Privacy Policy
Last updated: January 2026
Next 9 Months is a digital product by SpaaS LTD, a company registered in Bulgaria. We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, and protect the information you provide.
Who We Are
SpaaS LTD
Legal ID (EIK): 208363226
Registered in: Bulgaria
Email: info@next9months.com
What We Collect
Depending on how you use Next 9 Months, we may collect the following personal data:
Account and Authentication Data
- Email address
- Authentication method
- Account identifiers generated by our authentication provider
Subscription and Payment Data (Premium users only)
- Subscription plan and billing status
- Payment-related identifiers provided by our payment processor (e.g. customer ID, subscription ID)
- We do not store full payment card details
Usage and Technical Data (optional)
- Product usage and interaction events, only if you explicitly consent to analytics
- Device and browser information required for security and performance
Support and Communications
- Information you provide when contacting us for support or account-related inquiries
Why We Collect It
We use your data to:
- Create and manage your user account
- Authenticate users via Google OAuth or email link
- Provide access to Free and Premium features
- Manage subscriptions, billing status, and payments
- Send essential transactional emails (login links, account notices, subscription updates)
- Improve the reliability, security, and performance of the service
- Detect, prevent, and mitigate abuse, fraud, and automated bot activity
We do not sell your personal data to third parties.
Legal Basis for Processing
Under the General Data Protection Regulation (GDPR), we process personal data based on:
- Contractual necessity – to provide account access, features, and subscriptions
- Consent – for optional analytics and non-essential cookies
- Legitimate interests – to secure the platform, prevent abuse, and maintain service integrity
- Legal obligation – where required for accounting, tax, or regulatory compliance
You may withdraw your consent for optional processing at any time through cookie or privacy settings.
How We Store Your Data
We rely on the following service providers:
| Service | Purpose | Data Stored |
|---|---|---|
| Supabase | Authentication, database, and file storage | Account and application data |
| Vercel | Application hosting and infrastructure | No direct user personal data |
| Resend | Transactional email delivery | Email address and message metadata |
| Stripe | Payments and subscription management | Payment-related identifiers and billing status |
| PostHog | Product analytics (optional) | Usage and interaction data (only with consent) |
| Cloudflare Turnstile | Bot prevention and abuse protection | Security-related request signals |
| Sentry | Error monitoring and diagnostics | Technical error data with limited contextual information |
| Strapi | Blog content management | No user account or personal data |
All providers are GDPR-compliant or rely on approved data transfer mechanisms.
Cookies and Tracking
We use essential cookies required for authentication, security, and core application functionality.
Optional analytics cookies are used only after explicit consent via our cookie preferences interface.
You can manage or withdraw your consent at any time through the cookie preferences interface.
Additional details are available in our separate Cookies Policy.
Your Rights
Under GDPR, you have the right to:
- Access the personal data we store about you
- Request correction or deletion of your data
- Withdraw your consent at any time
- Lodge a complaint with a Data Protection Authority
- Request export of your personal data
- Request account deletion through the application (where available)
To exercise any of these rights, contact us at info@next9months.com.
Contact
If you have any questions about this Privacy Policy or how we handle your personal data, you can contact us at:
SpaaS LTD
Bulgaria
info@next9months.com