← Back to home

Privacy Policy

Last Updated: January 2026

Overview

PastDu ("we," "us," or "our") operates the pastdu.app website and document preparation service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

Information We Collect

We collect information you provide directly, including:

  • Account information: Email address, name, password (encrypted)
  • Document preparation data: All information you enter during the questionnaire process (names, addresses, dates, amounts, descriptions of your situation)
  • Payment information: Processed and stored securely by Stripe (we do not store your full credit card number)
  • Communications: Messages sent through our contact form or support channels
  • Usage data: Pages visited, features used, time spent (collected via analytics)

How We Use Your Information

We use the information we collect to:

  • Generate your customized documents
  • Store your documents so you can access them later
  • Process payments and send receipts
  • Send you important updates about your account or documents
  • Provide customer support
  • Improve our service and develop new features
  • Comply with legal obligations

We will not send you marketing emails unless you opt in. You can unsubscribe at any time.

Data Retention

We retain your information as follows:

  • Account data: Until you delete your account
  • Document data: Stored indefinitely so you can access past documents
  • Payment records: 7 years for tax and legal compliance
  • Analytics data: Aggregated and anonymized after 26 months

How We Share Your Information

We do not sell your personal information. We share data only with:

  • Service providers: Stripe (payments), Supabase (database), Vercel (hosting)
  • Legal requirements: When required by law or to protect our rights

All service providers are contractually obligated to protect your data.

Data Security

We implement industry-standard security measures to protect your personal information, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of passwords using secure hashing
  • Secure database hosted by Supabase with row-level security
  • Regular security audits and updates

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

Your Rights

Depending on your location, you may have rights regarding your personal information:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information in your account settings
  • Deletion: Request deletion of your account and associated data
  • Portability: Receive your data in a machine-readable format
  • Opt-out: Unsubscribe from marketing emails

To exercise these rights, contact us through our contact form. We will respond within 30 days.

California & EU Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA). If you are an EU resident, you have rights under the General Data Protection Regulation (GDPR).

We do not sell personal information. We do not use your information for automated decision-making that significantly affects you.

Contact Us

For privacy questions or to exercise your rights, contact us through our website contact form.