1. Who this policy covers

This policy applies to:

• Visitors to sawstream.com.
• Customers who sign up for and use a SawStream account to publish embeddable views from their CRM.
• End users of websites that contain a SawStream embed. The site you are visiting is the controller for any data displayed there; SawStream acts as a service provider/processor for that site's owner.

2. What we collect

Account information

• Name, email address, and a salted password hash (Argon2). We never store your password in plaintext.
• Account status, subscription state, and trial expiry.
• Allowed-origins entries you configure to lock embeds to your domains.

Billing information

We use Paddle as our merchant of record. Paddle collects payment-card and tax information directly. We receive only billing metadata (plan, transaction identifier, country, renewal status). Full card numbers, CVV, and bank-account details are never seen or stored by SawStream.

Connected-platform credentials

When you connect a third-party platform (such as Salesforce or Airtable) to SawStream, we store the access tokens, refresh tokens, instance URLs, and connection settings required to fetch data on your behalf. Sensitive credentials are encrypted at rest using AES-GCM with keys held only by our application servers; they are never exposed in our admin UI, in logs, or to your website visitors.

Configuration data

• The queries you create — the object, fields, filters, layout, and embed token.
• Layout customisations and theming choices.
• Allowed-origin lists per query.

Customer data fetched through your connections

When a query runs, SawStream fetches the records you have selected from your connected platform, transforms them into the layout you have chosen, and delivers them to your website visitor. This data passes through our servers and is cached transiently to make rendering fast. We do not mine, sell, or train machine-learning models on customer data. The data remains your property; we operate on it only to provide the service.

Usage and operational data

• Request logs (timestamps, paths, response codes), error reports, and aggregate metrics — used to operate, debug, and improve the service.
• Email sender, recipient, and delivery status for transactional messages we send via Resend.

Support communications

The contents of emails, screenshots, and screen-share sessions you send us when requesting support.

End-user metadata

When a SawStream embed loads on a customer's site, the visitor's browser sends standard HTTP metadata to our servers: IP address, user-agent, Referer, and the embed token. We use this only to serve the embed, enforce the customer's allowed-origins rules, and protect the service from abuse. Visitors should consult the privacy policy of the site they are visiting; that site is the controller for those interactions.

Wix App Market integration

If you install SawStream from the Wix App Market, we receive the following from Wix when our dashboard component is loaded inside your Wix dashboard:

• Wix instance ID — an opaque identifier for your specific app installation. Used to match the install to your SawStream account.
• Wix site ID — an opaque identifier for the Wix site the app is installed on. Used to look up your site's public URL and pre-fill the allowed-origins list so embeds work without manual configuration.
• Wix user ID (when provided by Wix) — an opaque identifier for the Wix account that installed the app. Used only for diagnostic logging.
• Site URL and basic site info — fetched from Wix's Site Properties API once at install time, only to set the default allowed-origins value.

We do not access Wix CRM contacts, Wix Stores orders, site content, member data, or any other Wix user personal information. Our integration is for displaying data from other CRMs (Salesforce, Airtable) on Wix sites — Wix itself is not a data source for us.

When you remove SawStream from your Wix site, Wix sends us an uninstall webhook. We respond by deleting your SawStream account along with all related data (saved queries, connected-platform credentials, install record) within minutes. No further action is needed from you.

3. How we use information

• Provide, operate, and secure SawStream.
• Authenticate accounts and protect against fraud and abuse.
• Process subscriptions, renewals, and refunds (via Paddle).
• Fetch records from your connected platforms and render them in your chosen layout.
• Send transactional email — welcome messages, password resets, billing notices, and trial-expiry reminders.
• Provide customer support and respond to your questions.
• Diagnose and fix bugs, monitor performance, and improve the product.
• Comply with legal obligations and enforce our terms.

We do not sell personal information, do not use it to train machine-learning models, and do not serve behavioural advertising.

4. Service providers (subprocessors)

We use a small set of vendors to operate SawStream. We share only what each one needs to do its job, and each is bound by contract to maintain appropriate confidentiality and security.

Vendor	Purpose	Data shared
DigitalOcean	Application and database hosting (United States)	All operational data; sensitive credentials encrypted at rest
Paddle	Payments, taxes, invoicing (merchant of record)	Name, email, billing address, payment details
Resend	Transactional email delivery	Recipient email and message contents
Sentry	Error and crash reporting	Error stack traces, request metadata, IP address (truncated)
Cloudflare	DNS and TLS termination	Standard request metadata in transit

Platforms you connect (Salesforce, Airtable, etc.) also act as subprocessors for that connection on your instructions. Their own privacy policies govern how they handle your data on their side.

We will update this list when we add or change a material subprocessor. Customers under a written data-processing agreement will receive advance notice as specified in that agreement.

5. Cookies and similar technologies

sawstream.com does not use third-party advertising or analytics cookies. Inside the dashboard we set a small number of strictly-necessary cookies and tokens to keep you signed in and to protect against cross-site request forgery. We do not use cookies to track you across other sites.

6. How long we keep information

• Account and billing records: while your account is active, plus up to seven years afterwards to satisfy tax, accounting, and legal-defence obligations.
• Connected-platform credentials: deleted when you disconnect the platform or close your account.
• Query configurations: kept for as long as the query exists. You can delete a query at any time.
• Transient caches of fetched records: short-lived; expire automatically.
• Server and security logs: typically 30–90 days.
• Support correspondence: typically up to three years.

You may request deletion of your data at any time (see Section 9). We will delete or anonymise information sooner than the periods above when it is no longer needed for the purpose for which it was collected.

7. Security

We use commercially reasonable safeguards designed to protect your information, including:

• TLS encryption for all data in transit.
• AES-GCM encryption at rest for sensitive credentials such as connected-platform access tokens and API keys.
• Argon2 password hashing with per-user salts.
• Allowed-origins enforcement for embeds, so a customer's data cannot be displayed on domains they have not authorised.
• Token-scoped public endpoints — every embed has a unique token; we never expose your platform credentials to website visitors.
• Principle-of-least-privilege staff access, named accounts, and audit logging.
• Patching, monitoring, and isolated production environments.

No system is perfectly secure. If we discover a security incident affecting your information, we will notify you and any required regulators in accordance with applicable law.

8. International transfers

SawStream is operated from the United States. If you access the service from another country, your information will be transferred to and processed in the United States. Where required (for example, for personal data of EU/UK residents), we rely on Standard Contractual Clauses or equivalent transfer mechanisms with our subprocessors and customers.

9. Your rights and choices

Depending on where you live, you may have the right to access, correct, export, delete, or restrict processing of your personal information, and to object to certain processing. These rights apply to information we hold as a controller. For information we hold as a processor on behalf of a customer (for example, records pulled into a customer's account from their CRM), please direct your request to the customer; we will support them in responding.

To exercise a right, email [email protected]. We will verify your identity and respond within the timeframes required by applicable law.

10. Children's privacy

SawStream is not directed to children under 13 (or under 16 in jurisdictions where that is the applicable age). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, for active customers, send a notice by email or in-app. Continued use of SawStream after the effective date constitutes acceptance of the updated policy.

12. Contact us

For privacy questions, requests, or complaints, email [email protected].