Skip to content
Back to Home

Privacy Policy

Last Updated:

Effective Date: January 7, 2026

1. Introduction

Imajeure Inc. (“Quotetoo,” “we,” “us,” “our”), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our quote submission platform at quotetoo.com (“Service,” “Platform”).

By using Quotetoo, you consent to the data practices described in this Privacy Policy.

If you do not agree with this Privacy Policy, please discontinue use of the Service immediately.

Compliance: This Privacy Policy is designed to comply with the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws.

2. Information We Collect

We collect information you provide directly and automatically when you use our Service.

2.1 Information You Provide to Us

When you submit a quote, we collect:

  • Email Address: Required for verification and management access
  • Quote Text: The original quote you submit
  • Author Information: Your name or chosen display name
  • Context/Backstory: Optional additional information about the quote
  • Social Media Handles: Optional links to X (Twitter), Instagram, LinkedIn, TikTok, YouTube

2.2 Information Collected Automatically

When you visit or use Quotetoo, we automatically collect:

  • Technical Data: IP address, browser type, operating system, device information
  • Usage Data: Pages visited, time spent on pages, links clicked, search queries
  • Cookies: Session identifiers, analytics data (see Section 8)
  • Log Data: Access times, error logs, referral URLs

2.3 Information from Third Parties

We may receive information from:

  • Analytics: We use privacy-first analytics that collects only aggregated data (page paths, general geographic regions, device types) without storing IP addresses or using cookies
  • Email Service Providers: Delivery status, open rates (Resend)
  • Security Services: Threat detection, fraud prevention

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Provision

  • Verify email ownership before quote approval
  • Publish and display approved quotes with attribution
  • Enable semantic search functionality
  • Provide magic link authentication for quote management
  • Process quote deletions and modifications

3.2 Communication

  • Send verification emails
  • Send magic links for quote management
  • Respond to support requests
  • Notify you of policy changes (if legally required)

Note: We do not send marketing emails unless you explicitly opt in.

3.3 Platform Improvement

  • Analyze usage patterns to improve user experience
  • Monitor platform performance and fix technical issues
  • Develop new features based on user behavior

3.4 Security & Fraud Prevention

  • Detect and prevent spam, abuse, and fraudulent submissions
  • Enforce rate limits and Terms of Service
  • Protect against security threats

3.5 Legal Compliance

  • Comply with legal obligations (e.g., DMCA, law enforcement requests)
  • Enforce our Terms of Service
  • Protect our rights and property

Legal Bases (GDPR Compliance):

  • Contract Performance: Processing necessary to provide the Service
  • Legitimate Interests: Improving the platform, security, fraud prevention
  • Consent: Analytics cookies, optional data sharing (where applicable)
  • Legal Obligation: Compliance with laws and regulations

4. Information Sharing and Disclosure

We do not sell your personal information. We share your information only in limited circumstances:

4.1 Public Display and Search Engine Indexing

Approved quotes are publicly visible and include:

  • Quote text
  • Author name/display name
  • Social media handles (if provided)
  • Context/backstory (if provided)
  • Submission date

Search Engine Indexing:

Approved quotes are indexed by search engines (Google, Bing, etc.) and are publicly searchable on the internet. This means anyone can discover your quote through web searches. This is by design — Quotetoo is a public platform for sharing wisdom with the world.

Your email address is never displayed publicly or shared with search engines.

4.2 Service Providers

We share information with trusted third-party service providers:

  • Supabase: Database hosting (quote data, email addresses)
  • Qdrant Cloud: Vector search (quote embeddings only, no PII)
  • Resend: Email delivery (email addresses for verification/magic links)
  • OpenAI: Semantic embeddings generation (quote text only, no PII)
  • Vercel: Hosting and analytics (usage data, no quote content)

Contractual Safeguards: All service providers are bound by contracts requiring them to protect your data and use it only for specified purposes.

4.3 Legal Requirements

We may disclose information if required by law or to:

  • Comply with legal processes (subpoenas, court orders)
  • Enforce our Terms of Service
  • Protect rights, property, or safety of Quotetoo, users, or the public
  • Detect, prevent, or address fraud, security, or technical issues

4.4 Business Transfers

If Quotetoo is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4.5 With Your Consent

We may share information with other parties when you explicitly consent to such sharing.

5. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy.

Retention Periods:

  • Published Quotes: Retained indefinitely unless you delete them
  • Email Addresses: Retained while you have active quotes; purged 90 days after all quotes are deleted
  • Verification Tokens: Deleted after 24 hours
  • Magic Links: Deleted after 1 hour
  • Deleted Quotes: Soft-deleted (status changed to “deleted”); data retained for 30 days for recovery, then permanently purged
  • Analytics Data: Aggregated and anonymized; retained for 2 years
  • Log Data: Retained for 90 days for security/debugging

Extended Retention: We may retain information longer if required by law or for legitimate business purposes (e.g., resolving disputes, enforcing agreements).

6. Data Security

We implement industry-standard security measures to protect your information from unauthorized access, alteration, disclosure, or destruction.

Security Measures Include:

  • Encryption: Data transmitted over HTTPS (TLS 1.3)
  • Database Security: Row-level security policies, encrypted at rest
  • Access Controls: Strict authentication, role-based permissions
  • Tokenized Authentication: Cryptographically secure magic links
  • Rate Limiting: Protection against brute-force attacks
  • Regular Audits: Security reviews and vulnerability scanning

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Data Breach Notification: In the event of a data breach affecting your personal information, we will notify you and relevant authorities as required by applicable law within 72 hours of discovery.

7. Your Privacy Rights

Depending on your location, you may have specific privacy rights under laws like GDPR (EU) and CCPA (California).

7.1 Rights Under GDPR (EU Users)

If you are located in the European Economic Area, you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure (“Right to be Forgotten”): Request deletion of your personal data
  • Restriction: Request limitation of processing in certain circumstances
  • Data Portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
  • Lodge a Complaint: File a complaint with your local data protection authority

7.2 Rights Under CCPA (California Users)

If you are a California resident, you have the right to:

  • Know: Request disclosure of personal information collected, used, and shared
  • Delete: Request deletion of personal information
  • Opt-Out: Opt out of the “sale” of personal information (we do not sell personal data)
  • Non-Discrimination: Not be discriminated against for exercising your rights

7.3 How to Exercise Your Rights

To exercise your privacy rights:

  1. Self-Service Deletion: Use /manage to delete quotes
  2. Email Request: Contact hello@quotetoo.com with:
    • Subject: “Privacy Rights Request”
    • Your email address associated with the quote(s)
    • Specific request (access, deletion, correction, etc.)

Verification: We may ask for verification before processing requests to confirm your identity.

Response Time: We will respond to requests within 30 days (or as required by applicable law).

8. Cookies and Tracking Technologies

We minimize the use of cookies and tracking technologies. We use privacy-first analytics that does not require cookies or track individual users.

8.1 Our Privacy-First Approach

What We Do NOT Do:

  • We do NOT use analytics cookies
  • We do NOT store IP addresses (only hashed temporarily for geo-lookup)
  • We do NOT use tracking pixels or fingerprinting
  • We do NOT share data with advertising networks

Essential Cookies Only (Required)

  • Session management for magic link authentication
  • Security and fraud prevention
  • Cannot be disabled without affecting functionality

Privacy-First Analytics

  • Aggregated page view counts only
  • Geographic data limited to city/state level
  • Device type (mobile/tablet/desktop)
  • Referrer domain (not full URLs)
  • No personally identifiable information collected or stored

8.2 Managing Cookies

You can control cookies through your browser settings:

  • Block all cookies (may affect magic link functionality)
  • Delete existing cookies
  • Set preferences for specific sites

Note: Blocking essential cookies will prevent you from using magic link authentication.

9. Third-Party Services and Links

Quotetoo integrates with and may link to third-party services. We are not responsible for the privacy practices of these third parties.

Third-Party Services We Use:

Social Media Links: Quotes may include user-provided links to social media profiles (X, Instagram, LinkedIn, TikTok, YouTube). Clicking these links is governed by those platforms' privacy policies.

10. International Data Transfers

Quotetoo is operated from the United States. If you access the Service from outside the U.S., your information may be transferred to, stored, and processed in the U.S. or other countries.

For EU Users (GDPR):

  • We rely on Standard Contractual Clauses (SCCs) for data transfers to the U.S.
  • Our service providers implement appropriate safeguards for EU data
  • You have the right to object to international transfers under certain circumstances

By using Quotetoo, you consent to the transfer of your information to the United States and other countries that may have different data protection laws than your country of residence.

11. Children's Privacy

Quotetoo is not intended for children under 13 years of age.

We do not knowingly collect personal information from children under 13. If you are under 13, do not use this Service or provide any information.

For Users 13-17: If you are between 13 and 18 years old (or the age of majority in your jurisdiction), you represent that you have obtained parental or legal guardian consent to use this Service.

Parent/Guardian Notice: If you believe your child has provided personal information to us, contact hello@quotetoo.com and we will delete the information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last Updated” date.

We will notify you of material changes by:

  • Updating the “Last Updated” date at the top of this page
  • Emailing registered users (if legally required)
  • Displaying a prominent notice on the Platform

Continued Use: Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy. If you do not agree with changes, discontinue use and delete your quotes.

13. Contact Us

For privacy-related questions, concerns, or requests:

Privacy Inquiries: hello@quotetoo.com

Data Protection Officer: legal@quotetoo.com

GDPR Representative (EU): legal@quotetoo.com

Postal Address:

Imajeure Inc.

c/o Universal Registered Agents, Inc.

300 Creek View Road, Suite 209

Newark, DE 19711

Response Time: We will respond to privacy inquiries within 30 days (or as required by applicable law).

Acknowledgment

BY USING QUOTETOO, YOU ACKNOWLEDGE THAT YOU HAVE READ THIS PRIVACY POLICY AND CONSENT TO OUR DATA PRACTICES AS DESCRIBED HEREIN.