Privacy Policy

Effective Date: May 29, 2025

This Privacy Policy explains how CMA Forms (forms.thecma.xyz) collects, uses, and protects your information. We are committed to maintaining your trust and safeguarding your privacy.

1. Information We Collect

• Authentication Information: When you sign in with Google, we receive your name, email address, and profile photo through Google’s OAuth 2.0 service.
• Email/Password Users: If you sign in without Google, we collect your email and securely manage your password using Firebase Authentication's hashing mechanisms.
• Form Responses: Your submitted form responses are securely stored in Firebase Firestore, ensuring privacy and reliability.
• Metadata: We may log basic analytics such as submission timestamps, approximate IP-based location (country level), and device type to improve security and detect spam or abuse.

2. How We Use Your Information

• To authenticate users and manage sessions securely.
• To display and manage forms and their responses for form creators.
• To enable optional email notifications related to your forms.
• To monitor and prevent abuse, fraud, and security threats.

3. Data Storage and Security

• We use Firebase Authentication and Firestore, hosted on Google Cloud Platform, to securely store and manage data.
• Your passwords are never stored in plaintext; Firebase handles secure hashing and authentication.
• No financial or sensitive payment data is collected or stored.

4. Data Sharing and Export

We do not share your personal data with third parties.

Form creators can export their form responses locally in formats such as CSV, XLSX, or PDF using integrated tools like SheetJS and jsPDF.

Data visualization is handled locally using Chart.js; no data is sent to external analytics services.

5. Your Rights

You can request deletion of your account or any form data at any time by contacting us at chrismaje63@gmail.com. We will process such requests promptly.

6. Third-Party Services Used

• Google Sign-In (OAuth 2.0) for authentication
• Firebase Authentication & Firestore (Google Cloud) for user and data management
• Chart.js for local data visualization
• SheetJS and jsPDF for local data export (spreadsheets and PDFs)

7. Updates to This Policy

We may update this policy as the platform evolves. Major changes will be communicated, and continued use after updates indicates acceptance.

Contact

If you have questions or concerns, please email us at chrismaje63@gmail.com.