Privacy Policy

Last updated: May 7, 2026

Flavesite Privacy Policy

Last updated: May 6, 2026

Welcome to Flavesite. We are committed to protecting the privacy of users who access our services covering source code marketplace, software rental, SEO services, and website development. This policy explains what information we collect, how we use it, and your rights under Indonesian Personal Data Protection Law (UU No. 27/2022) and applicable international standards.

1. Data We Collect

  • Account Data — full name, email address, phone/WhatsApp number, and hashed password (we never store raw passwords).
  • Transaction Data — purchase history, amount, payment method, and order status. We do not store credit card or bank account numbers — those are processed directly by payment gateways (iPaymu, NowPayments).
  • License & Activation Data — when you install a purchased product, we record the domain name, IP address, and server fingerprint to prevent illegal license usage.
  • Communication Data — content of support tickets, chat messages, and emails sent to our team.
  • Technical Data — visitor IP address, browser user agent, pages visited, session duration (via cookies and analytics).
  • Affiliate Data — if you join the affiliate program: referral code, referral history, commissions, and bank account info for payouts.

2. How We Use Your Data

  • To process purchases, send invoices, and deliver digital products;
  • To validate software licenses installed on your servers/hosting;
  • To provide technical support and customer service;
  • To prevent abuse, fraud, and copyright infringement;
  • To send important notifications about your account, expiring licenses, or service changes;
  • To send promotional material (only if you opt-in — you can unsubscribe anytime);
  • To manage the affiliate program and calculate referral commissions;
  • To comply with legal obligations and lawful authority requests.

3. Sharing With Third Parties

We do not sell your personal data. Limited sharing occurs only with:

  • Payment providers (iPaymu, NowPayments) — to process transactions.
  • Email providers (our SMTP server) — to send invoices & notifications.
  • Analytics services (Google Analytics, Meta Pixel if enabled) — in anonymized/aggregated form.
  • Authorities — where required by law, court order, or to protect our legal rights.

4. Cookies and Tracking

We use cookies to: maintain your login session, remember preferences (language, dark/light mode), and run anonymous analytics. You may disable cookies in your browser, but some features may not function optimally.

5. Data Retention

Active account data is retained as long as the account exists. After account deletion upon your request, data will be erased within 30 days, except records required for tax/audit purposes (transaction data: 5 years per Indonesian Tax Law).

6. Security

We implement: password encryption (bcrypt), HTTPS for all communications, two-factor authentication (2FA) for admin accounts, rate limiting against brute-force, and role-based access. However, no system is 100% secure — you are also responsible for keeping your password confidential.

7. Your Rights

Under the Indonesian PDP Law, you have the right to:

  • Access the personal data we hold about you;
  • Update or correct inaccurate data;
  • Request data erasure ("right to be forgotten");
  • Restrict or object to certain processing;
  • Port your data to another service (data portability);
  • Withdraw consent at any time.

To exercise these rights, contact us via the email listed on our Contact page.

8. Children

Our services are not intended for children under 13. We do not knowingly collect data from minors without parental consent.

9. Policy Changes

We may update this policy from time to time. Significant changes will be communicated via email and/or dashboard notifications. The "Last updated" date above reflects the latest revision.

10. Contact

Privacy-related inquiries can be submitted via our Contact page or by emailing our support address.