1. Scope and privacy roles
This Privacy Policy describes how ModuPage handles personal data when ModuPage acts as a controller for its own business operations, including the public website, account administration, authentication, support, billing, security, and service analytics.
When a customer creates projects, templates, assemblies, word collections, uploaded assets, or exports that contain personal data, the customer usually decides why that information is being processed. In that context, ModuPage generally acts as a service provider or processor on the customer's behalf where applicable.
This Privacy Policy should be read together with the Terms & Conditions , the Data Processing Addendum (DPA) and the Refunds & Billing page.
In practical terms, ModuPage usually acts as controller for website, support, billing, and account-administration data, and usually acts as service provider or processor for personal data contained in customer-created project content and exports.
2. Personal data ModuPage collects
The data ModuPage collects depends on how you interact with the service. If you only visit the website, ModuPage usually receives much less information than when you create an account, save project content, or purchase a paid plan.
- Account and profile data: name, email address, login credentials, authentication identifiers, and similar registration or profile information.
- Project content and outputs: projects, templates, assemblies, word collections, uploaded assets, generated exports, settings, prompts, instructions, and related metadata.
- Billing and transaction data: billing contacts, subscription status, transaction identifiers, invoices, receipts, tax information, and refund or chargeback records.
- Support and communications: messages, attachments, bug reports, privacy requests, and other information you send to ModuPage.
- Technical, usage, and security data: IP address, browser type, device and operating-system data, session activity, timestamps, authentication events, and diagnostic logs.
- Analytics and derived signals: service measurements, performance indicators, fraud-risk signals, approximate region derived from IP, and aggregated or de-identified statistics.
For ModuPage's own controller-side purposes, ModuPage does not intentionally ask users to provide special-category personal data unless that is clearly necessary and lawfully supported. Customer-created project content may nevertheless contain sensitive or regulated information if a customer chooses to use it through the service, and in that case the customer remains responsible for the underlying lawful basis and disclosures.
3. How ModuPage collects personal data
- Directly from you when you create an account, contact support, submit privacy or billing questions, or otherwise communicate with ModuPage.
- From your use of the product when you create projects, edit templates, manage assemblies, import word collections, upload assets, preview files, or export results.
- Automatically through normal website and app operation, including server logs, authentication records, device signals, cookie-like technologies, and security telemetry.
- From billing, infrastructure, support, monitoring, and communications providers that help ModuPage run checkout, customer support, fraud prevention, availability monitoring, and related operations.
- From business counterparts or teammates acting on behalf of an organization, for example where they add you as a billing, support, or workspace contact.
4. How ModuPage uses personal data
- To provide, maintain, and secure the website, product accounts, project-based puzzle-book workflows, exports, and support services.
- To authenticate users, manage accounts, enforce plan limits, detect suspicious activity, and prevent fraud, abuse, or misuse.
- To process customer-created project content, render previews, generate outputs, and support the features requested by the user or customer organization.
- To handle subscriptions, receipts, taxes, refund reviews, failed payments, and other billing operations.
- To respond to support tickets, privacy requests, and security reports.
- To analyze product reliability, troubleshoot errors, improve workflow quality, and generate aggregated or de-identified service analytics.
- To comply with legal obligations, protect rights, resolve disputes, and maintain records needed for tax, accounting, incident response, and enforcement purposes.
5. Legal bases for processing
Where applicable data protection law requires a legal basis, ModuPage generally relies on one or more of the following:
- Contract: to create and administer accounts, provide the service, process subscriptions, and respond to requests tied to your use of ModuPage.
- Legitimate interests: to secure the service, prevent abuse, improve product quality, manage support, measure service performance, and run ModuPage responsibly as a business.
- Consent: where consent is required, such as for certain optional communications or non-essential website technologies.
- Legal obligation: to comply with tax, accounting, recordkeeping, fraud-prevention, law-enforcement, court-order, and other regulatory duties.
If ModuPage relies on consent where the law requires it, you may withdraw that consent later, but that will not affect processing that was already lawful before the withdrawal.
6. How ModuPage discloses personal data
ModuPage may disclose personal data only where reasonably necessary to operate the service or comply with law, including to:
- Hosting, storage, backup, runtime, monitoring, security, and communications providers that support the website and product environment.
- Billing providers and related finance operations that handle checkout, payment collection, receipts, taxes, and subscription events.
- Professional advisers, auditors, insurers, regulators, courts, law enforcement, or other third parties where disclosure is legally required or reasonably necessary to protect rights, users, or platform integrity.
- A buyer, successor, investor, financing counterparty, or merger partner as part of a financing, restructuring, acquisition, reorganization, or asset sale, subject to appropriate confidentiality expectations.
ModuPage does not sell personal data in the ordinary meaning of that term and does not disclose customer information to unrelated third parties for their own independent direct marketing.
7. International transfers
ModuPage and its providers may process personal data in more than one country because cloud hosting, support, monitoring, billing, and operational tooling can involve international service delivery.
When personal data is transferred across borders, ModuPage aims to use lawful transfer mechanisms and appropriate contractual, technical, and organizational safeguards for the relevant processing context.
8. Retention
ModuPage keeps personal data for no longer than reasonably necessary for the purposes described in this Privacy Policy, taking into account the nature of the data, the sensitivity of the information, the business or legal need for retention, and the feasibility of deletion or de-identification.
- Account, contract, and billing records may be retained for subscription management, tax, accounting, fraud-prevention, and recordkeeping purposes.
- Support and security records may be retained long enough to investigate incidents, resolve disputes, document decisions, and improve service reliability.
- Projects, templates, assemblies, exports, and related customer content may remain available until deleted by the customer, removed under product retention settings, or deleted after account closure or a verified request, subject to backups and legal exceptions.
9. Deletion and account closure
To request deletion of account information, project content, uploaded assets, exports, or other personal data held by ModuPage, email support@modupage.com from the relevant account address or provide enough information for ModuPage to verify the request.
After a verified request, ModuPage aims to delete or de-identify the requested data within a reasonable period unless retention is still needed for backups, security, abuse prevention, dispute resolution, billing records, tax or accounting duties, or other legal obligations.
If the request concerns personal data contained in customer-owned project content and ModuPage processes that data only on the customer's behalf, ModuPage may need to route or coordinate the request with the relevant customer because that customer usually determines the purpose of the processing.
10. Security
ModuPage uses reasonable administrative, technical, and organizational measures designed to protect personal data against unauthorized access, misuse, loss, alteration, or disclosure. Those measures may include access controls, environment-level security controls, monitoring, backups, incident-response procedures, and role-based restrictions on internal access.
No service can promise absolute security. You are responsible for maintaining the confidentiality of your credentials and for notifying ModuPage promptly if you suspect unauthorized access, compromised credentials, or another account-related security issue.
11. Your rights and choices
Depending on where you live and the law that applies, you may have rights to request access to personal data, correction of inaccurate data, deletion, restriction, objection, portability, or a copy of the information ModuPage holds about you.
- You may ask ModuPage to confirm whether it processes your personal data in its controller role.
- You may request correction, export, or deletion of certain information, subject to verification and applicable exceptions.
- You may object to or request restriction of certain processing where the law provides that right.
- Where processing depends on consent, you may withdraw that consent.
Privacy requests can be sent to support@modupage.com. ModuPage may ask for additional information needed to verify the request before acting on it.
12. Cookies, logs, and service analytics
ModuPage may use cookies, local storage, session identifiers, server logs, and similar technologies to keep users signed in, remember settings, secure the service, understand basic usage patterns, and measure product or website performance.
Some of these technologies are operationally necessary. Where applicable law requires consent before non-essential technologies are used, ModuPage aims to request that consent through the relevant interface before those technologies are activated.
Browser and device settings may allow you to limit or block certain technologies, but doing so can affect login, account persistence, or other website and product functions.
13. Third-party services and links
ModuPage may rely on third-party providers for infrastructure, authentication, billing, analytics, hosting, deployment, support, communications, monitoring, and security operations.
ModuPage may also link to third-party websites, integrations, or external services. Except where ModuPage expressly states otherwise, this Privacy Policy does not govern the privacy practices of those third parties.
If you interact with an external billing page, support portal, embedded service, or linked website, the privacy terms of that third party may also apply to the information you provide there.
14. Changes to this policy
ModuPage may update this Privacy Policy from time to time to reflect product changes, legal developments, provider changes, or operational updates. If a change is material, ModuPage may provide notice through the website, the product, or the account email associated with your use.
The "Last Updated" date at the top of this page shows when the current version became effective.
15. Contact
Privacy questions, rights requests, and vendor-review inquiries can be sent to support@modupage.com.