Legal
Privacy Policy
This page defines the intended structure of Erasure’s Privacy Policy for the marketing site and product relationship. Placeholder language is not binding until legal review is complete.
Last updated: structure only · not a publication date for binding terms
1. Who we are
Needs legal review[LEGAL REVIEW] Identify the legal entity operating Erasure, registered address, and contact for privacy inquiries.
2. Scope
Needs legal review[LEGAL REVIEW] Clarify whether this policy covers (a) the marketing website, (b) the Erasure application (operator accounts), (c) data processed on behalf of customers, and how those roles differ (controller vs processor framing as applicable).
3. Information we collect
Needs legal review[LEGAL REVIEW] Categories typically include account registration data (name, email, company), billing identifiers when subscriptions are active, product usage/operations logs, support communications, and website analytics if enabled (e.g. privacy-respecting analytics).
Product context (non-binding summary for drafters): consent receipts are designed to avoid unnecessary subject PII on the core path; connector credentials are stored encrypted for customer-configured systems.
4. How we use information
Needs legal review[LEGAL REVIEW] Purposes such as providing the service, authenticating operators, billing, security, support, and improving reliability. State lawful bases where required by applicable law.
6. Retention
Needs legal review[LEGAL REVIEW] Retention for accounts, billing records, logs, and customer-configured operational data. Evidence and receipts retention may depend on customer configuration and product defaults—state accurately after counsel + product alignment.
7. Security
Needs legal reviewSummarize technical measures at a policy level and link to Security. [LEGAL REVIEW] Align wording with enforceable commitments only.
8. Your rights
Needs legal review[LEGAL REVIEW] Rights available under applicable law (access, correction, deletion, etc.) and how to exercise them for Erasure’s processing of website/account data—distinct from end-user rights that customers fulfill using the product.
9. International transfers
Needs legal review[LEGAL REVIEW] Transfer mechanisms if personal data leaves a region (SCCs, etc.), aligned with actual hosting.
10. Children
Needs legal review[LEGAL REVIEW] Age thresholds and whether the service is directed to children.
11. Changes
Needs legal review[LEGAL REVIEW] How material changes are communicated and when they take effect.
12. Contact
Needs legal review[LEGAL REVIEW] Privacy contact email and postal address. Until published, use the company’s designated privacy contact channel.