popwis
Start free

Privacy Policy

Last updated: February 26, 2026

1. Introduction

Popwis (“we”, “our”, “us”) respects your privacy and is committed to protecting the personal data of our users and their website visitors. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

2. Data We Collect

2.1 Account Data

When you create a Popwis account, we collect:

  • Email address
  • Name (if provided)
  • Password (securely hashed, never stored in plain text)
  • Organization and site information you configure

2.2 Visitor Data (Collected on Your Behalf)

When you install the Popwis tracking script on your website, we collect data from your visitors on your behalf, including:

  • Page views and widget interactions
  • Browser type, device type, and approximate location (country/region)
  • Form submissions (email, name, phone — as configured by you)
  • Cart and purchase events (if cart recovery is enabled)

You are the data controller for visitor data collected through your widgets. We act as a data processor on your behalf.

2.3 Usage Data

We collect anonymized usage data about how you interact with the Popwis dashboard, including pages visited, features used, and error logs, to improve the Service.

3. How We Use Your Data

We use collected data to:

  • Provide and maintain the Service
  • Process your subscription and billing
  • Display widgets, notifications, and forms on your website
  • Store and manage your contacts, deals, and calendar events
  • Send transactional emails (account verification, password resets, email sequences you configure)
  • Improve the Service and fix bugs
  • Respond to support requests

We do not sell your data or your visitors' data to third parties.

4. Third-Party Services

We use the following third-party services to operate Popwis:

  • Supabase — Database hosting and authentication. Your account data, contacts, and widget configurations are stored in Supabase's infrastructure.
  • Vercel — Application hosting and CDN. Serves the Popwis dashboard and widget scripts.
  • Lemon Squeezy — Payment processing. Handles subscription billing and payment information. We do not store your credit card details.
  • Resend — Email delivery. Sends transactional and sequence emails on your behalf.

If you connect third-party integrations (Mailchimp, Klaviyo), your contact data is shared with those services according to their respective privacy policies and your configuration.

5. Cookies and Tracking

The Popwis dashboard uses essential cookies for authentication and session management. These are strictly necessary and cannot be disabled.

The Popwis widget script installed on your website uses localStorage to track widget display frequency (e.g., preventing the same popup from showing repeatedly). We do not use third-party tracking cookies on your visitors.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

Visitor analytics events are retained for the duration of your subscription. Contact data you collect is retained until you delete it or close your account.

7. Your Rights (GDPR)

If you are located in the European Economic Area, you have the right to:

  • Access — Request a copy of your personal data
  • Rectification — Request correction of inaccurate data
  • Erasure — Request deletion of your personal data
  • Portability — Export your data in a machine-readable format (CSV export is available in the dashboard)
  • Restriction — Request that we limit processing of your data
  • Objection — Object to processing based on legitimate interests

To exercise any of these rights, contact us at hello@popwis.net. We will respond within 30 days.

8. Data Security

We implement industry-standard security measures to protect your data, including encrypted connections (HTTPS/TLS), secure password hashing, row-level security policies on our database, and role-based access controls. However, no method of transmission over the Internet is 100% secure.

9. Children's Privacy

Popwis is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a notice in the dashboard. The “Last updated” date at the top of this page indicates when the policy was last revised.

11. Contact Us

If you have questions about this Privacy Policy or your data, please contact us:

Email: hello@popwis.net
Website: popwis.net