1. Introduction
This Privacy Policy explains how Alignsoft, Inc. collects, uses, discloses, and protects personal information in connection with Align websites, applications, APIs, client portal, developer tools, and related services.
Align processes different types of information in different roles. For account, billing, marketing, website, and platform administration data, Align generally acts as a business or controller. For projects, entries, deliverables, client and contact records, templates, and workflow content submitted by a customer, Align generally acts as a service provider or processor on behalf of that customer.
This Privacy Policy should be read together with the Terms of Service, Data Processing Addendum, Cookie Notice, Subprocessor List, and any applicable order form.
2. Information We Collect
We collect personal information that falls into the categories below.
| Category | Examples | Source |
|---|---|---|
| Account data | Name, email address, company name, workspace membership, role, account settings | Customer or Authorized User |
| Authentication data | Login identifiers, session identifiers, multi-factor status, access tokens, revoked session records | Identity provider and user activity |
| Billing data | Plan, subscription status, invoice records, payment processor customer identifiers | Customer and payment processor |
| Customer Content | Projects, entries, deliverables, client and contact records, templates, time entries, expense records, invoice records, form submissions, metadata | Customer, Authorized Users, clients, contacts, and API integrations |
| Developer and API data | API key prefixes, scopes, request identifiers, webhook endpoints, delivery records, SDK usage records | Customer and system activity |
| Security and audit data | IP address, user agent, audit events, request logs, access records, security settings, allowlist settings | System activity |
| Email and notification data | Recipient email, message status, delivery events, suppression records | Customer, system activity, and email provider |
| Website and cookie data | Device information, browser information, pages viewed, cookie identifiers, preference signals | Browser and device |
| Support and communications data | Support requests, messages, attachments, call notes, feedback | Customer, user, or contact |
3. How We Use Information
We use personal information for the following purposes.
- Provide, operate, maintain, and secure the Services.
- Create accounts, manage workspaces, authenticate users, and enforce permissions.
- Create, route, approve, and deliver projects, entries, invoices, and related records.
- Generate audit trails, request records, and security logs.
- Send service emails, invitations, notifications, and account notices.
- Process payments, subscriptions, invoices, entitlements, and plan changes.
- Provide developer tools, API access, webhooks, sandbox environments, and logs.
- Detect, prevent, and respond to abuse, fraud, malware, unauthorized access, and service misuse.
- Comply with legal obligations and enforce agreements.
- Improve the Services using aggregated, de-identified, or diagnostic information where permitted.
4. Customer Content and Processor Role
Customer controls the projects, entries, deliverables, client and contact records, templates, retention settings, API payloads, and webhook configuration submitted to the Services. Align processes Customer Content to provide the Services under Customer instructions.
If Customer Content contains personal information, the customer is responsible for providing required notices, obtaining required permissions, selecting appropriate authentication settings, and determining whether the workflows are suitable for the intended transaction.
5. How We Share Information
We disclose personal information only as described in this Policy, the Agreement, or as otherwise permitted by law.
- Service providers and subprocessors that support hosting, authentication, payment processing, email delivery, storage, security, analytics, or support.
- Customer administrators and Authorized Users according to workspace permissions and settings.
- Clients, contacts, and participants in a workflow as needed to complete it.
- Customer-configured webhook endpoints and integrations.
- Professional advisors, auditors, insurers, and legal counsel.
- Government authorities or third parties when required by law, legal process, or to protect rights and safety.
- A successor entity in a merger, acquisition, financing, reorganization, or sale of assets.
Align does not sell Customer Content. Align does not use Customer Content for cross-context behavioral advertising.
6. Cookies and Similar Technologies
Align uses cookies and similar technologies as described in the Cookie Notice. Cookies may support authentication, security, preferences, analytics, developer documentation, and website performance.
Where required, Align will request consent before placing non-essential cookies. Users can also adjust browser settings or cookie preferences where available.
7. Legal Bases for Processing
Where GDPR, UK GDPR, or similar laws apply, Align relies on legal bases that may include contract performance, legitimate interests, consent, legal obligations, and, where applicable, processing on behalf of Customer under the Data Processing Addendum.
Legitimate interests may include providing secure SaaS services, preventing fraud, improving service reliability, enforcing agreements, supporting customers, and maintaining business records.
8. Privacy Rights
Depending on location and applicable law, individuals may have rights to request access, correction, deletion, portability, restriction, objection, opt-out of certain processing, or appeal a privacy request decision.
Privacy requests may be sent to privacy@alignsoft.us. If the request relates to Customer Content controlled by an Align customer, we may refer the request to that customer or process it under that customer's instructions.
Align will not discriminate against individuals for exercising privacy rights.
9. Retention
Align retains personal information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, support security and audit requirements, and meet customer-configured retention settings.
Customer Content retention may depend on customer settings, legal holds, backup cycles, plan features, and the Retention and Deletion Policy.
10. Security
Align uses administrative, technical, and organizational safeguards designed to protect personal information. No method of transmission or storage is perfectly secure, and Align cannot guarantee absolute security.
Vulnerability reports may be submitted to security@alignsoft.us.
11. International Transfers
Align may process information in the United States and other countries where Align or its service providers operate. Where required, Align uses appropriate transfer mechanisms, which may include standard contractual clauses or other lawful transfer tools.
12. Children
The Services are not directed to children under 13, and Align does not knowingly collect personal information from children under 13 except where a customer lawfully submits information as part of Customer Content and has all required permissions.
13. Changes to This Policy
Align may update this Privacy Policy from time to time. Material changes will be posted through the website, application, email, or other reasonable means. The updated policy will state its effective date.
14. Contact
Privacy questions may be sent to privacy@alignsoft.us or by mail to Alignsoft, Inc., [Mailing address — to be provided].
Last reviewed: June 5, 2026 · Version 1.0 · Published.