Privacy with the volume down.
Live account registration and checkout are disabled until the legal controller’s verified identity and contact details are published. Affordable collects what is needed to provide an account, honour a valid purchase and protect the service.
Controller and contact
Accounts and live payments are not open yet. Verified controller details will appear here before registration is enabled.
What we keep
Account data includes your email address, optional display name, a one-way password hash, and short-lived session records. Purchase data includes the edition, amount, currency, order and processor references, and limited Stripe customer identifiers; Affordable never receives your complete card number.
An upgrade gift records its sender, starting and destination edition, value, state, and—only when supplied—the recipient email. Product choices, favourites and completion history are private account data. Current public visuals use synthetic data; private circle summaries use thresholded member counts rather than public profiles or free-text posts.
Why we use it
We process account, entitlement and receipt data to perform the contract you asked us to perform. Narrow fraud controls, rate-limit records and security-relevant request data serve our legitimate interest in operating a dependable service. We ask before using optional analytics or marketing technology.
Affordable has no advertising network, does not sell personal data, and does not build a cross-site profile. A dramatic price ladder is not a legal basis.
Who helps
Stripe processes web payments only when live checkout is enabled. Postmark delivers transactional verification, purchase, withdrawal and deletion email. The configured hosting and database providers process service data under restricted access and processor terms.
Apple and Google are not processors for the current web release; their store privacy disclosures will be added if native store distribution becomes live. Any international transfer must use an available lawful mechanism before the relevant provider is enabled.
How long
Sessions expire after 30 days unless you sign out sooner. Unclaimed upgrade links expire after 90 days and their value returns to the sender’s balance. Account product records remain until you delete them or ask us to do so.
Receipts, refunds, entitlement events, and fraud-prevention records may be retained for the period required by tax, accounting, consumer, and security law. We delete or anonymise data when its purpose and required retention end.
Your choices
Depending on where you live, you may ask to access, correct, export, restrict, object to, or delete personal data. You may also complain to your local data-protection authority. Signed-in owners can initiate deletion at Account & deletion; other privacy requests go to [email protected].
A deletion request disables access immediately, revokes sessions, and schedules eligible product-data removal and account de-identification after 30 days. Receipt and legal-retention records remain only for their required period.
Safety and changes
Passwords use memory-hard hashing; session and claim tokens are stored as hashes; payment webhooks are signed; sensitive web writes require a trusted origin. Payment, entitlement, upgrade-link and deletion events leave scoped database records needed to operate and investigate those features.
Affordable is not directed to children under 16. Material notice changes are dated and posted here; where direct notice is legally required, it is sent to the verified account email. Questions can go to [email protected].