Privacy Policy

Last updated: February 17, 2026

1. Introduction

Welcome to SaaSfolio ("we," "our," or "us"). SaaSfolio is a portfolio management platform designed for software investors, lifetime deal (LTD) buyers, and agencies to track their SaaS tool investments, revenue, and ROI.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at saasfolio.com and use our platform at portal.saasfolio.app (collectively, the "Service"). Please read this policy carefully. By using the Service, you agree to the collection and use of information as described in this policy.

2. Information We Collect

2.1 Information You Provide Directly

When you create an account or use our Service, we may collect:

• Account information: Your name, email address, and password when you sign up
• Profile information: Any optional profile details you choose to add
• Portfolio data: Information about your software tools, purchases, costs, revenue, and clients that you enter into the platform
• Payment information: Billing details when you subscribe to a paid plan (processed securely by our payment provider — we do not store your full credit card number)
• Communications: Messages and feedback you send to our support team
• Custom domain settings: Domain names and SMTP configuration details if you use Premium features

2.2 Information Collected Automatically

When you access the Service, we may automatically collect:

• Device information: Browser type, operating system, device type, and screen resolution
• Log data: IP address, access times, pages viewed, referring URL, and actions taken within the platform
• Usage analytics: Feature usage patterns, click events, and session duration to help us improve the Service
• Cookies: Small data files stored on your device (see Section 6 for details)

2.3 Information From Third Parties

We may receive limited information from third-party services:

• Authentication providers: If you sign in using a third-party service (e.g., Google OAuth), we receive your name and email address from that provider
• Payment processors: Transaction confirmations and subscription status from our payment provider

3. How We Use Your Information

We use the information we collect to:

• Provide the Service: Operate, maintain, and improve the SaaSfolio platform, including portfolio tracking, analytics, and reporting features
• Process transactions: Handle subscription payments, upgrades, and refunds
• Send communications: Deliver account-related emails, security alerts, and service updates
• Improve the platform: Analyze usage patterns to enhance features, fix bugs, and optimize performance
• Provide support: Respond to your inquiries and resolve issues
• Ensure security: Detect, prevent, and address fraud, abuse, and technical issues
• Generate analytics: Create aggregated, anonymized statistics to understand how the Service is used (we never share individual user data)

We will never sell your personal information or portfolio data to third parties. Your software investment data is yours — we simply provide the tools to analyze it.

4. Data Storage & Security

We take the security of your data seriously and implement industry-standard measures to protect it:

• Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS/SSL (HTTPS)
• Encryption at rest: Sensitive data stored in our databases is encrypted
• Access controls: We restrict access to your personal data to authorized personnel who need it to operate, develop, or improve the Service
• Regular backups: Your data is backed up regularly to prevent loss
• Secure infrastructure: Our servers are hosted on reputable cloud providers with SOC 2 compliance and enterprise-grade security

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously monitor and update our security practices.

5. Data Sharing & Third Parties

We do not sell, trade, or rent your personal information. We may share your data only in the following limited circumstances:

• Service providers: We work with trusted third-party services to operate the platform (e.g., cloud hosting, payment processing, email delivery). These providers are contractually obligated to protect your data and use it only for the services they provide to us
• Legal requirements: We may disclose your information if required by law, regulation, legal process, or governmental request
• Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. We will notify you before your data becomes subject to a different privacy policy
• With your consent: We may share your information for any other purpose with your explicit consent

5.1 Third-Party Services We Use

Our Service may integrate with or rely on the following types of third-party services:

• Cloud hosting and infrastructure providers
• Payment processing services
• Email delivery services (including custom SMTP for Premium users)
• Analytics services (anonymized usage data only)
• Authentication providers

6. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience:

• Essential cookies: Required for the Service to function properly (e.g., session management, authentication). These cannot be disabled
• Functional cookies: Remember your preferences and settings (e.g., theme, language)
• Analytics cookies: Help us understand how visitors interact with the Service so we can improve it. These collect anonymized data only

We do not use advertising or tracking cookies. We do not serve ads and do not share your browsing behavior with advertisers.

You can control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of the Service.

7. Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data and account. You can do this directly from your account settings or by contacting us
• Data export: Export your portfolio data at any time using the Export feature in the platform (available on both Free and Premium plans)
• Opt-out: Unsubscribe from non-essential emails at any time using the unsubscribe link in any email
• Restrict processing: Request that we limit the processing of your data in certain circumstances
• Data portability: Request your data in a structured, machine-readable format

To exercise any of these rights, contact us at privacy@saasfolio.com. We will respond within 30 days.

7.1 GDPR (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR). Our legal basis for processing your data includes:

• Contract performance: Processing necessary to provide the Service you've signed up for
• Legitimate interests: Improving the Service, ensuring security, and communicating with you
• Consent: Where you've given us explicit consent (e.g., for analytics cookies)

7.2 CCPA (California Users)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights. We do not sell personal information. You have the right to know what personal information we collect, request its deletion, and not be discriminated against for exercising your rights.

8. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Specifically:

• Account data: Retained while your account is active. Deleted within 30 days of account deletion request
• Portfolio data: Retained while your account is active. You can export your data at any time before deleting your account
• Payment records: Retained for up to 7 years for tax and legal compliance purposes
• Log data: Retained for up to 90 days for security and debugging purposes
• Backups: Data may persist in encrypted backups for up to 30 days after deletion

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we implement appropriate safeguards, such as Standard Contractual Clauses (SCCs), to ensure your data receives an adequate level of protection.

10. Children's Privacy

SaaSfolio is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child under 16, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at privacy@saasfolio.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Notify you via email if the changes are significant
• Post a notice on our website

We encourage you to review this policy periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: privacy@saasfolio.com
• Website: saasfolio.com

We take privacy seriously and will do our best to respond to your inquiry within 30 days.