Privacy Policy

Welcome to CommandZone.app (the “Service,” “Website,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, disclose, and protect information when you visit our Website, create an account, or otherwise use our Service.

By using CommandZone.app, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

This Privacy Policy is intended for users located in the United States. The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, please contact us using the information in Section 11 and we will delete it.

We use the information we collect to:

• Provide, operate, maintain, and improve the Service.
• Create and manage your account and authenticate logins.
• Process transactions and send related confirmations (if and when paid plans are offered).
• Communicate with you about updates, security alerts, support, and administrative messages.
• Send marketing communications (where permitted; you may opt out at any time).
• Monitor and analyze usage trends to improve performance, features, and user experience.
• Detect, investigate, and prevent fraud, security incidents, and abuse.
• Comply with legal obligations and enforce our Terms of Service.

We do not sell your data. We do not share your pitch data with advertisers. We do not use your pitch data to train AI models.

We retain personal information for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we will delete or de-identify it consistent with applicable law and our internal retention schedule.

We do not sell your personal information for monetary consideration. We may share information in the following circumstances:

• Service providers: vendors who help us operate the Service. They are bound by contractual confidentiality and data protection obligations. Today these include:
  • Fly.io — hosts the Service and stores your data on an encrypted volume.
  • Resend — sends transactional email (password resets, MFA codes, account notices).
  • Google Analytics — measures anonymized visitor usage of the marketing pages, only after you accept cookies.
• Analytics partners: Google Analytics may collect information about your interactions with the marketing pages. Under California law (CCPA/CPRA), some of this activity may be considered “sharing” of personal information for cross-context behavioral advertising. You may opt out — see Section 7.
• Legal compliance: when required by law, court order, subpoena, or government request, or to protect our rights, users, or the public.
• Business transfers: in connection with a merger, acquisition, financing, reorganization, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any change in ownership or use of your personal information.
• With your consent: any other sharing you specifically authorize.

We use cookies and similar tracking technologies to operate the Service and improve your experience.

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

• Right to Know what personal information we collect, use, disclose, and share.
• Right to Delete personal information we have collected from you, subject to legal exceptions.
• Right to Correct inaccurate personal information.
• Right to Opt Out of Sale or Sharing of your personal information for cross-context behavioral advertising. We do not sell personal information for money, but our use of analytics cookies may qualify as “sharing” under California law.
• Right to Limit Use of Sensitive Personal Information (we do not currently use sensitive personal information for purposes that would trigger this right).
• Right to Non-Discrimination — we will not deny service, charge different prices, or provide a different level of service because you exercised your rights.

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These include encryption in transit (TLS), access controls, logging, and regular security review.

No method of transmission or storage is 100% secure. We cannot guarantee absolute security, and you use the Service at your own risk. If we become aware of a security incident affecting your personal information, we will notify you and applicable authorities as required by law.

The Service may contain links to third-party websites, services, or applications that we do not control. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before providing them with information.

• Account information: you can review and update your account details by signing in.
• Data export: you can export your pitch data at any time from the app.
• Marketing emails: you can unsubscribe via the link in any marketing email. You will still receive transactional and administrative messages.
• Cookies: see Section 6.3.
• Account deletion: contact us at info@commandzone.app to request deletion of your account.

We may update this Privacy Policy from time to time. The “Last Updated” date at the top of this page reflects the most recent revision. Material changes will be communicated via email or a prominent notice within the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: