Directify 2.0 is here See what's new

Directify
Start free
Legal

Privacy Policy

Privacy Policy for Directify

Effective Date: May 9, 2026

This Privacy Policy explains how Directify ("Directify", "we", "us", or "our") collects, uses, shares, and protects information when you visit directify.app, create an account, subscribe to a plan, or use our hosted directory websites, dashboards, APIs, and related services (collectively, the "Services").

This policy covers two distinct relationships:

  1. Directify customers — people and businesses who sign up for Directify to build and operate directory websites. For this data we are the controller.
  2. End-visitors of customer directories — people who browse, search, submit listings, or sign up on a directory website built with Directify. For data submitted through customer directories, the Directify customer is generally the controller and Directify acts as a processor on the customer's behalf, in accordance with the Terms of Service.

1. Information We Collect

1.1 Information you provide directly

  • Account information — name, email address, password (hashed), profile photo, and other contact details you submit when registering or updating your profile.
  • Billing information — billing name, address, country, and the last four digits and brand of your payment card. Full card numbers are collected and stored by our payment processors (Stripe and Creem), not by us.
  • Customer Content — directories, listings, categories, tags, custom fields, articles, custom pages, images, logos, organizers, and other content you upload or generate through the Services. This may include personal information about end-visitors of your directory if you collect it (for example, lead-form submissions, reviews, or paid-submission contact details).
  • Communications — messages you send us via email, support channels, Discord, surveys, or feedback forms.

1.2 Information collected automatically

  • Usage and device data — IP address, browser type and version, operating system, device identifiers, referring/exit pages, pages viewed, features used, dates and times of access, and crash and performance data.
  • Cookies and similar technologies — used for authentication, security, preferences, and analytics. See Section 7 for details.
  • Log data — request logs, error logs, and security logs needed to operate, secure, and debug the Services.

1.3 Information from third parties

  • OAuth and social login providers (e.g., Google) when you sign in or connect your account.
  • Payment processors confirming the status of charges and subscriptions.
  • Domain and email-deliverability providers confirming DNS and SPF/DKIM/DMARC configuration on custom domains.

2. How We Use Your Information

We use the information described above to:

  • create, maintain, and secure your account and authenticate sessions;
  • provide, operate, and improve the Services, including deploying customer directories, custom domains, email, analytics, and integrations;
  • process payments, manage subscriptions, prevent fraud, and recover failed payments;
  • respond to support requests, send service announcements (such as security alerts, billing notices, and policy updates), and — where you have opted in or where permitted under applicable law — send product updates, newsletters, and marketing emails;
  • generate aggregated usage statistics and improve product features, including performance, reliability, and pricing decisions;
  • enforce our Terms of Service, investigate suspected abuse, and protect Directify, our customers, and the public from harm; and
  • comply with legal obligations and respond to lawful requests.

3. Legal Bases (EEA / UK)

If you are in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases:

  • Contract — to provide the Services you requested and manage your subscription.
  • Legitimate interests — to operate, secure, and improve the Services, prevent fraud, and conduct limited marketing of similar products to existing customers.
  • Consent — for optional cookies, for marketing emails where required, and for any other processing where consent is the appropriate basis. You may withdraw consent at any time.
  • Legal obligation — to comply with applicable laws (e.g., tax, accounting, or law-enforcement requests).

4. Customer Content and End-Visitor Data

Where you build a directory on Directify, you decide what end-visitor data you collect and how you use it. We process that data on your behalf as a processor, in accordance with our Terms of Service. As a customer, you are responsible for:

  • providing your own privacy notice to your end-visitors;
  • obtaining any required consents (including for cookies, analytics, and marketing);
  • responding to data-subject rights requests from your end-visitors; and
  • honoring lawful requests for deletion or correction of end-visitor data.

If we receive a data-subject request that relates to a customer's directory, we will refer the requester to the customer or assist the customer as the controller.

5. Sharing of Information

We do not sell or rent your personal information. We share information only as described below:

  • Service providers and subprocessors that help us operate the Services, under contractual confidentiality and data-protection obligations. These currently include:
    • Cloud and CDN infrastructure (Cloudflare and our hosting provider);
    • Payment processors (Stripe, Creem);
    • Transactional and marketing email providers (Resend, Postmark, Amazon SES);
    • AI providers (OpenAI) for AI-assisted features you choose to use;
    • Analytics providers (Umami, and, where you enable them, Google Analytics, Plausible, or PostHog);
    • Screenshot, content, and SEO providers (ScreenshotOne, BlogBuster, SEOBotAI);
    • Search and indexing infrastructure;
    • Customer-support and communication tools.
  • At your direction — when you connect a third-party integration or share information with collaborators on your account.
  • Legal, safety, and compliance — when we believe disclosure is necessary to comply with law, enforce our Terms, protect Directify or our customers, or respond to claims.
  • Business transfers — in connection with a merger, acquisition, financing, or sale of all or part of our business; in such cases, the receiving party will be bound to honor this Privacy Policy or provide equivalent protection.

6. International Data Transfers

Directify is a global Service. Your information may be transferred to and processed in countries other than the one in which you reside, including the United States and the European Union. Where required, we rely on appropriate transfer mechanisms (such as the European Commission's Standard Contractual Clauses) to protect cross-border transfers.

7. Cookies and Tracking Technologies

We and our service providers use cookies and similar technologies for authentication, security, preferences, and analytics. You can control cookies through your browser settings and, where required by law, through our cookie banner. Disabling cookies may affect parts of the Services. Customer directories may also set their own cookies based on the customer's configuration; that activity is governed by the customer's own privacy notice.

8. Data Retention

We retain personal data for as long as necessary to provide the Services and for legitimate operational, legal, and accounting purposes. When you delete your account, we will delete or de-identify your personal data within a reasonable period, except where retention is required by law (for example, billing records) or to resolve disputes and enforce agreements.

9. Security

We implement administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit, access controls, regular backups, and isolation of customer environments. No system is perfectly secure, however, and we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at support@directify.app.

10. Your Privacy Rights

Depending on where you live, you may have the following rights regarding your personal information:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — request correction of inaccurate or incomplete data.
  • Erasure — request deletion of your data, subject to legal exceptions.
  • Restriction or objection — request that we limit or stop certain processing.
  • Portability — request your data in a structured, machine-readable format.
  • Withdraw consent — for any processing based on your consent.
  • Lodge a complaint — with your local data-protection authority.

California residents have additional rights under the CCPA/CPRA, including the right to know what personal information we collect, the right to delete, and the right to non-discrimination for exercising these rights. We do not "sell" personal information as that term is commonly understood, and we do not knowingly engage in "sharing" for cross-context behavioral advertising.

To exercise any rights, email us at support@directify.app. We may need to verify your identity before responding. We will respond within the time required by applicable law.

11. Children's Privacy

The Services are not directed to children under 18, and we do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us at support@directify.app and we will take reasonable steps to delete it.

12. Third-Party Links and Services

The Services may include links to third-party sites or third-party tools (e.g., payment, AI, analytics, or email providers). We are not responsible for the privacy practices of those third parties; please review their privacy policies before sharing information with them.

13. Data Breach Notification

In the event of a personal-data breach affecting your information, we will notify affected customers and, where required, regulators in accordance with applicable law and within the timelines required by law.

14. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted at this URL with a new effective date. For material changes, we will provide reasonable notice (for example, via email or in-product banner). Your continued use of the Services after the effective date constitutes acceptance of the updated policy.

15. Contact Us

For questions about this Privacy Policy or our data practices, contact:

Directify

Email: support@directify.app

By using the Services, you acknowledge that you have read and understood this Privacy Policy.