Privacy Policy

Last updated: March 1, 2026

1. Who we are

Superless ("we", "us", "our") operates the superless.io website and related services. This policy explains how we collect, use, and protect your personal data when you interact with our website and services.

2. Data we collect

We collect only the minimum data necessary to operate the service:

• Email address — when you sign up for the waitlist or create an account.
• Consent record — whether you agreed to receive updates.
• Usage data — anonymized analytics such as page views and referral source.

3. How we use your data

Your data is used exclusively for the following purposes:

• To communicate with you about the service, including beta invitations and product updates.
• To operate and improve the Superless platform.
• To comply with legal obligations.

4. Data storage and location

All personal data is stored and processed in the European Union. We do not transfer data outside the EU. Our infrastructure is hosted on European cloud providers.

5. Data sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes. We may share data with service providers who help us operate the platform (e.g., hosting, email delivery), subject to strict data processing agreements.

6. Data retention

We retain your data for as long as necessary to provide the service or as required by law. If you request deletion, we will remove your personal data within 30 days.

7. Your rights

Under the General Data Protection Regulation (GDPR), you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate data.
• Erasure — request deletion of your personal data.
• Portability — receive your data in a structured, machine-readable format.
• Objection — object to data processing based on legitimate interests.
• Withdraw consent — at any time, without affecting prior processing.

8. Analytics

We use Simple Analytics to understand how visitors use our website. Simple Analytics does not use cookies, does not collect personal data, and does not track individual visitors. All data collected is aggregated and non-personal — it includes page views, referral sources, browser type, and country-level location. No IP addresses are stored or processed.

Simple Analytics processes data in the European Union and retains aggregated analytics data indefinitely. No data is shared with third parties. Our legal basis for using Simple Analytics is legitimate interest (Article 6(1)(f) GDPR) — specifically, our interest in understanding website usage to improve the service, balanced against the minimal privacy impact given that no personal data is collected.

9. Cookies

We do not use cookies. Our analytics provider (Simple Analytics) is cookieless by design. No tracking cookies, session cookies, or third-party advertising cookies are used on this website.

10. Security

We implement appropriate technical and organizational measures to protect your data, including TLS encryption in transit and encryption at rest for all stored data.

11. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via email or a notice on the website. The "Last updated" date at the top reflects the most recent revision.

12. Contact

If you have questions about this policy or wish to exercise your rights, contact us at superless+privacy@pm.me.