Privacy Policy

1. Overview

Starkive (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights. By using Starkive you agree to the practices described here.

2. Data we collect

We collect only the minimum data necessary to provide the service:

• Account data: Your email address when you create an account. Used to send open notifications and authenticate your session.
• File metadata: The filename, a unique file token (UUID), star name, recipient hint, and open count. We never store the contents of your files.
• Open event data: Timestamp, country code (ISO 3166-1 alpha-2), and user agent string at the time a file is opened.
• No IP addresses: IP addresses are used solely for the immediate derivation of a country code and are never stored in any database or log.

3. Data we do not collect

• File contents — your files are encrypted on your device and never transmitted to our servers.
• Passwords or encryption keys — these stay on your local machine.
• IP addresses — not stored beyond the immediate country-code lookup.
• Payment information — Starkive is currently free and does not collect payment data.

4. How we use your data

• To send you email notifications when your files are opened.
• To maintain your file open history in the dashboard.
• To generate PDF open certificates.
• To improve the reliability and performance of the service.

5. Third-party services

Starkive uses the following third-party services:

• Supabase — database and authentication. Data stored in the EU (aws-eu-west-1). Supabase Privacy Policy.
• Resend — transactional email delivery. Resend Privacy Policy.
• Cloudflare — edge delivery and DDoS protection. Cloudflare Privacy Policy.

6. Data retention

We retain account and file metadata for as long as your account is active. Open event records are retained for 24 months. You may request deletion of your data at any time by contacting us at support@depaloconsultingllc.com.

7. Your rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal data. To exercise any of these rights, contact us at support@depaloconsultingllc.com.

8. Security

All data in transit is encrypted via TLS 1.2+. OAuth tokens stored by the desktop application are encrypted using Windows DPAPI. We apply the principle of least privilege to all database access policies.

9. Changes to this policy

We may update this policy from time to time. We will notify registered users by email of any material changes. Continued use of Starkive after such notice constitutes acceptance of the updated policy.

10. Contact

Questions about this policy? Contact us at support@depaloconsultingllc.com.