Privacy Policy

WatchMySubs ("we", "our", "us") is a subscription monitoring service operated by H2M Labs, an independent software studio based in India. Our service is available at watchmysubs.com. You can contact us at hello@watchmysubs.com.

We collect only what is necessary to provide the service:

• Account information: Your email address and name, provided when you sign up via Clerk (our authentication provider).
• Forwarding address: A unique email alias we generate for you (e.g. u_abc123@inbox.watchmysubs.com) so you can forward receipts to us.
• Billing event metadata: When we process a receipt, we extract and store the vendor name, charge amount, currency, billing cycle, event date, and email subject line. We never store the full email body.
• Payment information: Processed entirely by Dodo Payments. We store only your Dodo Payments customer ID and subscription ID — never your card number or payment details.
• Usage data: Basic event logs (e.g. account created, OAuth connected) for auditing. No IP addresses are retained beyond what our hosting provider logs automatically.

• Raw email bodies — emails are read, parsed, and immediately discarded.
• Email attachments.
• Passwords — authentication is managed by Clerk.
• Advertising IDs, cross-site tracking cookies, or data used for ad targeting.

• To detect billing anomalies (price changes, duplicate charges, trial conversions, failed payments, zombie subscriptions) and alert you.
• To send you weekly digest emails and real-time alert emails.
• To operate your account and enforce plan limits.
• To process payments via Dodo Payments.
• To debug errors and monitor service health via Sentry.

We do not sell your data. We do not use your data for advertising. We do not share your data with third parties beyond the service providers listed below.

We share data with the following providers only to the extent necessary to operate the service:

We retain your data for as long as your account is active. If you delete your account, all your data — charges, subscriptions, alerts, preferences, Gmail connection — is permanently and immediately deleted via database cascade. No backups containing your data are retained after 30 days.

You have the right to:

• Access your data — use the data export feature in Settings.
• Delete your data — use the account deletion feature in Settings. Deletion is immediate and permanent.
• Port your data — export as JSON from Settings at any time.
• Correct your data — contact us at hello@watchmysubs.com.
• Object to processing — contact us at hello@watchmysubs.com.

These rights apply under GDPR (EU/UK users) and the Digital Personal Data Protection Act 2023 (Indian users).

We use three categories of cookies:

• Essential cookies: Set by Clerk for authentication and session management. Required for the Service to function.
• Analytics cookies: Google Analytics 4 collects anonymised page-level data (e.g. which pages are visited, session duration). No personally identifiable information is sent to Google.
• Behavioural analytics: Microsoft Clarity collects anonymised interaction data (heatmaps, session recordings) to help us understand how users navigate the Service. Clarity does not identify you by name or email address.

We do not use advertising cookies or sell any analytics data. You can limit analytics tracking by enabling Do Not Track in your browser or using a content blocker.

You can opt out of Microsoft Clarity session recording by visiting Microsoft's Privacy Statement or by enabling Global Privacy Control (GPC) in your browser.

See our Security page for a full description of our security practices. In summary: data is encrypted at rest and in transit, OAuth tokens are AES-256-GCM encrypted, and we never store raw email content.

If we make material changes to this policy, we will notify you by email at least 14 days before the changes take effect. Continued use of the service after that date constitutes acceptance.

For privacy questions or requests: hello@watchmysubs.com.