Skip to content
EasyToPaste

Privacy Policy

Last updated: 5 June 2026

This Privacy Policy explains how Name It Integraci Ltd., a company registered in Israel (company no. 515205128, HaBa'al Shem Tov 4, Herzliya, Israel) ("EasyToPaste", "we") collects, uses, and protects personal data when you use the EasyToPaste website, applications, and API (the "Service"). We are the data controller for the personal data described below.

1. Our zero-knowledge design comes first

The content of your secrets is encrypted in your browser before it reaches us. We store only ciphertext and a minimal envelope of metadata. We never receive or store your decryption keys, passphrases, or plaintext, and we cannot read your content. This means the privacy risk to your shared content is bounded by design — not just by our promises.

2. Data we collect

  • Account data — email address, display name, and OAuth identifier (if you sign in with Google or another provider).
  • Authentication data — session and refresh tokens, and (if enabled) two-factor settings.
  • Secret envelope metadata — locator, size, content type, expiry, view count, and creator (where signed in). Not the content itself.
  • Billing data — plan, subscription status, and purchase history. Card details are handled by Paddle, our Merchant of Record; we do not store card numbers.
  • Usage and analytics — first-party, aggregated product analytics; non-essential analytics cookies are used only with your consent where required.
  • Technical data — IP address (truncated in logs), device/browser information, and audit events for security.
  • Support correspondence — messages you send us.

3. How and why we use data (legal bases)

  • To provide the Service (accounts, login, storing ciphertext) — performance of a contract.
  • To process payments and prevent fraud — contract and legal obligation (via Paddle).
  • To secure the Service (rate limiting, audit logs, abuse prevention) — legitimate interest and legal obligation.
  • To measure and improve the Service — legitimate interest; consent for non-essential cookies where required.
  • To send marketing emails — only with your consent; you can opt out at any time.

4. Payments and Paddle

Purchases are processed by Paddle.com Market Ltd. as Merchant of Record. When you buy a plan, Paddle collects and processes your payment and billing information as an independent controller for that purpose, under Paddle's Privacy Notice. We receive transaction metadata (plan, status, invoice references) but not your full card details.

5. Sharing and sub-processors

We do not sell your personal data. We share data only with service providers that help us run the Service, under contract and only as needed — for example cloud hosting (AWS), payments (Paddle), email delivery, OAuth providers you choose, and analytics/error-tracking. We may disclose data where required by law or to protect the rights, safety, and security of users and the Service.

6. International transfers

We may process data in Israel, the United States, and the EU/EEA. Where data is transferred across borders, we rely on appropriate safeguards such as the EU adequacy decision for Israel, Standard Contractual Clauses, or other lawful transfer mechanisms.

7. Retention

We keep account data until you delete your account (plus a short backup tail). Secret ciphertext is retained only until it expires, is burned on read, or reaches its maximum lifetime. Billing records are retained as required by tax law. Logs and truncated IP data are kept for limited security windows.

8. Your rights

Depending on where you live (including under the EU/UK GDPR, the Israeli Protection of Privacy Law, and US state privacy laws such as the CCPA/CPRA), you may have the right to access, correct, delete, export, or restrict the processing of your personal data, to object to certain processing, and to withdraw consent. We honor Global Privacy Control (GPC) opt-out signals. We do not sell or "share" personal data for cross-context behavioral advertising.

To exercise any right, email privacy@easytopaste.com. We respond within the timeframes required by applicable law. You also have the right to lodge a complaint with your local supervisory authority (in Israel, the Privacy Protection Authority).

9. Cookies

We use strictly necessary cookies for sign-in, language, theme, and to remember your consent choice. Non-essential analytics cookies are used only where you have consented (EU/UK/IL) or have not opted out (elsewhere). You can change your choice at any time.

10. Children

The Service is not directed to children. You must be at least 16 years old to use it. We do not knowingly collect personal data from children under 16.

11. Changes

We may update this Privacy Policy from time to time. We will post the updated version here and revise the "Last updated" date; for material changes we will provide additional notice where required.

12. Contact

Privacy questions or requests: privacy@easytopaste.com. General contact: legal@easytopaste.com.