Skip to main content
{h}eadless
Coming Soon

Privacy Policy

Last updated: January 2025

Your privacy matters. We believe you should have full control over your data and understand exactly how it's used. This policy explains our practices in plain language—no legal jargon, no hidden clauses.

Our Principles

  • Minimal collection. We only collect data necessary to provide our service.
  • No selling. We never sell your personal data. Period.
  • Your control. You can export, modify, or delete your data at any time.
  • Transparency. We tell you what we collect and why.

What We Collect

Account Information

When you create an account, we collect your email address and name. If you use OAuth, we receive basic profile information from your provider. We use this to authenticate you and communicate important account updates.

Content You Create

Your content types, entries, and media are stored to provide our service. This data belongs to you—we're just custodians. You can export everything at any time.

Usage Data

We collect basic analytics to understand how our service is used and identify issues. This includes page views, feature usage, and error reports. We don't track you across the web.

What We Don't Collect

  • • We don't use third-party tracking or advertising cookies
  • • We don't collect biometric data
  • • We don't build advertising profiles
  • • We don't share data with data brokers

Data Security

We take security seriously. Your data is encrypted in transit (TLS 1.3) and at rest (AES-256). We use industry-standard security practices, regular security audits, and maintain SOC 2 compliance. Passwords are hashed using bcrypt with appropriate cost factors. Two-factor authentication is available for all accounts.

Your Rights

You have the right to:

  • Access your personal data
  • Export your content and data in standard formats
  • Correct inaccurate information
  • Delete your account and all associated data
  • Object to processing for certain purposes

To exercise these rights, visit your account settings or contact us at support@headless.build

Data Retention

We retain your data only as long as your account is active or as needed to provide services. When you delete your account, we remove your personal data within 30 days, except where we're legally required to retain certain records.

Changes to This Policy

If we make significant changes to this policy, we'll notify you via email before they take effect. Minor clarifications may be made without notice, but the "last updated" date will always reflect the current version.

Contact Us

Questions about this policy? Reach out at support@headless.build