Privacy Policy
Last updated: April 11, 2026
1. Introduction
Welcome to TailwindThemeMaker, operated by Harmil Labs. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our service.
2. Data We Collect
Account Information
When you sign in via Google OAuth, we collect your name, email address, and profile photo. This data is stored securely in our database (Supabase) to provide you with a personalized experience.
Payment Information
When you purchase a Pro Plan, payment is processed by Razorpay. We do not store your full card details, UPI IDs, or bank account information on our servers. We only store a Razorpay Order ID and Payment ID for verification and support purposes. Your country of purchase is recorded to apply correct regional pricing.
Usage Data
We use Vercel Analytics to monitor website traffic and usage patterns. This helps us improve the tool and deliver a better experience.
Local Storage
We use browser LocalStorage to save your current theme preferences and tokens. This data never leaves your device and is not stored on our servers.
3. How We Use Your Data
- To provide and maintain the service
- To process and verify payments for the Pro Plan
- To manage your subscription status
- To respond to support requests
- To improve performance and user experience
4. Third-Party Services
We use the following third-party services:
- Razorpay — for secure payment processing
- Supabase — for database and authentication
- Google OAuth — for user login
- Google AdSense — for advertising (free users only)
- Vercel Analytics — for usage analytics
Each of these services has their own privacy policy governing how they handle your data.
5. Cookies
We use cookies and similar tracking technologies to track activity on our Service and hold certain information.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication (Supabase) & Theme persistence (LocalStorage) | Session / Persistent |
| Analytics | Usage patterns & performance (Vercel Analytics) | Session |
| Marketing | Ad serving & frequency capping (Google AdSense) | Up to 2 years |
6. Advertising
We use Google AdSense to serve advertisements to free users. Google, as a third-party vendor, uses cookies to serve ads based on your visit to our site and other sites. Pro users do not see any advertisements.
You may opt out of personalized ads by visiting the Google Ad and Content Network privacy policy.
7. Data Retention
We retain your account and payment data for as long as your account is active or as required by law. You may request deletion of your data at any time by contacting us.
8. Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of incorrect data
- Request deletion of your account and associated data
- Object to the processing of your personal data
To exercise any of these rights, please contact us at the email below.
9. Data Security
We implement robust technical and organizational measures to ensure your data remains secure:
- Encryption in Transit: All data transmitted between your browser and our servers is encrypted using SSL/TLS (HTTPS).
- OAuth Authentication: We use Google OAuth for authentication, meaning we never see or store your passwords.
- Database Security: Our database (Supabase) uses Row Level Security (RLS) to ensure users can only access their own data.
- Secure Payments: Payment processing is handled entirely by Razorpay, which is PCI DSS compliant.
- Security Research: We maintain a security.txt file to facilitate responsible disclosure of vulnerabilities.
10. Children's Privacy
Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us so that we can take necessary actions.
11. California Privacy Rights (CCPA)
Under the CCPA, California residents have the right to opt-out of the "sale" of their personal information. TailwindThemeMaker does not sell your personal information to third parties. We only share data with service providers (like Supabase and Razorpay) necessary to operate the platform.
12. GDPR Compliance
For users in the European Economic Area (EEA), Harmil Labs is the Data Controller. Our legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Information we collect and the specific context in which we collect it (Contractual necessity, Consent, or Legitimate interests).
13. Changes to This Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this Privacy Policy.
14. Contact Us
If you have any questions about this Privacy Policy, please contact us at harmillabs@gmail.com or visit our Contact page.