Privacy Policy

Last updated: April 10, 2026

1. Introduction

MicroSaasFactory Inc. ("we", "us", "our") operates Foliato (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Foliato, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored as a bcrypt hash). You may optionally provide a phone number, company name, and avatar.

Documents and Files

You may upload documents and files to the Service. We store these files to provide the Service to you. We do not access, read, analyze, or share the content of your files except as necessary to provide the Service or as required by law.

Usage Data

We collect information about how you interact with the Service, including IP addresses, browser type, pages visited, and actions taken (audit logs). This data is used to improve the Service and ensure security.

Payment Information

Payment processing is handled by Stripe. We do not store your credit card numbers or bank account details. Stripe's privacy policy governs how your payment information is handled. We only store a reference to your Stripe customer ID.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Process transactions and manage your subscription
  • Send transactional emails (password resets, invitations)
  • Monitor and analyze usage to improve the Service
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations

We do not sell your personal information. We do not use your data for advertising. We do not train AI models on your documents.

4. Data Sharing

We may share your information with:

  • Service providers: Stripe (payments), SMTP providers (email delivery). These providers only access data necessary to perform their services.
  • Organization members: Within your organization, other members may see your name, email, and shared documents according to the permissions you or your administrator configure.
  • Legal requirements: We may disclose information if required by law, subpoena, or government request.

5. Data Retention

We retain your account data and files for as long as your account is active. If you delete your account, we will delete your personal data and files within 30 days, except where we are required to retain it for legal or regulatory purposes.

Audit logs may be retained for up to 12 months after account deletion for security and compliance purposes.

6. Data Security

We implement industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords (bcrypt), role-based access control, and rate limiting. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to or restrict certain processing

To exercise any of these rights, contact us at privacy@microsaasfactory.com.

8. Cookies

Foliato uses minimal cookies. We use a JWT token stored in your browser's local storage for authentication. We do not use third-party tracking cookies or analytics that track you across other websites.

9. Children's Privacy

Foliato is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the Service or sending an email. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

MicroSaasFactory Inc.
Email: privacy@microsaasfactory.com