top of page

Privacy Policy

Effective date: 1/12/2026

Introduction

Proofsy (“we”, “our”, “us”) respects your privacy. This policy explains how we collect, use, and share personal data when you use our service, in compliance with GDPR.
 
This privacy policy applies to:

  • All users of Proofsy.io, including individuals and businesses.

  • Data collected via the website, app, and any related services.

  • Data submitted by users about third parties (e.g., testimonials from clients).

Personal data we collect

We collect the following categories of personal data:

Data you provide directly:

  • Name, email address, billing information.

  • Any data submitted via feedback forms or testimonials.

Data collected automatically:

  • Usage data, IP addresses, device information, cookies, and analytics data.

Data submitted about third parties:

  • Information collected by our users from their clients via the platform, such as names, emails, and testimonial content.

User-submitted client data (testimonials)

Proofsy.io allows users to collect testimonials and other data from their clients via the platform.

Our role:

  • We act as a data processor for any personal data submitted by users about their clients.

  • We process this data solely on behalf of the user and for the purpose of operating the service.

User responsibilities:

  • Users are the data controllers for the data they submit.

  • Users must ensure they have a lawful basis for collecting and submitting client data, such as consent from the client.

  • Users must comply with applicable data protection laws when using the platform.

Data processing and security:

  • Client data is stored securely and processed only to operate the platform, display testimonials, and provide analytics to the user.

  • When a user deletes a testimonial or account, the associated client data is also deleted.

Access and rights:

  • Proofsy.io will not provide access to client data to anyone other than the user who submitted it, except as required by law.

  • Users are responsible for responding to any requests from their clients regarding access, correction, deletion, or portability of their data.

Limitation of liability:

  • Proofsy.io is not responsible for compliance with GDPR or other privacy laws by users regarding client data. Users retain full responsibility as controllers.

Display of Testimonials in Widgets

  • Testimonials and other client data may be displayed in embedded widgets on websites. Users are responsible for obtaining consent from their clients for public display. Proofsy.io only processes this data to provide the widget service and does not control or publicly distribute the data.​

Legal basis for processing

We process personal data on the following legal bases:

  • Performance of a contract: to provide and manage user accounts, subscription plans, billing, and invoicing.

  • Consent: for marketing emails and cookies where opt-in is required.

  • Legitimate interests: to improve the platform, perform analytics, and secure the service.

  • Processing on behalf of users: for third-party data submitted through the platform (Proofsy.io acts as a data processor).

Account information

  • Users create accounts to access Proofsy.io.

  • One type of account is available, with multiple subscription plans.

  • Users can delete their accounts at any time via account settings.

  • Account deletion also removes user-submitted client data from our systems.

How we use personal data

We use your personal data to:

  • Provide and manage user accounts and subscription plans.

  • Process payments and issue invoices.

  • Improve the platform through analytics and user-submitted feedback.

  • Send marketing emails only if you have opted in.

  • Operate the platform securely and prevent fraud or misuse.

Data submitted by users about third parties (e.g., client testimonials) is processed only to provide the service. Proofsy.io does not use this data for any other purpose.

Sharing personal data with third parties

We may share your data with third-party service providers to operate the platform and fulfill the purposes above. These include:

  • Wix: website management

  • Stripe: payment processing

  • Google Analytics: analytics and usage tracking

  • Bolt: to store and serve your data

Notes:

  • We only share data required to provide the service.

  • Data may be transferred outside the EU/EEA. We ensure appropriate safeguards, such as Standard Contractual Clauses, are in place.

  • We do not sell personal data to third parties.

Cookies and tracking

Proofsy.io uses cookies and tracking technologies to operate and improve the service:

  • Essential cookies: required for login, account management, and service functionality.

  • Analytics cookies: used by Google Analytics to monitor usage and improve the platform.

Users in the EU will see a cookie banner and can accept or decline non-essential cookies. Refusing cookies may limit certain features of the platform.

Data retention

  • Personal data is retained as long as your account is active or until you request deletion.

  • Data submitted by users about third parties is also deleted when the associated testimonial or account is removed.

  • Some data may remain in backups for a limited period for disaster recovery purposes, but it will be inaccessible and securely stored.

Your rights under GDPR

Under GDPR, you have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.

  • Correction: Ask us to correct inaccurate or incomplete data.

  • Deletion: Request deletion of your personal data.

  • Data portability: Receive your data in a structured, machine-readable format.

  • Restriction of processing: Request limits on how your data is used where applicable.

  • Objection: Object to processing based on legitimate interests or marketing.

  • Withdraw consent: Withdraw any consent you have given (e.g., marketing emails).

Requests can be made at [contact email]. We respond without undue delay and within the timeframes required by law.

Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Secure HTTPS connections for all communications.

  • Access control to restrict who can view or modify personal data.

  • Regular security updates and monitoring.

  • Reliance on the security measures of our processors (Wix, Stripe, hosting providers, Google Analytics).

Children

  • Proofsy.io is not intended for children under 16.

  • We do not knowingly collect personal data from children under 16.

  • If we become aware that we have collected data from a child without consent, we will delete it.

Changes to this policy

  • We may update this privacy policy from time to time.

  • Changes will be posted on this page with the effective date updated.

  • For material changes, we may notify users via email or an in-app notification.

Contact information

For questions about this privacy policy or your personal data, contact us at: support@proofsy.io

bottom of page