Last updated: January 20, 2020
When you sign up for Userbase, we ask for your full legal name, email address, and password. That's just so you can login to your account, use the features of Userbase, and for us to send you invoices, updates, or other essential information. We will never sell your information to third parties, and we won’t use your name in marketing statements without your permission.
When you pay for Userbase, we ask for your credit card and billing address. That's so we can charge you for the service, calculate taxes due, and send you invoices. Your credit card is passed directly to our payment processor (Stripe) and doesn't ever go through our servers. We store a record of the payment transaction for account history, invoicing, and billing support. We store your billing address to calculate any sales tax due in the United States, to detect fraudulent credit card transactions, and to print on your invoices.
When you contact Userbase with a question or to ask for help, we will keep that correspondence and the email address for future reference. When you browse our website and marketing pages, we may track that for statistical purposes (like conversion rates and to test new designs). We also store any information you volunteer, like surveys, for as long as it makes sense.
The only times we’ll ever share your info:
You may have heard about the General Data Protection Regulation ("GDPR") in Europe. GDPR gives people under its protection certain rights with respect to their personal information collected by us from this website. Accordingly, Userbase recognizes and will comply with GDPR. Your rights under GDPR include:
Many of these rights can be exercised by signing in and directly updating your account information. If you have questions about exercising these rights or need assistance, please contact us at firstname.lastname@example.org.
As part of the services we provide, and only to the extent necessary, we may use certain third party processors to process some or all of your personal information. For identification of these processors, and where they are located, please see our subprocessor listing. We have signed appropriate data processing contracts that comply with GDPR with each processor.
Userbase won’t hand your data over to law enforcement unless a court order says we have to. We flat-out reject requests from local and federal law enforcement when they seek data without a court order. And unless we're legally prevented from it, we will always inform you when such requests are made.
All data is encrypted via SSL/TLS every time it travels on a network, including when transmitted from our servers to your browser. All data is also encrypted at rest, both when it is live in the database, as well as during backups.
When you cancel your account, we will ensure that nothing is stored on our servers past 30 days. Anything you delete on your account while it's active will also be purged within 30 days.
Userbase is operated in the United States, from the Amazon Web Services us-east-1 region. If you are located in the European Union or elsewhere outside of the United States, please be aware that any information you provide to us will be transferred to the United States. By using our services or providing us with your information, you consent to this transfer.
Userbase may update this policy occassionally. We will notify you about significant changes by emailing the account owner or by placing a prominent notice on the website. You can access, change or delete your personal information at any time by contacting support.