Privacy Policy

1. Introduction

Welcome to BreakEven Studio, operated by Moore Digital Holdings LLC ("we," "our," or "us"). We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial modeling software as a service (SaaS) platform. By using BreakEven Studio, you agree to the practices described in this policy.

2. Information We Collect

3. How We Use Your Information

We use the collected information for the following purposes:

• To provide, maintain, and improve our services
• To process your financial calculations and generate reports
• To authenticate your identity and maintain your session security
• To communicate with you about service updates, security alerts, and support matters
• To analyze usage patterns and improve user experience
• To detect, prevent, and address technical issues or fraudulent activity
• To comply with legal obligations and enforce our Terms of Service

We do not sell your personal information or financial data to third parties. We do not use your data to train AI models or for advertising purposes.

4. Data Storage and Security

We take data security seriously and implement industry-standard measures to protect your information:

• All data is stored using Google Cloud Firestore with encryption at rest and in transit
• Authentication is handled by Firebase Authentication with secure password hashing
• We use HTTPS/TLS encryption for all data transmission
• Access to your workspace data is restricted to your authenticated user account only via Firestore security rules
• Session cookies are HTTP-only and Secure-flagged to prevent XSS and interception attacks
• Security headers (CSP, HSTS, X-Frame-Options) are enforced on every response

While we implement strong security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but continuously work to improve our safeguards.

5. Third-Party Services

We use the following third-party services to operate our platform:

• Firebase / Google Cloud: Authentication, database storage, and backend infrastructure. Subject to Google's Privacy Policy.
• Vercel: Application hosting and deployment infrastructure. Subject to Vercel's Privacy Policy.
• Google Analytics: Anonymous usage analytics to understand how users interact with the platform. You can opt out via browser-level controls.

These third parties have their own privacy policies governing their use of data. We recommend reviewing their respective policies. We do not share any of your personal or financial data with these services beyond what is necessary to operate the platform.

6. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: You can access your account information and workspace data at any time through the platform.
• Correction: You can update or correct your information through your account settings.
• Deletion: You can request deletion of your account and all associated data by contacting us. We will process deletion requests within 30 days.
• Portability: You have the right to receive your data in a structured, readable format upon request.
• Objection: You can opt out of analytics tracking through your browser or device settings.

To exercise any of these rights, please contact us at admin@moore-digital.com. For GDPR-related requests, please include "GDPR Request" in your subject line.

7. Data Retention

We retain your personal information and workspace data for as long as your account is active or as needed to provide you services. If you request account deletion, we will delete your personal information and workspace data within 30 days, except where we are required to retain it for legal, tax, or regulatory purposes.

8. International Data Transfers

Moore Digital Holdings LLC is based in Austin, Texas, USA. Your information may be processed and stored on servers located in the United States and other countries where Google Cloud infrastructure operates. By using our services, you consent to the transfer of your information to facilities in these locations. We rely on Firebase/Google Cloud's global infrastructure, which complies with applicable data protection regulations including GDPR Standard Contractual Clauses.

9. Children's Privacy

Our services are not intended for children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under the applicable age limit, we will promptly delete that information. If you believe we have collected information from a child, please contact us immediately at admin@moore-digital.com.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of the services after any changes constitutes your acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us:

For GDPR-related inquiries, please include "GDPR Request" in your subject line and we will respond within 30 days.