Privacy Policy
Last updated: April 4, 2026
The Short Version
- We do not store your verification codes. Codes are forwarded and immediately discarded.
- We do not sell or share your data. We only use it to run the relay service.
- We do not read your emails. We only scan for verification code patterns, nothing else.
- You can delete your account anytime. All email connections and recipient data are removed.
The full legal policy is below. Questions? Email us at hello@wsbroundtable.com
1. Introduction
Round Table Strategy LLC ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use Handoff (the "Service").
Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.
2. Information We Collect
Personal Information
We collect personal information that you voluntarily provide when using our Service, including:
- Name and contact information (email address)
- Account credentials (email and password)
- Email connection details (OAuth tokens for Gmail/Outlook, or IMAP credentials)
- Recipient email addresses you configure
Automatically Collected Information
When you access our Service, we may automatically collect:
- Device information (browser type, operating system)
- Log data (access times, pages viewed, IP address)
- Usage patterns and preferences
3. Email Scanning
To provide the Service, we connect to your email account and scan recent incoming messages for verification code patterns. This scanning process:
- Only detects verification codes. We do not read, index, or analyze any other email content.
- Does not store codes. Detected codes are forwarded to your recipients and immediately discarded.
- Uses deduplication hashes. We store a one-way hash to prevent forwarding the same code twice. The original code cannot be recovered from this hash.
- Runs on a schedule. Email polling occurs every 2 minutes while your account is active.
4. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the verification code relay service
- Process transactions and manage your account
- Send security alerts and administrative notifications
- Respond to your inquiries and provide customer support
- Protect against unauthorized access and legal liability
5. Data Storage and Security
We implement appropriate technical and organizational security measures to protect your personal information. These include:
- Encrypted OAuth tokens and IMAP credentials at rest
- MFA-protected account login
- Security alerts for account changes
- Encrypted connections (TLS) for all data in transit
No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
6. Data Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
- Service Providers: Trusted third parties who assist in operating our Service (payment processing, email delivery)
- Legal Requirements: When required by law or to respond to legal process
- Protection: To protect our rights, privacy, safety, or property
- Business Transfers: In connection with a merger, acquisition, or sale of assets
7. Service Providers (Subprocessors)
We use the following third-party service providers to operate and deliver our Service:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Database and Authentication | USA |
| Vercel | Application Hosting | USA/Global |
| Stripe | Payment Processing | USA |
| Resend | Transactional Email (MFA, alerts) | USA |
8. Your Rights and Choices
You have the right to:
- Access and receive a copy of your personal information
- Correct inaccurate or incomplete information
- Request deletion of your personal information
- Disconnect your email account at any time
- Remove recipients from your forwarding list
9. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act and California Privacy Rights Act, including the right to know, delete, correct, and opt out of the sale of personal information.
We do not sell or share your personal information for advertising purposes.
10. Data Retention
We retain your personal information for as long as your account is active. Verification codes are never stored. When you delete your account, all email connections, recipient configurations, and associated data are permanently removed.
11. Children's Privacy
Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us so we can take appropriate action.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
13. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
Round Table Strategy LLC
Email: hello@wsbroundtable.com