Legal

Privacy Policy

Last updated: February 2026

At Pantova, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

1. Information We Collect

Information You Provide

We collect information you provide directly to us, including:

  • Account information (name, email, password)
  • Profile information (bio, avatar, social links)
  • Payment information (processed securely through Stripe)
  • Content you create (offers, memberships, pages)
  • Communications with us (support requests, feedback)

Automatically Collected Information

When you use Pantova, we automatically collect certain information, including:

  • Device and browser information (type, version, operating system)
  • IP address
  • Pages visited and actions taken on the platform
  • Error and performance data (collected via Sentry in production at a 10% sample rate for reliability monitoring)

We do not use third-party advertising trackers, retargeting pixels, or behavioral advertising tools.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send you technical notices and support messages
  • Respond to your comments and questions
  • Analyze usage patterns to improve user experience
  • Protect against fraudulent or illegal activity

3. Information Sharing

We do not sell your personal information. We may share your information in the following circumstances:

  • With service providers who assist in our operations (see Section 4 below)
  • To comply with legal obligations
  • To protect our rights, privacy, safety, or property
  • In connection with a merger, acquisition, or sale of assets

4. Service Providers

We work with the following service providers to operate the platform:

  • Stripe — Payment processing. Stripe handles all payment card data and is PCI-DSS compliant. See Stripe's Privacy Policy.
  • Supabase — Database, authentication, and file storage (hosted on AWS infrastructure).
  • Vercel — Hosting, CDN, and edge computing.
  • Sentry — Error monitoring in production only, used to identify and fix bugs.

We do not sell personal information. We do not share data with advertising networks.

5. Cookies and Local Storage

We use a minimal set of cookies and local storage for essential platform functionality:

  • Authentication session cookie (Supabase) — Essential for keeping you signed in. This is a first-party, session-based cookie.
  • Theme preference (localStorage) — Stores your display preference (light/dark mode). Functional only.
  • Analytics queue (localStorage) — Buffers internal analytics events before they are sent to our servers. Internal use only.

We do not use third-party tracking cookies. No cookie consent banner is required as we do not employ advertising or non-essential tracking cookies. For full details, see our Cookie Policy.

6. Data Retention

We retain your information according to the following schedule:

  • Active accounts — Your data is retained for as long as your account remains active.
  • Account deletion — Upon request, your personal data is deleted or anonymized within 30 days, except where retention is required by law (e.g., tax records, transaction histories).
  • Analytics data — Aggregated and anonymized within 90 days of collection.
  • Error monitoring data (Sentry) — Automatically purged after 90 days.
  • Payment records — Retained by Stripe in accordance with Stripe's retention policies.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have rights regarding your personal information, including:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion of your data
  • Data portability
  • Objection to certain processing

California Residents (CCPA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know — You may request details about the categories and specific pieces of personal information we have collected about you.
  • Right to delete — You may request that we delete your personal information, subject to certain legal exceptions.
  • Right to opt-out of sale — We do not sell personal information, so no opt-out is necessary.
  • Right to non-discrimination — We will not discriminate against you for exercising any of your CCPA rights.

International Users

Pantova is based in the United States and your data is processed and stored in the United States. By using Pantova, you consent to the transfer of your information to the United States, which may have different data protection laws than your country of residence.

9. Children's Privacy

Pantova is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA). If we discover that we have collected personal information from a child under 13, we will delete that information promptly.

If you believe a child under 13 has provided us with personal information, please contact us at support@pantova.com. Additionally, you must be at least 18 years of age to create a Pantova account, as outlined in our Terms of Service.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at support@pantova.com

Pantova