Privacy Policy

Terminal Control ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SaaS platform for Starlink terminal management (the "Service").

By using Terminal Control, you agree to the collection and use of information in accordance with this policy. If you do not agree with our practices, please do not use our Service.

This policy applies to information we collect through our website (terminalcontrol.net), our application, and any related services, tools, and features.

We collect information that you provide directly, information collected automatically, and information from third parties.

2.1 Information You Provide

• Account Information: When you create an account, we collect your name, email address, password (encrypted), and organization name.
• Profile Information: Additional details you may provide, such as profile picture, phone number, and job title.
• Business Data: Information about your Starlink terminals, customers, payments, and billing records that you input into the Service.
• Payment Information: When you subscribe to a paid plan, payment details are collected and processed by our payment processor, Stripe. We do not store full credit card numbers on our servers.
• Communications: When you contact us for support or feedback, we collect the content of your messages.

2.2 Information Collected Automatically

• Usage Data: We collect information about how you interact with the Service, including pages visited, features used, and actions taken.
• Device Information: Browser type, operating system, device type, and screen resolution.
• Log Data: IP address, access times, and referring URLs.
• Cookies and Similar Technologies: We use cookies and similar tracking technologies to collect information. See Section 8 for details.

2.3 Information from Third Parties

• Authentication Providers: If you sign in using a third-party service (e.g., Google), we receive basic profile information from that service.
• Payment Processor: Stripe provides us with transaction status and subscription information.

We use the information we collect for the following purposes:

3.1 Providing and Improving the Service

• To create and manage your account and organization.
• To provide terminal management, customer tracking, and billing features.
• To process payments and manage subscriptions.
• To send automated payment reminders to your customers (on your behalf).
• To provide customer support and respond to inquiries.
• To analyze usage patterns and improve the Service.

3.2 Communications

• To send service-related announcements and updates.
• To notify you of security alerts or account issues.
• To send marketing communications (with your consent, where required).

3.3 Security and Compliance

• To detect and prevent fraud, abuse, and security threats.
• To comply with legal obligations and enforce our terms.
• To maintain audit logs for compliance and accountability.

3.4 Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal bases for processing your information include:

• Contract: Processing necessary to perform our contract with you (providing the Service).
• Legitimate Interests: Processing for our legitimate business interests, such as improving the Service and preventing fraud.
• Consent: Where you have given consent for specific processing activities.
• Legal Obligation: Processing necessary to comply with applicable laws.

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party vendors who perform services on our behalf, including:

• Stripe: For payment processing and subscription management.
• Cloud Infrastructure: For hosting and data storage.
• Email/SMS Services: For sending notifications and reminders.
• Analytics Providers: For understanding usage patterns.

These providers are contractually obligated to protect your information and use it only for the services they provide to us.

4.2 Within Your Organization

If you are part of an organization using Terminal Control, organization administrators may have access to your account activity and data within the organization's workspace.

4.3 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests (e.g., subpoenas, court orders, or government requests).

4.4 Business Transfers

If Terminal Control is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4.5 With Your Consent

We may share your information with third parties when you give us explicit consent to do so.

We implement industry-standard security measures to protect your information, including:

• Encryption: Data is encrypted in transit using TLS/SSL and at rest using AES-256 encryption.
• Access Controls: We implement role-based access controls and the principle of least privilege.
• Secure Infrastructure: Our services are hosted on secure, SOC 2 compliant cloud infrastructure.
• Password Security: Passwords are hashed using industry-standard algorithms and never stored in plain text.
• Regular Audits: We conduct regular security assessments and vulnerability testing.
• Audit Logging: We maintain comprehensive audit logs of all account activities.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy:

• Active Accounts: We retain your data while your account is active.
• After Termination: Following account termination, we retain your data for 30 days to allow for data export. After this period, we may delete or anonymize your data.
• Legal Requirements: We may retain certain information longer if required by law or for legitimate business purposes (e.g., resolving disputes, enforcing agreements).
• Audit Logs: Audit logs may be retained for up to 7 years for compliance purposes.

Depending on your location, you may have certain rights regarding your personal information:

7.1 Access and Portability

You can access your personal information through your account settings. You can export your data at any time using our export features or API.

7.2 Correction

You can update or correct your account information through your account settings.

7.3 Deletion

You can request deletion of your account and personal information by contacting us. Note that some information may be retained as required by law or for legitimate business purposes.

7.4 Marketing Communications

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email or by adjusting your notification preferences.

7.5 GDPR Rights (EEA Residents)

If you are in the European Economic Area, you have additional rights including:

• Right to restrict processing of your data.
• Right to object to processing.
• Right to withdraw consent.
• Right to lodge a complaint with a supervisory authority.

7.6 CCPA Rights (California Residents)

If you are a California resident, you have the right to:

• Know what personal information we collect and how it is used.
• Request deletion of your personal information.
• Opt out of the sale of personal information (we do not sell personal information).
• Non-discrimination for exercising your privacy rights.

To exercise any of these rights, please contact us at privacy@terminalcontrol.net.

We use cookies and similar tracking technologies to collect and store information about your interactions with our Service.

8.1 Types of Cookies We Use

• Essential Cookies: Required for the Service to function properly (e.g., authentication, security).
• Functional Cookies: Remember your preferences and settings.
• Analytics Cookies: Help us understand how users interact with the Service.

8.2 Managing Cookies

Most browsers allow you to control cookies through their settings. However, disabling certain cookies may affect the functionality of the Service.

8.3 Do Not Track

We do not currently respond to "Do Not Track" browser signals. However, you can manage your cookie preferences as described above.

Terminal Control is based in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers are located.

If you are in the European Economic Area or other regions with data protection laws, we ensure appropriate safeguards are in place for international transfers, including:

• Standard Contractual Clauses approved by the European Commission.
• Data processing agreements with our service providers.

Terminal Control is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete that information.

If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@terminalcontrol.net.

The Service may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties.

We encourage you to review the privacy policies of any third-party services you access through Terminal Control.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

• Posting the updated policy on our website with a new "Last updated" date.
• Sending an email notification (for material changes).
• Displaying a notice within the Service.

Your continued use of the Service after any changes indicates your acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For GDPR-related inquiries, you may contact our Data Protection representative: