Privacy Policy
Effective date: March 30, 2026 · Last updated: March 30, 2026
ShieldSight Builder ("we", "us", or "our") is a SaaS builder platform operated by ShieldSight. This Privacy Policy explains what information we collect, how we use it, and the choices you have.
By using our website or platform, you agree to the practices described below. If you have questions, email us at shieldsight@polsia.app.
1. Information We Collect
Information you provide directly
- Waitlist signups: name, email address, and business type
- Audit tool: quiz answers, self-assessment responses, and email address (if you request a report)
- Account registration: name, email address, and password (hashed, never stored in plain text)
- Billing: payment information processed by Stripe — we never store full card numbers
Information collected automatically
- Page views and navigation events (page path, timestamp, anonymized IP hash)
- UTM / referral parameters to understand how you found us
- Session data stored in an encrypted server-side session cookie
- Browser type and device type (via standard HTTP headers)
2. How We Use Your Information
- To deliver the platform and features you signed up for
- To send product updates, onboarding communications, and waitlist notifications (you can unsubscribe any time)
- To process payments via Stripe
- To improve the platform through aggregate usage analytics
- To respond to support requests sent to our email
- To detect and prevent fraud or abuse
3. Data Storage & Security
Your data is stored in a PostgreSQL database (Neon) hosted in the United States. Sessions are stored with industry-standard encryption. Passwords are hashed using bcrypt before storage. We never log or store plain-text passwords or full payment card numbers.
Our application is hosted on Render. Render maintains SOC 2 Type II compliance. You can review Render's security practices at render.com/security.
No system is perfectly secure. While we use industry best practices to protect your data, we cannot guarantee absolute security.
4. Third-Party Services
We use the following third-party services to operate the platform:
- Stripe — payment processing. Stripe's privacy policy: stripe.com/privacy
- Postmark / Polsia Email Proxy — transactional email delivery (welcome emails, notifications)
- Render — application and database hosting
- Neon — PostgreSQL database hosting
We do not sell your personal information to any third party.
5. Cookies & Sessions
We use a server-side session cookie to keep you logged in. This cookie is:
- HTTP-only (not accessible via JavaScript)
- Secure (only sent over HTTPS in production)
- Session-scoped by default (expires when you close your browser, or after an inactivity timeout)
We use Meta Pixel (Facebook) to understand how visitors interact with our marketing pages. You may opt out by visiting your Facebook ad settings. We do not sell your personal data to any third party.
6. Your Rights (GDPR & General)
Regardless of where you are located, you have the right to:
- Access: request a copy of the personal data we hold about you
- Correction: ask us to correct inaccurate data
- Deletion: request that we delete your account and personal data
- Portability: request an export of your data in a machine-readable format
- Opt-out: unsubscribe from marketing emails using the link in any email we send
To exercise any of these rights, email shieldsight@polsia.app. We will respond within 30 days.
7. Data Retention
We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law (e.g., financial records related to Stripe transactions, which Stripe retains per their policies).
Waitlist-only entries (email, no account) are retained until you request removal or unsubscribe.
8. Children's Privacy
Our platform is not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact us and we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top and, for material changes, notify you by email or a prominent notice on the platform.
10. Contact
Questions about this policy? Email us at shieldsight@polsia.app.