Pingfyr

Privacy Policy

Last updated: March 5, 2026

1. Information We Collect

We collect the following information when you use Pingfyr:

  • Account information — your email address and password hash, managed securely via Supabase Auth.
  • API usage data — reminder content, recipient addresses, delivery logs, channel types (email, webhook, Slack, Discord, Telegram, OpenClaw), and timestamps.
  • Payment information — billing details are processed by Stripe. Pingfyr does not store credit card numbers or raw payment data.
  • Session data — authentication session cookies managed by Supabase.

2. How We Use Your Information

We use your information to:

  • Provide and operate the reminder scheduling service.
  • Process payments for paid plans via Stripe.
  • Send transactional communications, including reminder delivery confirmations and account notifications, via Resend.
  • Generate delivery logs displayed in your dashboard.

We do not sell personal data to third parties.

3. Third-Party Services

Pingfyr relies on the following third-party service providers. Each processes data according to their own privacy policy:

  • Supabase — database and authentication hosting (AWS eu-west region, EU data center).
  • Stripe — payment processing (PCI DSS compliant).
  • Resend — transactional email delivery.
  • Telegram Bot API — Telegram channel reminder delivery.
  • Slack — Slack incoming webhook reminder delivery.
  • Discord — Discord incoming webhook reminder delivery.

4. Data Retention

Account data is retained for as long as your account remains active. Reminder content and delivery log data is retained for 30 days after delivery or cancellation. Upon account deletion, your personal data is removed within 30 days.

5. Your Rights (GDPR / CCPA)

Depending on your location, you may have the following rights regarding your personal data:

  • Right to access and receive a copy of your personal data.
  • Right to correct inaccurate data.
  • Right to delete your personal data (right to erasure).
  • Right to data portability.
  • Right to opt out of non-essential communications.

To exercise any of these rights, contact us at support@pingfyr.com. EU residents may also lodge a complaint with their local data protection authority.

6. Cookies and Session Data

Pingfyr uses session cookies for authentication purposes only. We do not use advertising cookies, tracking cookies, or third-party analytics (no Google Analytics, no Meta Pixel). You can disable cookies in your browser settings, but this will prevent you from logging in.

7. Security

We implement the following security measures to protect your data:

  • Data encrypted in transit using TLS.
  • Data encrypted at rest using AES-256 via Supabase.
  • API keys hashed before storage — raw keys are never stored.
  • Per-user data isolation enforced via access controls.

8. Children's Privacy

Pingfyr is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us at support@pingfyr.com and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email with at least 30 days notice before the changes take effect. Continued use of the service after the notice period constitutes acceptance of the updated policy.

10. Contact

For privacy inquiries or data requests, please contact us at support@pingfyr.com.

11. GDPR Information

Data Controller

Anil Ozsoy, Meerbusch, 40670, Germany.
Email: anil@pingfyr.com

Legal Basis

We process your personal data on the basis of Art. 6(1)(b) GDPR — processing is necessary for the performance of the contract (providing the Pingfyr reminder service). No separate consent is required for data processing necessary to operate the service.

Data Location

Your data is stored on Supabase infrastructure hosted on AWS in the eu-west region (European Union).

Data Retention

Reminder content, delivery logs, and related operational data are automatically deleted 30 days after delivery or cancellation. Account data is retained for as long as your account is active.

Right to Lodge Complaint

You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

Stay in the loop

New channels, API features, and developer guides — straight to your inbox. No spam.