Privacy Policy

Last updated: March 14, 2026

Your privacy matters to us. DailySpark collects only the minimum information necessary to deliver our SMS service. We never sell, share, or rent your personal data to third parties for marketing purposes.

1. Information We Collect

1.1 Information You Provide

When you sign up for DailySpark, we collect:

Phone number — Required to deliver SMS messages and verify your identity.
Topic preference — The message category you choose (e.g., motivation, fitness).
Delivery time preference — Your preferred time to receive daily messages.
Timezone — To ensure messages arrive at your preferred local time.
Subscription plan — The plan you select (free trial or paid).

1.2 Information Collected Automatically

We may automatically collect:

Message delivery data — Timestamps, delivery status, and message history for your account.
Device and browser information — When you visit our website, we may collect your IP address, browser type, operating system, and referring URLs.
Usage data — How you interact with our website and dashboard.

2. How We Use Your Information

We use your information solely to:

Deliver the Service — Send daily motivational messages to your phone at your preferred time.
Verify your identity — Send one-time verification codes (OTPs) via SMS.
Manage your account — Allow you to update preferences, view message history, and manage your subscription.
Improve the Service — Analyze usage patterns to improve our message quality and delivery reliability.
Communicate with you — Send service-related notifications (e.g., subscription expiration, service changes).
Process payments — Handle subscription payments through our payment processor.

3. Third-Party Services

We use the following third-party services to operate DailySpark:

Twilio — For SMS message delivery. Twilio processes your phone number to deliver text messages. Twilio's Privacy Policy
Supabase — For secure data storage. Your account information is stored in Supabase's cloud infrastructure. Supabase Privacy Policy
Netlify — For website hosting and serverless functions. Netlify Privacy Policy

These services have their own privacy policies, and we encourage you to review them. We only share the minimum data necessary for each service to function.

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service:

Account data — Retained while your account is active. Deleted upon account termination request.
Message history — Retained for up to 90 days for dashboard display, then automatically deleted.
OTP codes — Automatically expired and deleted after 10 minutes.
Payment records — Retained as required by tax and financial regulations (typically 5-7 years).

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

Encrypted data transmission (HTTPS/TLS).
Secure authentication via one-time codes (no passwords stored).
Access controls and principle of least privilege for internal systems.
Regular security reviews of our infrastructure.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

6. Your Rights

Depending on your jurisdiction (including under GDPR, for EU/EEA residents), you may have the right to:

Access — Request a copy of the personal data we hold about you.
Rectification — Request correction of inaccurate personal data.
Erasure — Request deletion of your personal data ("right to be forgotten").
Restriction — Request that we limit how we use your data.
Portability — Request your data in a structured, commonly used format.
Object — Object to the processing of your data for certain purposes.
Withdraw consent — Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at support@zace.ro. We will respond within 30 days.

7. Cookies

Our website uses minimal cookies and local storage:

Authentication tokens — Stored in your browser's local storage to keep you logged into your dashboard.
Session data — Temporary data used during the signup and verification process.

We do not use tracking cookies, advertising cookies, or third-party analytics that track you across the web.

8. Children's Privacy

DailySpark is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we discover that we have collected data from a child under 16, we will promptly delete it. If you believe we have inadvertently collected information from a minor, please contact us immediately.

9. International Data Transfers

Your data may be processed and stored in locations outside your country of residence, including the United States and European Union. When data is transferred internationally, we ensure appropriate safeguards are in place in compliance with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Posting the updated Privacy Policy on our website with a new "Last updated" date.
Sending an SMS notification for significant changes that affect how your data is used.

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: support@zace.ro
Website: https://zace.ro

By using DailySpark, you acknowledge that you have read and understood this Privacy Policy.