MyDirectLine - Privacy Policy

Last Updated: 11/1/2025

At MyDirectLine, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service at mydirectline.app (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not use our Service.

1. Information We Collect

1.1 Account Information

When you create an account using Google OAuth, we collect:

  • Your email address
  • Your full name
  • Your Google profile picture (if available)
  • A unique user identifier from Google

1.2 Profile Information

If you apply to become an Advisor, we collect:

  • Display name and bio
  • Pricing information (per-message rate)
  • Profile photos and media
  • Banking and tax information (via Stripe Connect for payouts)

1.3 Payment Information

We use Stripe as our payment processor. We do not directly store your credit card or banking details. Stripe collects and processes payment information securely. Please review Stripe's Privacy Policy for details on how they handle your payment data.

1.4 Messages and Content

We store all messages sent between clients and advisors, including text content, timestamps, and any metadata necessary to operate the Service. This is essential to provide the messaging functionality and maintain conversation history.

1.5 Usage Data

We automatically collect information about how you use the Service:

  • Log data (IP address, browser type, pages visited, time spent)
  • Device information (device type, operating system)
  • Session data (login times, feature usage)
  • Transaction history (credit purchases, message sends, payouts)

2. How We Use Your Information

We use your information to:

  • Provide the Service: Enable messaging between clients and advisors, process transactions, manage your account
  • Process Payments: Handle credit purchases and advisor payouts through Stripe
  • Improve the Service: Analyze usage patterns to enhance features and user experience
  • Customer Support: Respond to your questions and resolve issues
  • Security: Detect and prevent fraud, abuse, and security threats
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Service
  • Communication: Send you important service updates, security alerts, and administrative messages

3. How We Share Your Information

We do not sell your personal information. We share your information only in the following limited circumstances:

  • With Other Users: Messages you send are delivered to the intended recipient (client or advisor)
  • Service Providers: We share data with trusted third parties who help us operate the Service:
    • Stripe (payment processing and payouts)
    • Google (authentication via OAuth)
    • Cloud infrastructure providers (hosting and database services)
  • Legal Requirements: We may disclose information if required by law, court order, or governmental authority
  • Business Transfers: If MyDirectLine is acquired or merged, your information may be transferred to the new owner
  • With Your Consent: We may share information for other purposes with your explicit consent

4. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (HTTPS/TLS), secure authentication, encrypted database storage, and regular security monitoring. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your information as follows:

  • Active Accounts: If you log in at least once in 24 months, we retain all your data indefinitely to provide continuous service
  • Dormant Accounts: If you haven't logged in for 24 consecutive months AND have a zero credit balance, your account is considered dormant
  • Data Deletion: For dormant accounts, we reserve the right to delete message and media data after providing 90 days' notice via email. Your core account record will be preserved
  • Legal Holds: We may retain data longer if required by law or for legitimate business purposes (e.g., resolving disputes)

6. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request corrections to inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Data Portability: Request your data in a structured, machine-readable format
  • Opt-Out: Unsubscribe from marketing communications (note: you'll still receive essential service emails)
  • Object: Object to certain processing of your information

To exercise these rights, please contact us using the information in Section 11.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential Cookies: Required for authentication and session management
  • Preference Cookies: Remember your settings (e.g., dark mode preference)
  • Analytics: Understand how users interact with the Service to improve functionality

You can control cookies through your browser settings, but disabling essential cookies may prevent you from using certain features of the Service.

8. Third-Party Services

Our Service integrates with third-party services (Google for authentication, Stripe for payments). These services have their own privacy policies that govern their use of your information. We recommend reviewing:

9. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to the transfer of your information to the United States and other countries where we operate.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: privacy@mydirectline.app

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date at the top of this page. For material changes, we will provide notice through the Service or via email. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your information, and the right to opt-out of the sale of personal information. We do not sell your personal information. To exercise your CCPA rights, contact us using the information in Section 11.

14. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR), including the right to access, rectify, erase, restrict processing, data portability, and object to processing. Our legal basis for processing your information includes contract performance, legitimate interests, and consent. To exercise your GDPR rights, contact us using the information in Section 11.

Back to Home