← Back to profiles

Privacy Policy

Last updated: March 2026

1. Who We Are

MRR.fyi ("the Service", "we", "us") is operated by [Legal Entity Name], [Registered Address]. For privacy-related enquiries, contact us at contact@mrr.fyi.

2. Data We Collect and Why

We collect the following categories of personal data:

  • Account & profile data — name, email address, product name, website URL, and self-reported MRR figures you submit. Legal basis: performance of a contract (Art. 6(1)(b) GDPR).
  • Payment data — billing details collected and processed by Lemon Squeezy on our behalf. Legal basis: performance of a contract.
  • Usage & analytics data — server logs, page views, referrer URLs, and browser type. Legal basis: legitimate interests (Art. 6(1)(f) GDPR) — operating and improving the Service.
  • Communications — emails you send to us and replies we send you. Legal basis: legitimate interests.

We do not collect sensitive personal data (special-category data under Art. 9 GDPR).

3. How We Use Your Data

  • Provide, maintain, and improve the Service
  • Display your verified profile and MRR publicly (where you have opted in)
  • Process subscription payments via Lemon Squeezy
  • Send transactional emails (subscription confirmation, billing receipts)
  • Comply with legal obligations

We do not sell, rent, or share your personal data with third parties for their own marketing purposes.

4. Third-Party Processors

We share data with the following processors who act on our documented instructions:

  • Lemon Squeezy — payment processing and subscription management (Merchant of Record). Your billing details are handled under their privacy policy and PCI-DSS compliance.
  • Vercel — cloud hosting and edge delivery. Server logs may include IP addresses.
  • Analytics provider — aggregate, anonymised traffic analytics (no cross-site tracking).

All processors are contractually bound to process data only on our behalf and in accordance with applicable data protection law.

5. International Transfers

Our processors may store or process data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place — including Standard Contractual Clauses (SCCs) approved by the European Commission — so that your data receives equivalent protection.

6. Data Retention

  • Account & profile data — retained for the duration of your account plus 12 months after deletion, unless a longer period is required by law.
  • Payment records — retained for 7 years to comply with tax and accounting obligations.
  • Server logs — retained for up to 90 days.

After the applicable retention period, data is securely deleted or irreversibly anonymised.

7. Your Rights

If you are located in the EEA, UK, or Switzerland, you have the following rights under applicable data protection law:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — ask us to correct inaccurate or incomplete data.
  • Erasure ("right to be forgotten") — ask us to delete your data where there is no legitimate reason for us to continue processing it.
  • Portability — receive your data in a structured, machine-readable format and transfer it to another controller.
  • Objection — object to processing based on legitimate interests or for direct marketing purposes.
  • Restriction — request that we restrict processing of your data in certain circumstances.

To exercise any of these rights, email contact@mrr.fyi with the subject line "Data Rights Request". We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority (for EEA residents, the relevant Data Protection Authority).

8. Cookies

We use essential cookies required for the Service to function (session management, authentication). We may use analytics cookies in an anonymised, aggregate manner. You can disable non-essential cookies in your browser settings; doing so may affect some features of the Service.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by posting the revised policy here with an updated date and, where required by law, by email. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

10. Contact

Privacy questions or requests? Email us at contact@mrr.fyi.