Privacy Policy

Learn how Ideebi collects, uses, and safeguards your data in accordance with GDPR and other global privacy laws.

Last updated: October 28, 2025

At a glance

We collect only what’s needed — like your email, display name, and payment info processed securely by Stripe.

Your account and content live in Supabase, with privacy-friendly analytics from Google and PostHog.

We use Resend for transactional emails and MailerLite for optional newsletters.

You can control cookies globally and opt in or out of marketing anytime.

Ideebi is built by Supafox Ltd. in the UK and follows GDPR and other international privacy standards.

1. Who We Are (Data Controller)

Legal entity: Supafox Ltd. (Company No. 16555230)
Registered address: 205 Regent Street, London W1B 4HB, United Kingdom
Contact email: hello@ideebi.com

2. Scope of This Policy

This policy applies to anyone, anywhere in the world, who:

visits our publicly available Site
creates a free or paid membership account
purchases one-off digital products or subscriptions processed by Stripe
receives transactional or marketing emails from us
interacts with analytics, ads or social-media pixels on the Site

3. The Data We Collect

Category	Examples	Purpose	Lawful basis *
Account Data	email address, full name, social-login ID	Create & manage your Ideebi account	Contract
Profile Data	display name, optional avatar	Show your public profile	Consent / Legitimate interest
Purchase Data	Stripe customer ID, last 4 card digits, billing country, Stripe Tax calculations	Process payments & issue invoices	Contract / Legal obligation
Support Data	messages via contact form or email	Respond to enquiries	Legitimate interest
Log & Usage Data	IP, browser, device IDs, pages visited, events (login, purchase)	Security, analytics, fraud prevention	Legitimate interest
Marketing & Analytics Data	Google Tag Manager, Google Analytics 4, PostHog (EU), Meta Pixel, TikTok Pixel	Measure marketing performance	Legitimate interest †

* See §7 for details.
† We rely on our legitimate interests to set these cookies/pixels; continuing to use the Site signifies agreement.

4. How We Collect Data

Directly from you — when you create an account, make a purchase, fill out a form, or contact us.
Automatically — through cookies, pixels, SDKs, and logs (see §6).
From third-party integrations — for example, automations that add your email to our marketing list if you tick the newsletter box during signup.

We don’t buy data, rent lists, or enrich profiles from outside sources.

5. Why We Use Your Data

To register you as a member and give you access to content or downloads.
To process payments, subscriptions, and taxes through Stripe (synced to Xero).
To send transactional emails (receipts, password resets) via Resend.
To send optional newsletters via MailerLite (only if you opt in).
To deliver, measure, and improve ads on Meta, TikTok, and Google.
To maintain site security, prevent fraud, and debug issues.
To comply with accounting, tax, and consumer-protection laws.

6. Cookies & Similar Technologies

Our Site uses first- and third-party cookies, web beacons, and APIs for analytics, advertising, and personalization.

Everyone who visits sees our custom banner with three clear options:

Accept all — analytics and marketing cookies load immediately.
Reject non-essential cookies — blocks and removes analytics and marketing tags.
Customise — granular toggles for Analytics, Marketing, and Personalisation.

Your choice is stored in a first-party cookie (marketingConsent).
You can update or withdraw consent anytime using the floating cookie icon.

6.2 Key Cookies / SDKs

Service	Purpose	Provider country	Opt-out
Google Analytics 4	Traffic analytics	US	Via banner or browser settings
PostHog (EU servers)	Product analytics & usage insight	EU	Via banner
Meta Pixel & Conversions API (via Stape)	Ad attribution	US	Via banner
TikTok Pixel	Ad attribution	US	Via banner
Supabase Auth SDK	Secure login sessions (essential)	EU / US	Cannot be disabled

6.3 Other Ways to Control Cookies

You can always clear or block cookies in your browser, use privacy-focused browsers like Brave, or install blockers such as uBlock Origin.
Some site features may not work without essential cookies.

Purpose	Legal basis	Explanation
Account registration & access	Contract	We need your info to create and manage your account.
Payment & tax processing	Contract / Legal obligation	Required to fulfil purchases and comply with tax laws.
Transactional emails	Legitimate interest	Essential to operate the service and prevent fraud.
Marketing emails	Consent	We send newsletters only if you opt in (e.g., tick the newsletter box or sign up on the site).
Analytics & ads tracking	Consent (UK/EEA) / Legitimate interest (global)	Non-essential cookies load after consent in the UK/EEA; elsewhere we rely on legitimate interest to understand and improve our business.
Security & fraud prevention	Legitimate interest	Necessary to protect our Site and users.

Processor	Role	Safeguards
Supabase Inc.	Auth & Storage (including user uploads)	SCCs / EU servers / Data Processing Addendum
Stripe Payments UK Ltd & Stripe Inc.	Payments & Stripe Tax (sync to Xero)	PCI-DSS / SCCs / EU-US DPF
PPP (Purchasing Power Parity API)	Parity-based pricing lookups by region	SCCs / privacy policy available on request
Resend Inc.	Transactional email delivery (primary)	SCCs / EU-US DPF
MailerLite UAB	Marketing emails (newsletters)	EU data centres / SCCs
Stape LLC	Server-side Meta Conversions API	SCCs
Xero Ltd	Accounting platform (imported Stripe invoices)	UK & EU data centres / SCCs

We never sell your data.
We may share information only when required by law or necessary to operate the service.

9. International Transfers

Because some providers are US-based, your data may be transferred outside the UK/EEA.
These transfers are protected by:

Standard Contractual Clauses (SCCs)
the UK International Data Transfer Addendum
participation in the EU–US and UK–US Data Privacy Frameworks

10. Data Retention

Data category	Retention period
Active & dormant accounts	Until you delete your account or request erasure
Purchase & tax records	Minimum 6 years (HMRC requirement)
Marketing email lists	Until you unsubscribe
Analytics events & server logs	26 months (default) or sooner if you clear cookies

11. Security Measures

HTTPS / TLS 1.3 on all pages
Passwords hashed with bcrypt
Two-factor authentication on admin dashboards
Access limited to authorised staff only
Formal breach-response plan (notify ICO and users within 72 hours)

12. Your Rights

Depending on where you live, you may have the right to:

Access the data we hold about you
Correct inaccuracies
Erase your data (“right to be forgotten”)
Restrict or object to certain processing
Port your data to another provider
Withdraw marketing consent anytime via the unsubscribe link or by emailing hello@ideebi.com

You can also update your cookie preferences using the floating icon on our Site.
To exercise any data rights, email hello@ideebi.com.

13. Complaints

If you believe we haven’t handled your data properly, please contact us first.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) or your local data authority.

14. California Privacy Notice (CCPA/CPRA)

We’re a UK-based company with a global audience.
Although we don’t yet meet the thresholds for mandatory CCPA/CPRA compliance, we still follow its core principles:

We don’t sell personal information for money.
We may share limited identifiers (like hashed emails or IP addresses) with ads partners for cross-context advertising.

California residents can request access or deletion by emailing hello@ideebi.com.

15. Children

Our Services are for adults (18 +).
We don’t knowingly collect data from children under 13.

16. Changes to This Policy

We may update this policy from time to time. If changes are material, we’ll:

Post the new version here with an updated “Last updated” date, and
Notify logged-in members in-app.

Using the Site after any update means you accept the new policy.

17. Contact Us

Questions or requests?
Email hello@ideebi.com or write to the address in §1.

Thank you for using Ideebi — built by Supafox Ltd.