Privacy Policy

Last updated: May 17, 2026 | Effective: May 17, 2026

SaaSStatsHub ("we", "us", "our", or "the Site") is operated from Singapore and accessible globally. This Privacy Policy explains what personal information we collect, why we collect it, how we use it, who we share it with, and the rights you have over it.

By using this website, you agree to the practices described below. If you do not agree, please do not use the Site.

1. Who We Are

SaaSStatsHub publishes statistics, market data, and analysis about Software-as-a-Service products. The data controller for the purposes of GDPR, the data operator under Singapore's Personal Data Protection Act 2012 (PDPA), and the business under the California Consumer Privacy Act (CCPA / CPRA) is SaaSStatsHub, contactable at [email protected].

2. Information We Collect

2.1 Information you provide directly

2.2 Information collected automatically

2.3 Information we do not collect

For users in the European Economic Area, United Kingdom, and Switzerland, we rely on the following lawful bases under Article 6 of the GDPR:

4. How We Use Information

5. Cookies and Similar Technologies

We use a minimal set of cookies and tracking technologies. A complete list, including names, providers, purposes, and expiry, is maintained in our Cookie Policy. Where required by law (EEA / UK / California), non-essential cookies are loaded only after you grant consent via the on-site banner.

6. Advertising

We may display advertisements on the Site through Google AdSense or comparable advertising networks. These third-party services may use cookies, web beacons, and device identifiers to:

Google's use of advertising cookies is governed by Google's advertising policy. You may opt out of personalized advertising at Google Ads Settings or via the Digital Advertising Alliance opt-out tool.

We do not provide advertising networks with personally identifying information (such as your email address).

7. Third-Party Services We Use

We share limited data with the following service providers (sub-processors) strictly to operate the Site:

We do not sell or rent personal information to anyone.

8. International Data Transfers

Because we use US-based providers (Cloudflare, Google) and an EU-based provider (MailerLite), personal data may be transferred outside your country of residence. Where transfers from the EEA, UK, or Switzerland occur, they are protected by:

9. Data Retention

10. Children's Privacy

The Site is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact [email protected] and we will delete it.

11. Your Rights

11.1 Rights for everyone

11.2 Additional rights for EEA / UK / Swiss residents (GDPR)

11.3 Additional rights for California residents (CCPA / CPRA)

11.4 Singapore PDPA

Residents of Singapore may withdraw consent and request access or correction at any time by contacting [email protected]. We will respond within 30 days.

11.5 How to exercise your rights

Email [email protected] from the email address on file (if applicable). We may ask reasonable questions to verify your identity. We will respond within 30 days for GDPR/CCPA/PDPA requests, or sooner if required.

12. Do Not Track

Most browsers send a "Do Not Track" signal. There is no industry-standard interpretation of this signal. We treat the GPC (Global Privacy Control) signal as a valid opt-out for California residents under the CCPA.

13. Security

We protect data using HTTPS with TLS 1.2 or higher, HSTS preload-eligible configuration, Content Security Policy headers, encrypted secrets in our deployment platform, and least-privilege access. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security but commit to industry-standard practices.

14. Changes to this Policy

We may update this policy from time to time. The "Last updated" date at the top reflects the latest revision. Material changes will be announced via a banner on the Site for at least 30 days.

15. Governing Law

This policy is governed by the laws of the Republic of Singapore, without regard to conflict-of-law principles. Disputes arising in connection with this policy will be resolved in the courts of Singapore, except where local mandatory law (e.g., GDPR, CCPA, PDPA) gives you the right to use your local courts or supervisory authorities.

16. Contact

Privacy questions: [email protected]
General inquiries: [email protected]