Privacy Policy

FastReact Privacy Policy

Last updated: May 18, 2026

At FastReact, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website, purchase our software, or use our services.

We act in the capacity of a data controller and a data processor with regard to the personal data processed through FastReact and the services in terms of the applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

1. Information We Collect

Information You Provide Directly

• Purchase Information: Name, email address, billing information when you buy FastReact.
• Support Communications: Email address and message content when you contact support.
• Newsletter Subscriptions: Email address when you subscribe to updates.
• Account Information: If we implement user accounts, username and profile information.

Information Collected Automatically

• Website Analytics: We use Vercel Analytics, a privacy-friendly analytics service that collects anonymous usage data (page views, referrers, device information, browser type) without using cookies or tracking personal information.
• Affiliate Tracking: When you arrive at our website through an affiliate link, we use Affonso to store a first-party cookie (valid for 30 days) containing the affiliate's identifier. This cookie lets us credit the correct affiliate with a commission if you later make a purchase. No personal data is stored in the cookie.
• Essential Cookies: Strictly necessary cookies required for payment processing through Stripe. These cookies are essential for the website to function and do not require consent under GDPR.

2. How We Use Your Information

We collect and use your personal information for legitimate business purposes, including:

• Service Delivery: Processing purchases, delivering software, and providing customer support.
• Communication: Sending important updates, responding to inquiries, and sharing relevant product information.
• Improvement: Analyzing usage patterns to enhance our website, documentation, and services.
• Legal Compliance: Meeting legal obligations and protecting our rights and interests.
• Marketing: Sending newsletters and updates (with your consent and easy opt-out).

3. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in these limited circumstances:

• Service Providers: We work with trusted partners who help us operate our business:
  • Stripe: Payment processing (essential cookies for fraud prevention)
  • Vercel Analytics: Privacy-friendly website analytics (no cookies, anonymous data only)
  • Affonso: Affiliate program tracking (first-party cookie with affiliate identifier; no personal data)
  • Email Services: For transactional emails and support communications
• Legal Requirements: When required by law, court order, or to protect our rights and safety.
• Business Transfers: In the event of a merger, acquisition, or sale of assets (with notice to users).
• Aggregated Data: Anonymous, non-personally identifiable information for analytics and research purposes.

4. Lawful Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on the following lawful bases:

• Contract Performance: Processing necessary to fulfill our purchase agreement with you (delivering software, providing support).
• Legitimate Interests: Processing for our legitimate business interests (improving services, fraud prevention, security) where these do not override your rights.
• Consent: Where you have given explicit consent (marketing emails, newsletter subscriptions). You may withdraw consent at any time.
• Legal Obligation: Processing required to comply with applicable laws (tax records, legal requests).

5. Data Security and Retention

We implement appropriate technical and organizational measures to protect your personal data:

• Security Measures: Encryption, secure servers, and access controls to prevent unauthorized access, loss, or theft.
• Data Minimization: We collect only the information necessary to provide our services effectively.

Retention Periods

• Purchase Records: Retained for 7 years for tax and legal compliance purposes.
• Support Communications: Retained for 7 years after last contact for continuity of service and dispute resolution, then deleted.
• Newsletter Subscriptions: Retained until you unsubscribe, then deleted within 30 days.
• Analytics Data: Anonymous and aggregated; no personal data retained.

While we use commercially acceptable means to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of data transmitted to or stored by us.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your personal data (subject to legal obligations).
• Portability: Request transfer of your data to another service provider.
• Restriction: Request restriction of processing in certain circumstances.
• Objection: Object to processing based on legitimate interests.
• Opt-out: Unsubscribe from marketing communications at any time.
• Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise these rights, contact us at support@fastreact.dev. We will respond to your request within 30 days.

Right to Lodge a Complaint: If you believe your privacy rights have been violated, you have the right to lodge a complaint with a supervisory authority. For EU residents, this is your local Data Protection Authority. For Canadian residents, this is the Office of the Privacy Commissioner of Canada.

7. Cookies and Tracking

We use a small number of cookies, all first-party:

• Essential (Stripe): Required for payment processing and fraud prevention. These are strictly necessary for the website to function and do not require consent under GDPR.
• Affiliate tracking (Affonso): If you arrive via an affiliate link, a first-party cookie stores the affiliate's identifier for 30 days so we can credit the correct affiliate if you later make a purchase. The cookie contains no personal data. Legal basis: legitimate interests (operating our affiliate program).

For analytics, we use Vercel Analytics, which does not use cookies or track personally identifiable information. It collects only anonymous usage statistics to help us improve the website.

Do Not Track Signals: Our website does not currently respond to "Do Not Track" browser signals. We do not use cookies for advertising or cross-site tracking.

8. Third-Party Services

Our website integrates with the following third-party services. Each has their own privacy policies, and we encourage you to review them:

• Stripe: Payment processing - stripe.com/privacy
• Vercel: Hosting and analytics - vercel.com/legal/privacy-policy
• Resend: Email delivery - resend.com/legal/privacy-policy
• Affonso: Affiliate program tracking - affonso.io/privacy

We are not responsible for the privacy practices, security measures, or data handling of these third-party services. Any data you provide to or that is collected by these services is subject to their respective privacy policies.

9. International Data Transfers

As a Canadian company, we primarily process data within Canada. However, our third-party service providers (Stripe, Vercel, Resend, Affonso) may process data in the United States or other countries as part of their services.

These providers maintain their own GDPR compliance programs and data protection agreements. We select service providers who demonstrate commitment to data protection and maintain appropriate safeguards for international transfers. For details on how each provider handles international data transfers, please refer to their privacy policies linked in Section 8.

10. Children's Privacy

FastReact is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@fastreact.dev and we will promptly delete such information.

11. Limitation of Liability

While we implement reasonable security measures, we cannot guarantee the absolute security of your data. To the maximum extent permitted by law:

• We are not liable for any unauthorized access, data breaches, or data loss resulting from circumstances beyond our reasonable control.
• We are not responsible for the privacy or security practices of third-party services (Stripe, Vercel, Resend, Affonso, etc.) that you interact with through our website.
• We are not responsible for any damages arising from your disclosure of personal information to third parties or in public communications.

By using our services, you acknowledge and accept these limitations. For full liability terms, please refer to our Terms of Service.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website and updating the "Last updated" date.

For material changes that affect how we process your personal data, we will notify existing customers via email. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

• Email: support@fastreact.dev
• Documentation: docs.fastreact.dev

We will respond to your privacy-related inquiries promptly and work to resolve any concerns you may have.