Privacy Policy

Collects

• –Username, display name, and email address
• –Password (bcrypt hash — plaintext never stored)
• –Profile picture and cover image (stored via Wisporius Drive)
• –Country derived from IP at sign-up only
• –Session token, IP, approximate location, browser info, and login timestamps
• –Active plan, renewal date, and transaction history (via Wisporius Wallet)
• –Email verification and password-reset codes (deleted within 10 minutes of issue)

Uses

• –Authenticate you across all Wisporius services via a shared session
• –Send transactional emails: verification, password resets, receipts, renewal warnings
• –Enforce plan limits and calculate prorated subscription charges
• –Detect and prevent abuse via rate limiting and session management

Shares

• –Other Wisporius services — via internal, non-public service-to-service calls
• –Cloudflare — infrastructure, DDoS protection, and network-level logs
• –Stripe — payment processing (subscription purchases only)
• –ZeptoMail — transactional email delivery
• –Law enforcement — only when required by valid legal process

Retention

• –Active accounts: retained while the account exists
• –Deleted accounts: soft-deleted (identifying fields retained for reference integrity; cannot log in)
• –Sessions: deleted on logout or after 14 days of inactivity

Collects

• –File and folder metadata: name, size, MIME type, and folder hierarchy (EXIF metadata is stripped from images before storage)
• –Storage usage (total bytes used per account)
• –Folder share relationships: who shared what with whom and at what permission level
• –File visibility and lock status (public/private, password-locked)
• –Upload and modification timestamps

Uses

• –Store, organise, and serve your files and folders
• –Enforce per-account storage quotas based on your plan
• –Enable folder sharing with other Wisporius users (read or write access)
• –Serve public files and profile images to other Wisporius services

Shares

• –Cloudflare R2 — all file contents are stored in Cloudflare object storage
• –Wisporius ID — token validation and username resolution for sharing
• –Other Wisporius services — profile images and files are accessible internally
• –Law enforcement — only when required by valid legal process

Retention

• –Files and folders retained until explicitly deleted by the user
• –Deleted files are removed from storage; no soft-delete for file contents
• –Storage usage figures are updated atomically on each upload or deletion

Collects

• –Credit balances: paid credits (purchased) and free credits (granted)
• –Full transaction history: transfers, credit purchases, spending, and free credit grants
• –Peer-to-peer credit requests: sender, recipient, amount, status, and optional note (max 200 characters)
• –Checkout sessions: linked Stripe payment intent, credit package, amount in cents, and status
• –Item inventory: badges, themes, and other collectibles with acquisition date and optional expiry

Uses

• –Track and display your credit balance across Wisporius services
• –Process peer-to-peer credit transfers and requests between users
• –Handle credit purchases via Stripe and credit services upon payment confirmation
• –Deduct credits when you use paid Wisporius features (free credits spent first)
• –Manage your item and collectible inventory

Shares

• –Stripe — checkout sessions and payment metadata (user ID, package, credit amount)
• –Wisporius ID — token validation, username resolution, and password verification for transfers
• –Other Wisporius services — internal APIs for spending, granting, and checking credits and items
• –Law enforcement — only when required by valid legal process

Retention

• –Transaction history retained indefinitely as a complete financial ledger
• –Checkout sessions retained for payment idempotency
• –Credit requests retained with their resolved status
• –Items retained until revoked by a service or until they expire