Privacy Policy

1. Information We Collect

Project owners (account holders)

• Email address — used to create and authenticate your account.
• Password — stored as a secure hash; we never store your plaintext password.
• Payment information — handled entirely by Stripe. We store only a Stripe customer ID; we never see or store your card details.
• Usage data — page views, API calls, and feature usage, used to improve the product.

Waitlist subscribers

• Email address — required for every signup.
• Name — if the project owner has enabled the name field.
• Custom field answers — any additional fields the project owner has configured (e.g., "What is your use case?").
• Referral code — a unique code generated for each subscriber for the referral programme.
• IP address & signup timestamp — recorded at the time of signup for fraud prevention and rate limiting.

2. How We Use Your Information

• To create and manage your Waitspot account.
• To deliver the service — hosting your waitlist page, recording signups, and sending confirmation or opt-in emails.
• To process one-time Pro upgrade payments via Stripe.
• To send transactional emails (signup confirmations, double opt-in verification, referral notifications) on behalf of project owners via Resend.
• To protect against abuse, spam, and fraudulent signups.
• To improve Waitspot features and performance using aggregated, anonymised analytics.

We do not sell your personal data to third parties, and we do not use it for advertising profiling.

3. Data Storage & Security

All data is stored in our database hosted on Supabase (PostgreSQL), running on infrastructure in the United States. We apply row-level security policies so that each project owner can only access their own data; your subscribers are never visible to other Waitspot users.

We use industry-standard TLS encryption in transit. Passwords are hashed with bcrypt. We take reasonable technical and organisational measures to protect your data, though no system can guarantee absolute security.

4. Third-Party Services

We use the following third-party processors. Each has its own privacy policy and data processing agreements where applicable.

• Supabase — database hosting and authentication (supabase.com/privacy).
• Stripe — payment processing (stripe.com/privacy).
• Resend — transactional email delivery (resend.com/legal/privacy-policy).

5. Cookies & Local Storage

We use session cookies issued by Supabase Auth to keep you logged in to your project dashboard. We do not use third-party advertising or tracking cookies. Waitspot's public signup pages store a session token in a cookie solely to support the referral programme and double opt-in flow.

6. Data Retention

• Account data is retained for as long as your account is active. You may delete your account at any time by contacting us.
• Subscriber data is owned by the project owner. Deleting a project permanently removes all associated subscribers from our systems.
• Payment records (Stripe customer ID and one-time payment receipts) may be retained for up to 7 years for legal and accounting purposes.

7. Your Rights

Depending on where you live, you may have rights under applicable privacy law (including GDPR and CCPA) to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Request deletion of your data ("right to be forgotten").
• Object to or restrict certain processing.
• Receive a copy of your data in a portable, machine-readable format (project owners can download subscriber data as CSV at any time from the dashboard).

To exercise any of these rights, email us at team@waitspot.io. We will respond within 30 days.

8. Children's Privacy

Waitspot is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For material changes, we will notify account holders by email or via a notice in the dashboard. Continued use of Waitspot after changes take effect constitutes your acceptance of the updated policy.

10. Contact Us

Questions, requests, or concerns? Reach us at: