Privacy policy

Commet, Co. (“Commet,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you access or use the Commet platform (“Service”) located at www.commet.co. By using the Service, you agree to the practices described below.

INFORMATION WE COLLECT

• Information You Provide Directly: When you sign in using an OAuth provider (e.g., Google, Microsoft), we request and receive only your email address, given name, family name, and profile photo (if available).

• Automatically Collected Data: When you visit our site, standard log and usage information (device type, browser, IP address, date and time of access, and pages viewed) is recorded. We do not link this data to personally identifiable information.

• No Other Personal Data: We do not request or retrieve contacts, calendar entries, Drive files, or any other Google or third-party data.

HOW WE USE YOUR INFORMATION

• To create and maintain your account and session.

• To authenticate you and secure access to the Service.

• To provide customer support and communicate important updates.

• To monitor, analyze, and improve the Service’s performance and reliability.

• To detect, prevent, and respond to fraud, abuse, security risks, or technical issues.

LEGAL BASES FOR PROCESSING (GDPR)

We process your personal data under the following legal grounds:

• Performance of a contract: providing and maintaining the Service.

• Legitimate interests: ensuring security, improving usability, and preventing misuse.

• Compliance with legal obligations: responding to lawful requests from authorities.

DATA STORAGE AND SECURITY

Your data is stored in Neon PostgreSQL databases hosted on Amazon Web Services (AWS) in the United States. We employ encryption in transit (TLS) and at rest, network firewalls, role-based access controls, routine security audits, and principle-of-least-privilege practices.

DATA RETENTION

We retain your account information for as long as your account is active. Upon deletion of your account, personal data is removed from live systems within 30 days and from backups within 90 days, unless legal obligations require longer retention.

INFORMATION SHARING AND DISCLOSURE

• Service Providers: Trusted sub-processors (e.g., AWS, Neon) handle infrastructure or analytics under strict confidentiality agreements.

• Legal Requirements: We may disclose information if required by law, subpoena, or court order, or to protect our rights or the safety of users.

• Business Transfers: In the event of a merger, acquisition, or asset sale, your information may be transferred, subject to the same privacy commitments.

INTERNATIONAL TRANSFERS

By using the Service, you consent to the transfer, storage, and processing of your information in the United States and other jurisdictions where our service providers operate. We rely on standard contractual clauses or equivalent safeguards where required.

YOUR RIGHTS

Depending on your location, you may have the right to access, correct, delete, or export your personal data; to object to or restrict certain processing; and to withdraw consent. To exercise these rights, contact us at guido@commet.co.

COOKIES AND SIMILAR TECHNOLOGIES

We use only essential cookies for authentication and session management. You can disable cookies in your browser, but parts of the Service may not function properly.

CHILDREN’S PRIVACY

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children.

CHANGES TO THIS POLICY

If we update this Privacy Policy, we will post the revised version on our website and indicate the effective date. Continued use of the Service after changes constitutes acceptance.

CONTACT

Commet, Co.

San Martín, Rosario (S2000), Santa Fe, Argentina

Email: guido@commet.co