CellCMS

Privacy Policy

Last updated: March 20, 2026

CellCMS ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our managed cloud platform and website (collectively, the "Service"). Please read this policy carefully. If you do not agree with the terms of this policy, please do not access the Service.

1. Information We Collect

We collect information that you provide directly to us, information collected automatically when you use the Service, and information from third-party sources.

Information You Provide

  • Account information: name, email address, and password when you create an account.
  • Billing information: payment method details processed securely through Stripe. We do not store your full credit card number on our servers.
  • Content data: documents, assets, schemas, and any other content you create or upload through the Service.
  • Communications: information you provide when contacting our support team or responding to surveys.

Information Collected Automatically

  • Usage data: pages visited, features used, API call volumes, and interaction patterns within the Service.
  • Device information: browser type, operating system, device identifiers, and screen resolution.
  • Log data: IP address, access times, referring URLs, and error logs.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Process transactions and send related billing information, including purchase confirmations and invoices.
  • Send you technical notices, security alerts, and support and administrative messages.
  • Respond to your comments, questions, and support requests.
  • Monitor and analyze usage trends to improve user experience and service reliability.
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities, and protect the rights and property of CellCMS and others.

3. Data Storage and Security

Your data is stored on secure servers located within the European Union. We implement industry-standard security measures including encryption in transit (TLS 1.3) and at rest (AES-256), regular security audits, automated backups, and access controls based on the principle of least privilege. While we strive to use commercially acceptable means to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly notifying affected users in the event of a data breach.

4. Cookies

We use cookies and similar tracking technologies to operate and improve the Service. The types of cookies we use include:

  • Essential cookies: required for authentication, security, and core functionality. These cannot be disabled.
  • Analytics cookies: help us understand how visitors interact with the website so we can improve our Service. These are only set with your consent.
  • Preference cookies: remember your settings such as language and theme preferences.

You can control cookie preferences through your browser settings. Disabling certain cookies may limit your ability to use some features of the Service.

5. Third-Party Services

We use a limited number of trusted third-party services to operate the platform:

  • Stripe for payment processing. When you make a payment, your billing information is sent directly to Stripe and processed according to their Privacy Policy.
  • Analytics services for anonymized usage analytics to help us understand how the Service is used and where we can make improvements. We use privacy-respecting analytics tools that do not build advertising profiles.
  • Email services for transactional emails such as account verification, password resets, and billing notifications.

We do not sell your personal information to third parties. We only share information with third-party services as necessary to provide the Service.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it by law (for example, billing records for tax purposes, which may be retained for up to 7 years). Content data stored in your CellCMS projects will be available for export for 30 days after account deletion, after which it will be permanently removed from our systems.

7. Your Rights

Depending on your location, you may have certain rights regarding your personal information under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

GDPR Rights (EEA Residents)

  • Right of access: request a copy of the personal data we hold about you.
  • Right to rectification: request correction of inaccurate or incomplete data.
  • Right to erasure: request deletion of your personal data, subject to legal retention obligations.
  • Right to restrict processing: request that we limit the processing of your data in certain circumstances.
  • Right to data portability: receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to object: object to the processing of your personal data for certain purposes.

CCPA Rights (California Residents)

  • Right to know: request disclosure of the categories and specific pieces of personal information we have collected.
  • Right to delete: request deletion of personal information we have collected from you.
  • Right to opt out: we do not sell personal information, so this right does not apply in practice.
  • Right to non-discrimination: we will not discriminate against you for exercising any of your rights.

To exercise any of these rights, please contact us through our support page or email privacy@cellcms.com. We will respond to your request within 30 days.

8. Children's Privacy

The Service is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so that we can take appropriate action.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by posting the updated policy on this page and updating the "Last updated" date above. For significant changes, we may also send a notification via email or through the Service. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

10. Contact

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at our support page or email us at privacy@cellcms.com.