Privacy Policy

Last updated: 3/26/2026

1. Introduction

Welcome to PainSignal.app ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

2. Information We Collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data includes first name, last name, username or similar identifier.
  • Contact Data includes email address and potential billing address.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Usage Data includes information about how you use our website, products and services.

3. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.

3.1 Analytics and Cookie Policy

We use Plausible Analytics, a privacy-first analytics solution that is fully GDPR, CCPA, and PECRA compliant. Unlike traditional analytics tools, Plausible:

  • Does not use cookies - No persistent identifiers are stored on your device
  • Does not collect personal data - All data is aggregated and anonymized
  • Does not track across devices or websites - Each page view is counted independently
  • Anonymizes IP addresses - Your full IP address is never stored in our database
  • Self-hosted in the EU - All data is processed on servers in Germany, owned by European companies

Because Plausible Analytics does not use cookies or collect personal data, no cookie consent banner is required under GDPR regulations. You can read more about Plausible's privacy commitment at plausible.io/data-policy .

3.2 Local Storage Usage

Our website uses browser local storage for essential functionality:

  • Authentication tokens - To maintain your logged-in session securely (JWT access and refresh tokens)
  • Theme preference - To remember your light/dark mode selection
  • User preferences - To save filter settings and UI state for better user experience

Local storage is used strictly for functional purposes necessary to provide our service. This data is stored only on your device and is not shared with third parties.

4. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

5. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

6. Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.

7. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us at: [email protected]