1. Who We Are
FootprintIQ is operated by Vutrue, founded by Eduardo Garcia, based in Da Nang, Vietnam. We provide a SaaS platform for digital marketing agencies and freelancers.
Company: Vutrue / FootprintIQ
Location: Da Nang, Vietnam
Website: ftprintiq.com
Privacy contact: privacy@ftprintiq.com
Support: support@ftprintiq.com
2. What Data We Collect
Account Data
Full name, email address, and encrypted password when you create an account.
Billing Data
Payment card details are processed by Stripe. We never store your full card number. We store billing address and transaction records as required by law.
Usage Data
Searches performed, leads saved, proposals generated, features used, and timestamps of activity.
Team Data
Names and emails of team members you invite to your organization.
Content Data
Leads, notes, proposals, and cabinet content you create within the platform.
Technical Data
IP address, browser type, device type, operating system, and session data for security purposes.
Communications
Messages you send to our support team and in-platform messages.
3. Legal Basis for Processing (GDPR)
For users in the European Union and United Kingdom, we process your data under the following legal bases:
- ContractProcessing necessary to provide the service you subscribed to
- Legitimate InterestPlatform security, fraud prevention, and service improvement
- Legal ObligationRetaining billing records as required by financial regulations
- ConsentMarketing communications — you may withdraw consent at any time
4. How We Use Your Data
- →To provide, operate, and improve the FootprintIQ platform
- →To process subscription payments through Stripe
- →To send transactional emails — receipts, account alerts, usage warnings
- →To enforce subscription plan limits and prevent abuse
- →To provide customer support when you contact us
- →To detect and prevent fraud, abuse, and security threats
- →To comply with applicable laws and regulations
- →To generate anonymized aggregate statistics about platform usage
We do not sell your personal data. We do not use your data for advertising. We do not share your data with any third party for their own marketing purposes.
5. Third-Party Service Providers
We share data only with trusted providers necessary to operate the platform. Each is bound by data processing agreements:
Supabase
Database, authentication, and infrastructure
Location: USA / Singapore (AWS)
Anthropic (Claude AI)
AI-powered script and proposal generation
Location: USA
6. International Data Transfers
FootprintIQ is operated from Vietnam and serves users globally. Your data may be processed in Vietnam, Singapore, and the United States by our service providers.
For EU/EEA users: transfers outside the EEA are protected by Standard Contractual Clauses (SCCs) as required by GDPR Article 46. For UK users: transfers comply with UK GDPR adequacy provisions. By using the platform you acknowledge this international processing.
7. Your Rights by Region
🇪🇺 EU / EEA / UK — GDPR & UK GDPR Rights
- →Right to access your personal data
- →Right to rectification of inaccurate data
- →Right to erasure ("right to be forgotten")
- →Right to restriction of processing
- →Right to data portability
- →Right to object to processing
- →Right to withdraw consent at any time
- →Right to lodge a complaint with your local supervisory authority
🇺🇸 California — CCPA Rights
- →Right to know what personal information we collect
- →Right to delete your personal information
- →Right to opt out of sale (we do not sell data)
- →Right to non-discrimination for exercising your rights
🇧🇷 Brazil — LGPD Rights
- →Confirmation of data processing
- →Access to your data
- →Correction of incomplete or inaccurate data
- →Anonymization, blocking, or deletion of unnecessary data
- →Portability to another service provider
- →Deletion of data processed with your consent
- →Right to revoke consent
🇻🇳 Vietnam — Cybersecurity Law & PDPD
- →Data is processed in compliance with Vietnam's Cybersecurity Law 2018
- →Vietnam's Personal Data Protection Decree (PDPD) rights apply
- →Right to be informed about data processing
- →Right to restrict processing of your data
- →Right to delete your data
🌏 Other Regions
Regardless of your location, you may contact us at privacy@ftprintiq.com to access, correct, or delete your personal data. We will respond within 30 days.
To exercise any right: email privacy@ftprintiq.com with your request. We respond within 30 days.
8. Data Storage and Security
Data is stored in Supabase on AWS infrastructure in Singapore. Security measures include:
- →Row Level Security (RLS) — users can only access their own data
- →AES-256 encryption at rest for all stored data
- →TLS 1.3 encryption for all data in transit
- →Server-side environment variables for all secret keys
- →Regular security reviews and dependency updates
- →Access logging for all administrative actions
9. Data Retention
Active account dataRetained while account is active
Deleted account dataPermanently deleted within 30 days of request
Billing and transaction recordsRetained for 7 years (legal requirement)
Usage logsRetained for 12 months for security and analytics
Support communicationsRetained for 2 years
10. Cookies
We use only essential cookies required for authentication and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
Cookies we use:
- →Session cookie — keeps you logged in (expires when you close browser or log out)
- →Language preference — remembers your language selection (stored locally)
11. Children's Privacy
FootprintIQ is a business software platform not intended for anyone under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has created an account, contact us immediately at privacy@ftprintiq.com and we will delete the account within 72 hours.
12. Changes to This Policy
We will notify active users by email at least 14 days before material changes take effect. The updated policy will always be available at ftprintiq.com/privacy. Continued use after the effective date constitutes acceptance.
This privacy policy was written to comply with GDPR (EU), UK GDPR, CCPA (California), LGPD (Brazil), PDPA (Thailand), PDPD (Vietnam), PIPEDA (Canada), and other applicable international privacy laws.