1. Introduction

ExCoil ("we," "our," or "us") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our heat exchanger design software platform at excoil.net (the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

When you create an account or use our Service, we may collect:

Name and email address (provided through Manus OAuth authentication)
Company name and professional title (if provided in settings)
Payment information (processed securely through Stripe; we do not store credit card numbers)
Subscription and billing history

2.2 Usage Data

We automatically collect certain information when you access the Service:

Browser type and version
Operating system
Pages visited and features used
Date and time of access
IP address (anonymized for analytics)

2.3 Technical Data

Heat exchanger calculation inputs, project data, and engineering parameters you enter into the system are stored to provide the Service. This data is associated with your account and is not shared with third parties.

3. How We Use Your Information

We use the collected information for the following purposes:

To provide, maintain, and improve the Service
To process payments and manage subscriptions
To send important notifications about your account or the Service
To provide customer support
To analyze usage patterns and improve user experience
To detect, prevent, and address technical issues or fraud
To comply with legal obligations

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

Service Providers: We use Stripe for payment processing and Manus for authentication. These providers have their own privacy policies governing the use of your information.
Legal Requirements: We may disclose your information if required by law, regulation, or legal process.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
With Your Consent: We may share information with your explicit consent.

5. Data Security

We implement industry-standard security measures to protect your data, including encrypted connections (HTTPS/TLS), secure authentication tokens, and encrypted database storage. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as maintaining financial records).

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data
Portability: Request your data in a structured, machine-readable format
Objection: Object to the processing of your personal data
Restriction: Request restriction of processing of your personal data

To exercise any of these rights, please contact us at [email protected].

8. Cookies and Tracking

We use essential cookies for authentication and session management. We also use analytics tools (Umami) to understand how users interact with the Service. Umami is privacy-focused and does not use cookies or collect personally identifiable information. You can disable cookies in your browser settings, but this may affect the functionality of the Service.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure that appropriate safeguards are in place to protect your data in accordance with applicable data protection laws, including GDPR and LGPD (Lei Geral de Proteção de Dados).

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete such information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

ExCoil
Email: [email protected]
Website: excoil.net