Legal

Privacy Policy

Last updated: June 2026

Who we are

ProofPup is a solo-built product operated by an individual developer. It is a social proof widget tool built specifically for Polar sellers — developers and creators selling software on Polar. You can reach us at hello@proofpup.app.

What data we collect

We collect only what is necessary to provide the service:

  • Email address - Collected when you join the waitlist or create an account. Used to contact you about your account and the product.
  • Polar OAuth2 credentials - OAuth2 access and refresh tokens obtained when you authorize ProofPup on your Polar account. Stored encrypted at rest. Used exclusively to register webhooks and fetch order data. We request the minimum read-only scopes required.
  • Order data from Polar - Customer first name, country, product name, and purchase amount from your Polar orders, delivered via webhook. Used to generate widget notifications. We do not store payment details, card numbers, or customer email addresses. We retain the last 50 events per site.
  • Website domain - The domain(s) you register to use the widget on. Used to verify widget requests.
  • Usage data - Page visits and notification events on your site, counted for billing and analytics. No personally identifiable information about your visitors is stored.

What we do not collect

  • Your visitors' personal information - we only display first names and country flags from your own Polar orders
  • Payment or card details of any kind
  • Cookies for tracking or advertising
  • Data for any third-party advertising purposes

How we use your data

We use your data only to operate the ProofPup service:

  • To provide, maintain, and improve the widget service
  • To communicate with you about your account, billing, and product updates
  • To calculate usage for billing purposes

We do not sell, rent, or share your data with third parties for marketing purposes. Ever.

Third-party services

We use a small number of third-party services to operate ProofPup:

  • Cloudflare — Hosting, DNS, and edge infrastructure. Data may pass through Cloudflare's global network.
  • Resend — Transactional email delivery (account emails, waitlist confirmations). Your email address is stored in Resend's system.
  • Polar — We connect via OAuth2 and receive order events via webhook. We are not affiliated with Polar, Inc. Your use of Polar is subject to Polar's own privacy policy.

Data retention

We retain your account data for as long as your account is active. If you cancel your account, we will delete your data within 30 days upon request. Your Polar OAuth2 credentials are revoked and deleted immediately upon disconnecting your store.

Your rights (GDPR)

If you are located in the European Union, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Receive your data in a portable format

To exercise any of these rights, email hello@proofpup.app. We will respond within 30 days.

Security

Your Polar OAuth2 credentials are encrypted at rest. We use HTTPS for all data in transit. Access to production systems is restricted. We take security seriously - if you discover a vulnerability, please disclose it responsibly at hello@proofpup.app.

Changes to this policy

We may update this policy as the product evolves. When we make significant changes, we will notify you by email. The date at the top of this page indicates when it was last updated.

Contact

Questions about this policy or how we handle your data? Email us at hello@proofpup.app. We read every email.