Privacy Policy
Effective date: March 20, 2026
1. Overview
TTP Finder (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using the Service you agree to the practices described here.
2. Information We Collect
2a. Information you provide
- Google Sign-In: When you authenticate with Google we receive your name, email address, and profile photo from Google OAuth. We do not receive your Google password.
- Tracker preferences: Notification settings you configure (e.g. preferred notification channel, days-ahead threshold).
- Telegram chat ID / phone number (premium): Only if you voluntarily provide them to enable premium notification channels.
2b. Automatically collected information
- Usage data: Standard server request logs including IP address, browser type, pages visited, and timestamps. Logs are retained for up to 30 days.
- Session cookies: NextAuth.js sets a secure, HTTP-only session cookie to keep you signed in. No third-party tracking cookies are used.
2c. Information we do NOT collect
- Payment or credit card information.
- Your CBP/TTP account credentials — we never ask for or store these.
- Precise location data.
3. How We Use Your Information
- To provide and operate the Service (authentication, trackers, notifications).
- To send appointment availability emails via Brevo when you have an active tracker with email notifications enabled.
- To enforce usage limits (e.g. one tracker for regular accounts).
- To improve the Service and diagnose technical issues.
- To comply with legal obligations.
We do not sell, rent, or share your personal data with third parties for marketing purposes.
4. Data Storage and Security
Your data is stored in MongoDB Atlas (cloud-hosted) in the United States. We use industry-standard security practices including encrypted connections (TLS), environment-variable-based secret management, and minimal data retention.
While we take reasonable precautions, no internet transmission or storage system is 100% secure. We cannot guarantee absolute security.
5. Third-Party Services
| Service | Purpose | Privacy Policy |
|---|---|---|
| Google OAuth | Sign-in authentication | Google Privacy |
| MongoDB Atlas | Database hosting | MongoDB Privacy |
| Brevo | Transactional email delivery | Brevo Privacy |
| Vercel | Application hosting | Vercel Privacy |
6. Emails and Notifications
If you enable email notifications, TTP Finder will send appointment availability alerts to your registered email address via Brevo. You can disable email notifications at any time from your tracker settings in the dashboard. You may also contact us to opt out entirely.
7. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion of your account and associated data.
- Object to or restrict certain processing activities.
- Data portability.
To exercise any of these rights, email us at [email protected]. We will respond within 30 days.
8. Children's Privacy
The Service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the effective date and, where appropriate, by email. Continued use of the Service constitutes acceptance of the updated policy.
10. Contact Us
Questions or concerns about this policy? Reach us at [email protected].