Privacy Policy

Last updated: May 16, 2026

1. Introduction

Kevin Miiso Novo (“we,” “us,” or “our”) operates miiso.dev and all services under the *.miiso.dev domain, including SaaS products, SaaS business bundles, Framer templates, and Fortnite map bundles. This Privacy Policy explains how we collect, use, share, and protect your personal information across all of these services.

All products share a single account system. Information you provide at miiso.dev — your account details, purchases, and subscription status — is accessible across all *.miiso.dev products to which you have access.

2. Information We Collect

2.1 Account and Identity Information

  • Name and email address (collected at registration)
  • Password (stored as a secure hash — never in plain text)
  • Profile information you optionally provide
  • Authentication session tokens, managed by BetterAuth and scoped to .miiso.dev

2.2 Purchase and Subscription Information

  • Products purchased and licences held
  • Active subscriptions, billing cycle, and renewal dates
  • Transaction identifiers and order history (provided by Polar)
  • Payment method details — processed and stored entirely by Polar; we do not store card numbers or banking information

2.3 Product Usage Information

  • Feature usage within SaaS products (stored per-product in our shared database)
  • Content you create or save within a SaaS product
  • Game map usage statistics collected via the Fortnite platform (by Epic Games, subject to their privacy policy)

2.4 Automatically Collected Information

  • Browser type, operating system, and device type
  • IP address and approximate location
  • Pages visited, time on page, and navigation paths
  • Referring URL and search terms

This information is collected through Google Analytics. Data is anonymised and aggregated — no personally identifiable information is sent to Google Analytics.

3. How We Use Your Information

  • To create and manage your account across all *.miiso.dev products
  • To process purchases and manage subscription access
  • To deliver and operate the SaaS products you subscribe to
  • To grant access to purchased bundles, templates, or map files
  • To send transactional emails (receipts, licence confirmations, expiry notices)
  • To send product update announcements (you may opt out at any time)
  • To analyse usage and improve product quality and performance
  • To detect and prevent fraud and unauthorised access
  • To comply with legal obligations

4. How We Share Your Information

We do not sell your personal information. We share it only with the service providers necessary to operate our products:

  • Supabase — database and backend infrastructure storing your account, purchases, subscriptions, and product data
  • BetterAuth — manages sessions and credentials
  • Polar — payment processing and subscription billing; processes your payment details directly
  • Vercel — hosting and edge delivery
  • Google Analytics — website usage analytics; data is anonymised and aggregated
  • Framer — design platform for which templates are sold; template usage within the platform is subject to their own privacy policy
  • Epic Games — Fortnite platform; processes game usage data for published maps under their own privacy policy
  • Resend — transactional email delivery; your email address is shared to send verification, password reset, and account notification emails
  • Loops.so — transactional and marketing email delivery
  • Legal authorities when required by law or to protect rights and safety

All processors are contractually obligated to use your data only as required to provide their services and are bound by confidentiality obligations.

5. Cookies and Session Tokens

We use the following types of cookies and local storage:

  • Authentication cookies — session tokens that keep you logged in and recognised across all miiso.dev products
  • Preference cookies — theme and display preferences (e.g. dark/light mode)
  • Analytics cookies — Google Analytics collects anonymised usage data via cookies

You can control cookies through your browser settings. Disabling authentication cookies will prevent you from staying logged in across the site.

6. Data Security

We implement appropriate technical and organisational measures to protect your data, including encrypted data transmission, secure password hashing, database access controls, and least-privilege access limited to necessary services.

No method of transmission over the internet is completely secure. While we take every reasonable precaution, we cannot guarantee absolute security.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Specifically:

  • Account data is retained for the lifetime of your account
  • Purchase and transaction records are retained for a minimum of 5 years for accounting and legal compliance purposes
  • Product usage data within SaaS products is retained as long as your subscription is active
  • Analytics data is retained per the policies of Google Analytics and Vercel

You may request account deletion at any time. We will delete your personal data within 30 days, subject to any legal retention obligations (e.g. financial records).

8. Your Rights

You have the following rights over your personal information:

  • Right to access the personal data we hold about you
  • Right to correct inaccurate or incomplete information
  • Right to request deletion of your account and personal data
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to opt out of marketing communications at any time
  • Right to withdraw consent where processing is based on consent

South African residents are protected under the Protection of Personal Information Act (POPIA). You have the right to lodge a complaint with the Information Regulator of South Africa at inforeg.org.za.

To exercise any of these rights, contact us at legal@miiso.dev. We will respond within 30 days.

9. International Data Transfers

We are based in South Africa. Our infrastructure partners (Vercel, Supabase, Polar) operate servers primarily in the United States and European Union. By using our services, you consent to your information being transferred to and processed in these jurisdictions.

We ensure that all international transfers are made in accordance with the Protection of Personal Information Act (POPIA) and, where applicable, the GDPR.

10. Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the date at the top of this page. Continued use of any service after changes are posted constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions or to exercise your rights, contact:

legal@miiso.dev