# Data & Privacy
What types of data do we collect?
Maker only collects the minimum data necessary to operate and improve our service:
* **Account data**: your name, email, and billing details.
* **Project metadata**: project names, creation/update timestamps, and anonymized usage logs.
> 🔔 We do not collect any personal data from your end users.
How is my data stored and protected?
* **Encryption**
* In transit: TLS 1.2+
* At rest: AES-256
* **Access Controls**
* Role-based permissions (least-privilege)
Who has access to my data?
Only authorized Maker personnel with a legitimate support or maintenance need can view customer data. All internal access is strictly audited.
Do you share personal data with third parties?
No personal data is shared without your explicit consent, except:
1. When required by law or a valid subpoena.
2. For opt-in integrations (e.g., analytics providers).
Compliance & Regulations
Maker adheres to:
* **GDPR** (EU)
* **CCPA** (California)
You have full control: request data exports or deletions at any time.
Data Retention Policy
* **Usage & audit logs**: retained for **90 days**.
* **Account & project data**: retained until you delete your account.
* **Backups**: incremental nightly snapshots, retained per our disaster-recovery policy.
Can I access or delete my data?
Yes. Email with your request. After verifying your identity, we’ll promptly provide exports or execute deletions as required.
What if there’s a data breach?
In the unlikely event of a breach, we will:
1. Contain and remediate immediately.
2. Notify affected customers within **72 hours** with full details.
3. Perform a post-incident review and update our response processes.
Who do I contact with data-privacy concerns?
For any questions or concerns about data privacy, please reach out through the in-app chat, available to users on our Pro and Team plans.
***