Privacy Policy

Last Updated: December 21, 2025

At SastaJugaar, we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

This policy is designed to comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.

1. Information We Collect

We collect information that you provide directly to us and information automatically collected when you use our services.

1.1 Information You Provide

  • Account Information: Name, email address, and password when you create an account
  • Payment Information: Processed and stored by Paddle.com (our payment processor). We do not store complete payment card details
  • Communication Data: Information you provide when contacting our support team
  • Transaction Information: Details of purchases, subscription status, and billing history

1.2 Automatically Collected Information

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent on pages, links clicked, referring pages
  • Cookies and Tracking: We use cookies and similar technologies (see Section 8)
  • Location Data: General location based on IP address for tax calculation and service optimization

2. How We Use Your Information

We use your information for the following purposes:

2.1 Service Provision

  • Process and fulfill your subscription orders
  • Deliver Higgsfield.ai account credentials
  • Manage your account and subscription
  • Process payments through Paddle.com
  • Provide customer support and respond to inquiries

2.2 Communication

  • Send transactional emails (purchase confirmations, account credentials, billing notices)
  • Send service updates and important announcements
  • Respond to your questions and requests
  • Send marketing communications (with your consent, which you can withdraw anytime)

2.3 Improvement and Analytics

  • Analyze usage patterns to improve our website and services
  • Conduct research and analytics
  • Monitor and prevent fraud and security issues
  • Optimize user experience and website performance

2.4 Legal Compliance

  • Comply with legal obligations and regulations
  • Enforce our terms and conditions
  • Protect our rights, privacy, safety, or property
  • Respond to legal requests from authorities

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide services you've requested
  • Legitimate Interests: For fraud prevention, security, and service improvement
  • Legal Obligation: To comply with applicable laws and regulations
  • Consent: For marketing communications and certain cookies (you can withdraw consent anytime)

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information in the following circumstances:

4.1 Service Providers

  • Paddle.com: Our payment processor who handles payment processing, tax calculation, and refunds
  • Higgsfield.ai: To provision your Creator Plan subscription and account access
  • Email Service Providers: To send transactional and service-related emails
  • Analytics Providers: To understand website usage and improve our services

All third-party service providers are bound by confidentiality obligations and data protection agreements.

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to:

  • Comply with legal processes or obligations
  • Protect our rights, property, or safety
  • Prevent fraud or security issues
  • Protect the rights and safety of our users

4.3 Business Transfers

If SastaJugaar is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice and obtain consent as required by applicable law.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Active Accounts: Data retained while your subscription is active
  • Closed Accounts: Data retained for up to 7 years for tax and legal compliance
  • Marketing Data: Retained until you opt out or request deletion
  • Analytics Data: Typically retained for 26 months

After the retention period, we will securely delete or anonymize your personal information.

6. Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal data:

6.1 GDPR Rights (EEA Users)

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Request limitation of data processing
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for marketing communications
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

6.2 CCPA Rights (California Users)

  • Right to Know: What personal information we collect, use, and disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of sale of personal information (we do not sell data)
  • Right to Non-Discrimination: Equal service regardless of exercising privacy rights

6.3 Exercising Your Rights

To exercise any of these rights, please contact us at support@sastajugaar.com. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: SSL/TLS encryption for data transmission
  • Secure Storage: Data stored on secure servers with access controls
  • Payment Security: PCI DSS Level 1 compliant payment processing through Paddle.com
  • Access Controls: Limited employee access on a need-to-know basis
  • Regular Audits: Security assessments and vulnerability testing
  • Incident Response: Procedures for detecting and responding to data breaches

While we strive to protect your information, no method of transmission over the internet is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and collect usage information.

8.1 Types of Cookies We Use

  • Essential Cookies: Required for website functionality and security
  • Performance Cookies: Collect anonymous usage data to improve our website
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Track your browsing for relevant advertising (with consent)

8.2 Managing Cookies

You can control cookies through:

  • Our cookie consent banner when you first visit the website
  • Your browser settings (see your browser's help section)
  • Opt-out tools for third-party advertising cookies

Note: Blocking essential cookies may affect website functionality.

8.3 Third-Party Cookies

We use services from third parties that may set their own cookies:

  • Paddle.com (payment processing)
  • Google Analytics (website analytics)

These third parties have their own privacy policies governing cookie use.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses approved by the European Commission
  • Privacy Shield certification (where applicable)
  • Data Processing Agreements with third-party processors

Paddle.com, our payment processor, complies with international data transfer regulations.

10. Children's Privacy

Our services are not intended for children under 16 years of age (or under 13 in the United States). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@sastajugaar.com, and we will delete such information from our systems.

11. Third-Party Links and Services

Our website may contain links to third-party websites and services, including Higgsfield.ai. We are not responsible for the privacy practices of these third parties.

We encourage you to review the privacy policies of:

  • Higgsfield.ai: For information about how they handle your data when using their platform
  • Paddle.com: For their payment processing and data handling practices
  • Any other third-party services you may access through our website

12. Marketing Communications

We may send you marketing emails about our services, special offers, and updates (with your consent where required by law).

You can opt-out of marketing communications by:

  • Clicking the "unsubscribe" link in any marketing email
  • Updating your preferences in your account settings
  • Contacting us at support@sastajugaar.com

Note: You will continue to receive transactional emails (purchase confirmations, account notifications) even if you opt-out of marketing.

13. Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify affected users within 72 hours of becoming aware of the breach (as required by GDPR)
  • Inform relevant data protection authorities as required by law
  • Provide information about the nature of the breach and steps being taken
  • Offer guidance on protective measures you can take

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Notify you via email (for material changes)
  • Display a prominent notice on our website

Your continued use of our services after changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

15. Contact Us and Data Protection Officer

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: support@sastajugaar.com
  • Subject Line: "Privacy Inquiry" or "Data Protection Request"
  • Response Time: Within 30 days (or as required by applicable law)

For GDPR-related inquiries or to exercise your data protection rights, please clearly state your request and include sufficient information to verify your identity.

16. Paddle.com as Merchant of Record

Paddle.com acts as our Merchant of Record and processes all payments. When you make a purchase:

  • Paddle.com collects and processes your payment information
  • Paddle.com handles tax calculation and collection
  • Paddle.com stores payment card data securely (we do not receive or store complete card details)
  • Paddle.com's privacy policy applies to their data processing activities

We receive only necessary transaction information from Paddle.com to fulfill your order (name, email, purchase details) but not your complete payment card information.

By using SastaJugaar's services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.