SATA LABS
SATA LABS

Legal

Privacy Policy

Effective April 20, 2026

Your privacy matters to us. This page explains what we collect, why we collect it, and what you can do with your information.

We try to keep things simple: we only ask for what we actually need to run the site and deliver plugins. We don't sell or trade your information, we don't run ads, and we don't use third-party analytics to track you around the web.

What we collect

Account information. When you create an account, we collect your name, email, and a password. Your password is hashed and stored securely — we never see the plaintext.

Payment information. Payments are handled by Stripe. We don't store your card number, CVC, or billing address on our servers. Stripe takes care of that under their own privacy policy.

Contact form messages. If you reach out through our contact form, we keep the name, email, and message you send so we can get back to you.

Automatic data. Our hosting provider (Cloudflare) records standard server information like IP addresses, browser type, and pages visited. This is used for security and performance — not tracking or advertising.

How we use it

We use the information we collect to:

  • Create and manage your account
  • Process orders and deliver plugin licenses
  • Respond to support requests
  • Protect against fraud and abuse
  • Keep the site secure and running smoothly

That's it. We don't profile you, sell ads, or make automated decisions about you.

Services we use

We rely on a few trusted services to run the site. Each has their own privacy practices:

  • Supabase — account authentication and database
  • Stripe — payment processing
  • Cloudflare — hosting, CDN, and bot protection (Turnstile)
  • Resend — sending order confirmations and account emails

These providers only handle your information on our behalf so we can deliver the service. We don't share your information with anyone else unless we're required to by law.

Cookies and local storage

We use your browser's local storage to remember your shopping cart between visits. Sign-in uses secure, HTTP-only cookies for session management. We don't use tracking cookies.

Cloudflare may set cookies for security purposes, such as bot detection. Those are functional — not used for advertising.

Keeping your data safe

We take reasonable steps to protect your information: encrypted connections (TLS), hashed passwords, and access controls on our infrastructure. No system is perfectly secure, but we do our best to follow current best practices and fix problems quickly when we find them.

How long we keep things

We keep your information only as long as we need it:

  • Account data — while your account is active, and a short period after deletion in case we need to resolve disputes.
  • Transaction records — up to 7 years, for tax and accounting purposes.
  • Contact form messages — just long enough to sort out whatever you wrote in about.

When we no longer need it, we delete it.

Your choices

You can ask us to:

  • Show you what information we have about you
  • Correct anything that's wrong
  • Delete your account and personal information
  • Export a copy of your data

You're also free to decline giving us information in the first place — just know that some things (like buying a plugin) won't work without it.

To make a request, email support@satalabs.xyz or use our contact form. We'll get back to you as quickly as we can. We may ask you to verify your identity first — we don't want anyone else messing with your account.

Changes to this policy

If we update this policy, we'll change the effective date at the top. For anything significant, we'll do our best to let you know.

Contact

Questions about any of this? Reach us at support@satalabs.xyz or through our contact form.