MessyPoly

Effective July 5, 2026

Privacy Policy

This Privacy Policy explains what MessyPoly collects, why it is collected, and how it is handled when you use the service.

1. Information We Collect

2. Information We Do Not Store

MessyPoly does not store full card numbers, CVC codes, or raw payment credentials. Payment collection is handled by Stripe. Passwords are stored only as password hashes, not plaintext passwords.

3. How We Use Information

4. Service Providers

MessyPoly uses third-party providers to operate the product: Vercel for the web layer, Koyeb for backend and worker services, MongoDB for application data, Cloudflare R2 for file storage, Stripe for payments, and Resend for transactional email. These providers process data as needed to provide their services.

5. File Retention

Uploaded source files and generated artifacts are retained only as needed to operate the service, support download windows, debug failures, and maintain analytics. Retention periods may change during alpha, and old job artifacts may be deleted automatically.

6. Security

MessyPoly uses HTTPS, HTTP-only session cookies, server-side service tokens, password hashing, Stripe-hosted payment surfaces, signed webhooks, and access controls for account-owned jobs. No internet service can guarantee perfect security.

7. Your Choices

You may request account help, billing help, correction, export, or deletion by emailing support@messypoly.com. Some records may be retained when needed for security, legal, billing, or abuse-prevention reasons.

8. Changes

We may update this Privacy Policy as MessyPoly changes. The effective date will show when the latest version applies.

Privacy questions: support@messypoly.com