Privacy Policy

FARCHO-LABS ("Company", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our applications — DebtKiller, ShineTrack, Momentum, FunnelForge, TT Lossbeater, and Job Matcher (collectively, the "Services").

By using our Services, you consent to the practices described in this policy. If you do not agree, please discontinue use of our Services.

2.1 Information You Provide

• Account information: name, email address, and password when you register.
• Financial data (DebtKiller): debt amounts, interest rates, payment history, budget information, and currency preferences. This data is stored securely and never shared with third parties for commercial purposes.
• Vehicle data (ShineTrack): vehicle details, maintenance records, documents, and images submitted for AI analysis.
• Task data (Momentum): tasks, schedules, preferences, and natural language inputs in Spanish or English.
• Business data (FunnelForge): funnel configurations, lead data, and analytics related to your sales operations.
• Analytics data (TT Lossbeater): match preferences, statistical queries, and performance data. We do not collect or store betting or wagering activity — TT Lossbeater is a strictly informational platform.
• Career data (Job Matcher): resume content, skills, work experience, job preferences, and application history.

2.2 Information Collected Automatically

• Device information (type, operating system, unique identifiers).
• Usage data (features accessed, session duration, error reports).
• IP address and approximate location (country/region level only).
• Language and currency preferences detected from your device.
• Referral source and app version.

2.3 Information from Third Parties

• Paddle: when you subscribe, Paddle shares transaction confirmations and subscription status with us. We do not receive your full payment details (card numbers, bank info).
• OAuth providers: if you sign in via Google or similar, we receive your name and email from that provider.

We use collected information to:

• Provide, maintain, and improve our Services.
• Process transactions and manage subscription status via Paddle.
• Personalize your experience (language, currency, AI recommendations).
• Generate AI-powered insights within each application.
• Send service-related communications (account verification, security alerts, billing notices, product updates).
• Analyze anonymized usage patterns to improve our products.
• Detect and prevent fraud, abuse, and security incidents.
• Comply with applicable legal obligations.

We do not use your data for advertising purposes and we do not sell your data to any third party.

We do not sell your personal data. We share information only with the following trusted parties and only to the extent necessary:

• Paddle.com Market Limited: our Merchant of Record and payment processor. Paddle handles subscription payments, invoicing, tax compliance, and billing. Paddle's privacy policy applies to data they collect during payment processing.
• Cloud infrastructure providers (Google Cloud Platform): for secure hosting, data storage, and application delivery.
• MongoDB Atlas: for secure, encrypted database storage of application data.
• Anthropic (Claude API): for AI-powered features. Inputs to AI features are processed under Anthropic's data usage policies. We minimize personally identifiable information sent to AI providers.
• Analytics providers: anonymized, aggregated usage data only. No personally identifiable information is shared.
• Law enforcement or regulatory authorities: when required by applicable law, court order, or to protect our legal rights.

We implement industry-standard security measures including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256).
• Secure authentication with hashed and salted passwords.
• Rate limiting and input validation on all API endpoints.
• Regular security reviews and dependency audits.
• Access controls limiting data access to authorized personnel only.

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security and encourage you to use strong, unique passwords for your account.

We retain your personal data for as long as your account is active or as needed to provide the Services. Upon account deletion:

• Personal data is permanently deleted within 30 days.
• Anonymized, aggregated analytics data may be retained indefinitely.
• Data required for legal, tax, or compliance purposes may be retained for up to 7 years as required by Colombian law.

You may request data export or deletion at any time by contacting support@farcholabs.com.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Deletion: Request permanent deletion of your data ("right to be forgotten").
• Portability: Request your data in a structured, machine-readable format (JSON or CSV).
• Restriction: Request that we limit processing of your data pending a dispute.
• Objection: Object to certain types of processing, including profiling.
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time.

EU/EEA users (GDPR): You have additional rights under the General Data Protection Regulation. Our lawful bases for processing include contract performance, legitimate interests, and legal compliance.

California users (CCPA): You have the right to know what personal information we collect, the right to delete, and the right to opt out of sale (we do not sell data).

Colombian users (Ley 1581 de 2012): You have the right to know, update, rectify, and delete your personal data in accordance with Colombian data protection law.

To exercise any of these rights, contact us at support@farcholabs.com. We will respond within 30 days.

FARCHO-LABS is operated from Colombia. Our infrastructure providers (Google Cloud Platform, MongoDB Atlas, Anthropic) may process data in the United States or other countries. We ensure appropriate contractual safeguards — including Standard Contractual Clauses where applicable — are in place for international transfers.

Our Services are not directed to individuals under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at support@farcholabs.com and we will promptly delete such information.

Our web applications use cookies and similar technologies for:

• Essential cookies: authentication, session management, and security.
• Preference cookies: remembering your language, currency, and theme settings.
• Analytics cookies: anonymized usage patterns to improve our Services.

You can control or disable cookies through your browser settings. Note that disabling essential cookies may impact core functionality. We do not use cookies for advertising or cross-site tracking.

Our Services may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.

We may update this Privacy Policy periodically. For material changes, we will notify you via email or through a prominent notice within the Services at least 14 days before changes take effect. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.

For questions, concerns, or to exercise your privacy rights:

FARCHO-LABS
Email: support@farcholabs.com
Website: https://farcholabs.com

We aim to respond to all privacy-related inquiries within 30 days.