Compliance

Data Protection & Privacy

moodlog.io takes data protection seriously. We comply with applicable data protection regulations and follow industry best practices to safeguard user information.

GDPR Compliance

For users in the European Union, we comply with the General Data Protection Regulation (GDPR). You have the right to access, correct, delete, and export your personal data at any time.

CCPA Compliance

For California residents, we comply with the California Consumer Privacy Act (CCPA). You have the right to know what personal information we collect, opt-out of data sales (we don't sell your data), and request deletion of your information.

Data Rights

You have the following rights regarding your data:

✓
Right to Access - Request a copy of all data we have about you
✓
Right to Rectification - Correct inaccurate or incomplete data
✓
Right to Erasure - Request deletion of your personal data
✓
Right to Data Portability - Export your data in a machine-readable format
✓
Right to Object - Object to certain data processing activities

To exercise these rights, visit your account settings or contact us at privacy@moodlog.io

Data Retention

We retain your data only as long as necessary to provide our services or as required by law:

Active accounts: Data retained while account is active
Deleted accounts: Personal data deleted within 30 days of account deletion
Backups: Backup copies removed within 90 days of deletion
Legal requirements: Some data may be retained longer if required by law

Security Measures

We implement industry-standard security measures to protect your data:

Encryption of data in transit (TLS/SSL)
Encryption of data at rest
Regular security audits and updates
Access controls and authentication
Secure data centers with physical security

For more details, see our Security page.

Third-Party Services

We use carefully selected third-party services to operate moodlog.io:

Payment Processing

Stripe (PCI DSS compliant)

Hosting

Secure cloud infrastructure

We ensure all third parties comply with applicable data protection regulations.

Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

Notify affected users within 72 hours of discovery
Report to relevant supervisory authorities as required by law
Take immediate steps to contain and remediate the breach
Provide guidance on protective measures you can take

Cookie Policy

We use essential cookies to provide our services:

• Session cookies for authentication
• Security cookies for CSRF protection
• Preference cookies for user settings

We do not use tracking or advertising cookies.