Privacy Policy

This Privacy Policy explains how Drava collects, uses, discloses, and protects personal data when you use Prism and related websites, products, and services.

By accessing or using our services, you acknowledge this policy and agree to the practices described here.

Account and profile data, such as your name, email address, company details, billing profile, and account credentials.

Usage and product data, such as pages viewed, feature usage, session activity, device information, browser metadata, and log events.

Payment and transaction data processed through trusted payment providers. We do not store full card numbers on our servers.

Support and communication data, including messages sent to customer support, feedback submitted in product forms, and related attachments.

To provide, operate, and improve the Prism platform, including onboarding, account management, and feature delivery.

To process subscriptions, invoices, renewals, and fraud prevention checks connected to billing.

To maintain security, detect abuse, troubleshoot incidents, and enforce our legal terms.

To communicate service updates, product announcements, and support responses. You can opt out of non-essential marketing emails at any time.

Where required by law, we rely on one or more legal bases: performance of a contract, legitimate interests, legal obligations, and consent where applicable.

We share data with service providers that help us run our business, including hosting, analytics, billing, authentication, customer support, and communication platforms.

We may disclose information when required by law, legal process, or to protect the rights, safety, and security of Drava, our users, or third parties.

If Drava is involved in a merger, acquisition, reorganization, financing, or sale of assets, your data may be transferred as part of that transaction in accordance with applicable law.

We retain personal data for as long as needed to provide services, comply with legal and accounting obligations, resolve disputes, and enforce agreements.

Retention periods vary by data category, account status, and legal requirements.

We apply administrative, technical, and organizational safeguards designed to protect personal data against unauthorized access, loss, misuse, or alteration.

No system is completely secure. We encourage users to use strong passwords and maintain secure access to their own devices.

Your information may be processed in countries other than your own. Where required, we implement appropriate safeguards for international transfers.

Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, or request portability of your personal data.

To exercise these rights, contact us using the details in this policy. We may need to verify your identity before processing your request.

Our services are not directed to children under 13, and we do not knowingly collect personal data from children under 13.

We may revise this Privacy Policy from time to time. If we make material changes, we will update the effective date and provide additional notice where required.