Privacy Policy

Last Updated: February 20, 2026

1. Introduction

Directorly (“Directorly,” “we,” “us,” or “our”) operates the software-as-a-service platform available at directorly.app (the “Service”), which enables users to build and monetize directory websites. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or use our Service.

By creating an account or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with its terms, please do not use the Service.

For questions or concerns about this policy, contact us at support@directorly.app.

2. Information We Collect

2.1 Information You Provide Directly

Account Registration Data. When you create a Directorly account, we collect your full name, email address, and password (stored in hashed, non-recoverable form).

Billing and Subscription Data. When you subscribe to a paid plan, we collect billing information through our third-party payment processor, Stripe, Inc. (“Stripe”). Directorly does not directly store or process your full credit card number or bank account details. Stripe collects and processes this information on our behalf, subject to Stripe's Privacy Policy. The information we receive from Stripe includes your payment method type, last four digits of your card, billing address, and transaction records.

Directory and Business Content. When you create directories and listings on the Service, we collect all content you submit, including directory names, descriptions, categories, configuration settings, listing data, images, pricing configurations, and monetization settings.

Communications. If you contact us for support or other purposes, we collect the content of your messages and any information you choose to include.

2.2 Information Collected Automatically

Usage and Log Data. When you interact with the Service, our servers automatically collect your IP address and approximate geographic location, browser type and version, operating system, pages visited, features used, time spent, referring URLs, and timestamps.

Device Information. We collect information about the device you use to access the Service, including device identifiers, screen resolution, and connection type.

Cookies and Similar Technologies. We use cookies and similar tracking technologies as described in Section 6 below.

2.3 Information From Third Parties

Stripe. When you process payments through Stripe, Stripe may share limited transactional and verification data with us, such as payment status, subscription state, and dispute or refund events.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Providing and Operating the Service — creating and managing your account, processing subscription payments, enabling you to create and publish directory websites, and sending transactional communications.
• Improving and Developing the Service — analyzing usage patterns, diagnosing and fixing bugs, developing new features, and conducting internal research.
• Security and Fraud Prevention — verifying your identity, detecting and preventing fraudulent transactions and abuse, and enforcing our Terms of Service.
• Communications — responding to your support requests, sending service announcements, and with your consent, sending promotional communications (you may opt out at any time).
• Legal Compliance — complying with applicable laws, regulations, and responding to lawful requests.

4. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on the following legal bases:

• Performance of a contract — account creation, management, subscription billing, and payments.
• Legitimate interests — service improvement, analytics, security, and fraud prevention.
• Consent — marketing communications.
• Legal obligation — legal compliance.

5. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

• Service Providers — we engage trusted third-party companies to help operate the Service, including Stripe for payment processing, cloud infrastructure providers, email delivery services, and analytics platforms.
• Your End Users — content you publish to your public directory websites is accessible to visitors of those directories.
• Business Transfers — in the event of a merger, acquisition, or sale of assets, your information may be transferred to a successor entity with prior notice.
• Legal Requirements — we may disclose your information to comply with applicable law, enforce our Terms, or protect rights, property, or safety.
• With Your Consent — we may share your information for other purposes with your explicit consent.

6. Cookies and Tracking Technologies

We use cookies and similar technologies on the Service. These include:

• Strictly Necessary Cookies — essential for the Service to function, including session authentication and security cookies.
• Functional Cookies — remember your preferences and settings to provide a more personalized experience.
• Analytics Cookies — collect information about how you use the Service in aggregated form to help us improve it.

You can control and manage cookies through your browser settings. Note that disabling strictly necessary cookies will impair your ability to use the Service.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy:

• Account information — duration of your account, plus 90 days after deletion request.
• Subscription and billing records — 7 years for tax and accounting compliance.
• Directory and listing content — duration of your account; deleted upon confirmed account deletion.
• Server and access logs — up to 12 months.
• Analytics data — up to 26 months in identifiable form; longer in aggregated form.

8. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access — request a copy of the personal information we hold about you.
• Correction — request that we correct inaccurate or incomplete personal information.
• Deletion — request that we delete your personal information, subject to certain exceptions.
• Opt-Out of Marketing — opt out of marketing emails at any time by clicking “unsubscribe” or contacting us.

EEA, UK, and Swiss Users additionally have the right to restrict processing, data portability, object to processing, withdraw consent, and lodge a complaint with your local supervisory authority.

California Users have the right to know, delete, correct, and opt out of the sale of personal information (we do not sell personal information), and non-discrimination for exercising these rights.

To exercise your rights, contact us at support@directorly.app. We will respond within 30 days (GDPR) or 45 days (CCPA).

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including encryption of data in transit (TLS/SSL) and at rest, access controls on a need-to-know basis, regular security assessments, and incident response procedures. While we take reasonable precautions, no method of electronic transmission or storage is 100% secure.

10. International Data Transfers

Directorly operates from the United States. If you are located outside the United States, your information will be transferred to and processed in the United States. For transfers from the EEA, UK, or Switzerland, we rely on appropriate safeguards, including Standard Contractual Clauses approved by the European Commission.

11. Children's Privacy

The Service is not directed to individuals under the age of 16 (or under 13 in the United States). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without verifiable parental consent, we will promptly delete it. If you believe we have inadvertently collected information from a child, please contact us at support@directorly.app.

12. Third-Party Links and Services

Your directories built on Directorly may contain links to third-party websites or embed third-party services. This Privacy Policy does not apply to those third-party services, and we are not responsible for their privacy practices.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and by posting a prominent notice on the Service. The “Last Updated” date at the top reflects the most recent revision. Your continued use of the Service after changes become effective constitutes your acceptance of the revised policy.

14. Contact Us

If you have any questions about this Privacy Policy, contact us at:

Directorly
Email: support@directorly.app
Website: https://directorly.app

For EEA/UK users, if you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.