Legal
Last updated: April 2026
Placeholder notice: This is a draft privacy policy for development purposes. It should be reviewed and approved by a qualified legal professional before FlarePath is made available to the public.
FlarePath is committed to being transparent about the data we collect and how we use it. This policy explains what we collect, why, and what your rights are. We've written it in plain language — if something is unclear, please ask.
When you create an account, we collect your name and email address. When you use FlarePath, we store the data you enter — application records, portfolio metadata, and review notes. We also collect basic usage data (page views, feature interactions) to understand how the product is being used and where we can improve it.
We use your data to operate FlarePath and provide the service you signed up for. We use usage data to improve the product. We do not sell your data. We do not use your data to train machine learning models without your explicit consent. We may send you transactional emails (account confirmation, password reset) and, if you opt in, product updates.
Your data is stored in Supabase, hosted on infrastructure in the EU. We take reasonable technical and organisational measures to protect your data. Backups are retained for 30 days. You can request deletion of your account and associated data at any time by contacting us.
FlarePath uses a small number of third-party services to operate: Supabase for database and authentication, Vercel for hosting, and Resend for transactional email. Each of these services has its own privacy policy. We do not share your data with any other third parties unless required by law.
If you have questions about this policy, or want to request access to or deletion of your data, contact us via the contact page. We will respond within five business days.