VisualJJ

Privacy Policy

How VisualJJ collects, uses, and protects your information.

Privacy Policy

Effective date: 13 November 2025
Data Controller: VisualJJ Limited (Company No. 16824558), 86–90 Paul Street, London, EC2A 4NE, United Kingdom
Contact (privacy/DSRs): privacy@visualjj.com

This policy explains how we handle personal data when you use the VisualJJ website, extension/app, and related services (the “Services”). It applies under the UK GDPR and Data Protection Act 2018, and, where applicable, the EU GDPR.

1. Data we collect

  • Website/account: email, name, hashed password (if accounts are offered), preferences; standard web logs (IP, browser/OS, pages, timestamps).
  • Billing: processed by Paddle (Merchant of Record). We receive payment status and invoice metadata, not full card data.
  • Analytics: we use Plausible Analytics (cookieless). We do not use tracking/advertising cookies on visualjj.com. Paddle may set essential cookies on its own domain for payments and fraud prevention.
  • Telemetry (extension/app): feature usage counts, performance metrics, crash/error logs, and non-sensitive configuration; limited repository metadata (e.g., hashed IDs, aggregate counts) to operate features and plan limits. We do not collect your code or private repository content unless you explicitly opt in (e.g., to use certain AI features or when you share a snippet with support). You can opt out via settings.
  • Tokens: when used with VS Code, access tokens (e.g., GitHub) are managed by the editor/OS keychain. VisualJJ does not store these unless explicitly stated in-product.

2. Why we use it

To provide and secure the Services, process subscriptions and license entitlements, improve reliability and performance, communicate important updates, provide support, and enforce plan limits and acceptable use.

Performance of a contract; legitimate interests (security, improvement, non-invasive analytics); consent where required; legal obligations (e.g., tax/accounting).

4. Sharing

Only as needed to provide the Services:

  • Paddle (billing/VAT/fraud), Vercel (website hosting/logs), AWS (content/storage), Microsoft Marketplace / OpenVSX (distribution), GitHub/GitLab APIs (integration), and basic analytics/logging (e.g., Plausible).
  • Professional advisors and authorities where required by law. We do not sell personal data.

5. International transfers

Data may be processed in the UK, EEA, US, or other countries. Where required, we use appropriate safeguards for transfers.

6. Retention

We keep data only as long as necessary for the purposes above and to meet legal requirements. Typical periods:

  • Web/server logs: 30–90 days.
  • Telemetry/logs: 30–180 days (longer if needed for security/debugging).
  • Billing/subscription records: 6 years (statutory).

7. Security

We use reasonable technical and organisational measures (TLS, access controls, least-privilege). No method is 100% secure; please keep your systems and credentials safe.

8. Your rights

Subject to law, you may request access, correction, deletion, portability, or restriction/objection. Where we rely on consent, you can withdraw it at any time. You may object to direct marketing at any time, and we will stop. Requests: privacy@visualjj.com.
Complaints: UK — Information Commissioner’s Office (ico.org.uk); EEA — your local data protection authority.

9. Children

The Services are not intended for children under 16. We do not knowingly collect data from children.

10. Changes

We may update this policy and will post the revised version with an updated effective date.