers, where necessary.
• Authorities, where required by law or to protect our rights.

5. International transfers

Some of our service providers may process data outside your home country. Where required by law (for example, transfers out of the UK or EEA), we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

6. Data retention

We retain personal data only as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. When you delete your account, we delete or anonymise your personal data within a reasonable period, except where we are required to retain it (for example, for tax records).

7. Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, or port your personal data, to object to certain processing, and to withdraw consent. UK/EEA users have these rights under the UK GDPR / GDPR, and may complain to their local supervisory authority. We will respond to verified requests within one month.

To exercise any right, contact us through the support channel inside the app.

8. Security

We use appropriate technical and organisational measures — including encryption in transit, access controls, and least-privilege practices — to protect your personal data. No system is completely secure; we work to remediate vulnerabilities promptly.

9. Cookies

We use cookies (and similar technologies) that are essential for the Service to function, such as authentication and session management. We may also use limited analytics cookies to understand how the Service is used. You can manage cookies through your browser settings.

10. Children

The Service is not directed at children under the age of digital consent in their jurisdiction. We do not knowingly collect personal data from such children.

11. Changes

We may update this Notice from time to time. Material changes will be communicated through the Service.

12. Contact

For privacy questions, contact Rebecca-kay Francis through the in-app support channel.