Skip to main content

Privacy Policy

Last updated: June 2025

Your privacy matters to us. This Privacy Policy explains how CertPie ("we", "us", or "our"), operated at certpie.com, collects, uses, and protects your information when you use our platform.

1. Information We Collect

Account Information: When you sign up, we collect your name, email address, and profile picture (via Google OAuth or email/password registration).

Organization Information: Organization name, logo, website, and brand colors you configure in your account settings.

Recipient Data: CSV uploads containing names, emails, and custom fields, used solely to generate certificates.

Usage Data: Pages visited, features used, and certificate view counts to help us improve the product.

Payment Information: Payments are processed by Razorpay. We only store transaction metadata (payment ID, plan, amount). We never store your card details.

2. How We Use Your Information

  • Create and manage your account and organization
  • Generate, store, and deliver certificates
  • Send transactional emails (certificate delivery, account verification)
  • Process payments and manage subscriptions
  • Provide customer support
  • Improve and maintain the platform
  • Comply with legal obligations

3. Data Sharing & Third Parties

We do not sell, rent, or trade your personal data.

We use the following third-party providers to operate the service. Each provider accesses only the data necessary to perform its function:

  • Supabase: Database and file storage
  • Vercel: Hosting and deployment
  • Resend: Email delivery
  • Razorpay: Payment processing
  • Google: OAuth login

4. Data Storage & Security

  • Data is stored on Supabase servers in the Mumbai region, India
  • Row-level security is enforced at the database level
  • Passwords are hashed and never stored in plain text
  • HTTPS is enforced across all endpoints

While we take reasonable measures to protect your data, no system is 100% secure. We recommend using strong, unique passwords for your account.

5. Certificate Recipient Data

Recipient data uploaded via CSV is used solely to generate certificates. We do not contact recipients independently or use their data for marketing purposes.

Recipients may view their certificates through a public verification link that includes a unique verification ID.

6. Your Rights

You have the right to:

  • Access, correct, or delete your personal data
  • Request deletion of your organization and all associated data

To exercise these rights, contact us at hello@certpie.com. We will respond within 30 days.

7. Cookies

We use essential cookies for authentication (Supabase session management). We do not use third-party advertising or tracking cookies.

8. Children's Privacy

CertPie is not intended for users under the age of 13. We do not knowingly collect personal data from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will notify users via email or an in-app notice. Continued use of the service after changes are posted constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy, please contact us: