Last updated: July 5, 2026
Secure Storage
All data encrypted at rest and in transit via SSL/TLS.
GDPR Aware
We respect user rights including access, deletion, and portability.
No Data Selling
We never sell or rent your personal data to third parties.
At Indie-Builds.com, we take data protection and compliance seriously. This page outlines our approach to data governance, security practices, regulatory compliance, and how we handle your data responsibly as a platform operator.
| Data Type | Purpose | Retention |
|---|---|---|
| Email address | Account authentication, notifications | Until account deletion |
| Username / display name | Public profile and attribution | Until account deletion |
| Project submissions | Platform listings and community discovery | Until removed by user or admin |
| IP address | Security, fraud prevention, rate limiting | 30 days (rolling) |
| Usage analytics | Product improvement and analytics | Up to 12 months |
| Payment records | Legal and billing compliance | 7 years (legal obligation) |
If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases as defined by the General Data Protection Regulation (GDPR):
We implement industry-standard security practices, including:
We rely on the following trusted sub-processors to deliver our services:
| Provider | Purpose | Data Location |
|---|---|---|
| Supabase | Database & authentication | AWS (us-east-1) |
| Vercel | Hosting & edge delivery | Global CDN |
| Dodo Payments | Payment processing | EU / Global |
All sub-processors are contractually bound to process data only as instructed and to maintain appropriate security measures.
Our infrastructure may involve the transfer of data outside your country of residence. Where such transfers occur (e.g., to the United States), we ensure appropriate safeguards are in place, including reliance on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms under GDPR.
You have the following rights regarding your personal data:
To exercise any of these rights, email us at bigzapps@gmail.com with "Data Request" in the subject line. We will respond within 30 days.
In the event of a personal data breach, we will:
We use the following categories of cookies:
We do not use advertising or tracking cookies beyond what is necessary for platform functionality.
For any data protection enquiries, requests, or complaints, please contact us:
If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.