Privacy Policy

Recontact ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our contact form management service ("Service").

We are privacy-first by design. We do not track users, sell data, or use invasive analytics. This policy describes the minimal data we collect to provide the Service.

We use the information we collect to:

• Provide and maintain the Service
• Process and deliver form submissions
• Send email notifications to registered domain owners
• Prevent spam and abuse through rate limiting
• Enforce our blocklist functionality
• Respond to support requests
• Comply with legal obligations
• Improve and optimize the Service

We do not:

• Track users across websites
• Use cookies for tracking or advertising
• Sell or rent your data to third parties
• Use your data for marketing without consent
• Share your data except as described in this policy

We retain your information for as long as necessary to provide the Service:

• Account data: Retained while your account is active
• Form submissions: Retained until you delete them or close your account
• Technical logs: Retained for 30 days for security and debugging purposes
• Blocklist entries: Retained until you remove them

You may request deletion of your data at any time by contacting us. We will delete your data within 30 days of your request, except where retention is required by law.

We do not sell or rent your personal information. We may share your information only in the following circumstances:

• Service Providers: We use Cloudflare for infrastructure and CAPTCHA services. These providers have access only to information necessary to perform their functions.
• Legal Requirements: We may disclose information if required by law, court order, or government request.
• Protection of Rights: We may disclose information to protect our rights, property, or safety, or that of our users or the public.
• Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We implement appropriate technical and organizational measures to protect your information:

• Data is transmitted over HTTPS encryption
• Database access is restricted and authenticated
• Rate limiting prevents abuse and brute force attacks
• Regular security updates and monitoring

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a portable format
• Objection: Object to processing of your personal information
• Restriction: Request restriction of processing in certain circumstances

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

Recontact does not use cookies for tracking or advertising purposes. The Service may use essential cookies only for:

• Session management (if you have an account dashboard)
• Security and fraud prevention

Cloudflare Turnstile may use cookies or similar technologies for CAPTCHA functionality. See Cloudflare's privacy policy for details.

The Service integrates with the following third-party services:

• Cloudflare: Infrastructure, CDN, and Turnstile CAPTCHA (Privacy Policy)

These services have their own privacy policies. We recommend reviewing them to understand how they handle your information.

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to be informed about data collection and use
• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making

Our lawful basis for processing your data is typically consent or legitimate interest in providing the Service.

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to say no to the sale of personal information
• Right to access your personal information
• Right to equal service and price

Note: We do not sell personal information.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

Your continued use of the Service after changes are posted constitutes acceptance of the modified Privacy Policy.

If you have any questions about this Privacy Policy or our data practices, please contact us at:

[email protected]

For GDPR-related inquiries, you may also contact your local data protection authority.