LegalLast updated

Privacy Policy

We collect the minimum personal data needed to run a creator marketing platform, and we tell you what each piece is used for. This policy explains the details — including how to export your data and delete your account in two clicks.

Plain-English summary

  • We process your account data, content, and basic device telemetry to run the service.
  • Payments are handled by Polar; we never see full card numbers.
  • You can export everything we have on you, or permanently disable your account, from Settings → Account.
  • We don’t sell personal data and we don’t run third-party advertising.

1. Data we collect

We collect data in three ways:

  • You give it to us. Email, password (hashed with bcrypt), display name, chosen username, profile bio and avatar, the content you upload, and your social-channel OAuth grants.
  • It is generated as you use the service. Posts you schedule, scheduled times, publish results, billing events, coin ledger entries, and audit logs.
  • Automatic. IP address (truncated for analytics), user agent, coarse device type, page-view events (only with your consent — see Cookies), and error stack traces sampled by Sentry.

2. How we use it

  • To operate the service: authentication, scheduling, publishing, payments, support.
  • To improve the product: aggregate analytics, debugging, A/B experiments.
  • To keep the service safe: rate limiting, fraud prevention, abuse moderation.
  • To comply with the law: tax records (held by Polar as merchant of record), DMCA, lawful requests.

If you are in the EEA, UK, or Switzerland, we rely on the following bases:

  • Contract — to deliver the service you signed up for.
  • Legitimate interest — fraud prevention, debugging, product analytics in aggregate.
  • Consent — non-essential cookies, marketing emails (you can withdraw any time).
  • Legal obligation — tax, accounting, lawful requests.

4. Who we share with

We share data with sub-processors that perform a specific function under contract. Current sub-processors:

  • MongoDB Atlas (US) — primary application database.
  • Cloudflare R2 (global) — object storage for uploaded media.
  • Polar (merchant of record) — checkout, subscriptions, invoicing, tax remittance.
  • Firebase Authentication (Google LLC) — federated sign-in and credential storage.
  • Resend — transactional email (signup, billing receipts, security alerts, account-deletion confirmation, contact form).
  • PostHog — product analytics; only loaded after you accept analytics cookies.
  • Sentry — error monitoring; we strip request bodies and known PII fields before send.
  • Inngest — background job execution (scheduled publishing, webhook fan-out).
  • Vercel — application hosting and edge network.
  • Social platforms you connect (Meta, TikTok, YouTube, X, LinkedIn, Pinterest) — we only send what you explicitly asked us to publish.

We never sell personal data, and we do not share data with advertising networks for cross-site behavioral advertising.

5. International transfers

Repping.AI is operated from the United States. When you use the service from outside the US, your data is transferred to the US under Standard Contractual Clauses (SCCs) or equivalent safeguards, depending on your jurisdiction. We undertake supplementary measures (encryption in transit, encryption of OAuth tokens at rest with a dedicated KMS key) to maintain a level of protection essentially equivalent to that of your home jurisdiction.

6. Retention

  • Account record: while your account is active, plus 30 days after closure (for fraud and chargeback windows).
  • Posts and ledger entries: retained for audit even after account closure, with the user reference redacted to a tombstone identifier.
  • Billing records: 7 years (tax law).
  • Webhook events and security logs: 90 days.
  • Sentry error events: 90 days.
  • Backups: rolling 30-day window, then purged.

7. Security

We use TLS 1.2+ for transport, bcrypt for password hashing, AES-256-GCM with envelope encryption for OAuth tokens at rest, scoped IAM policies for storage access, JWT sessions with short rotation windows, and Standard Webhooks signature verification for inbound payment events. We run least-privilege access controls and rotate secrets on a regular cadence. No system is unbreakable; we will notify you and competent authorities of breaches affecting your data within statutory windows.

8. Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, or port your personal data, and to object to certain processing. You can exercise the most common rights yourself:

  • Access / portability: Export my data downloads a JSON file with your user record, posts, channels (without OAuth tokens), ledger entries, and recent webhook events.
  • Erasure: Delete my account permanently disables the account, redacts your email and personal fields, revokes connected OAuth tokens, and clears billing identifiers. Posts are retained for audit but are detached from your identity.
  • All other requests: email us via the contact form. We will respond within 30 days.

EEA users may also lodge a complaint with their local supervisory authority. California users have the right to opt out of “sale” or “sharing” under the CCPA/CPRA — we don’t do either, but the cookie banner provides a way to disable analytics cookies regardless.

9. Children

The service is not directed to children under 16 and we do not knowingly collect data from them. If you believe a child has created an account, contact us and we will remove it.

10. Changes

We will post any material change here with a refreshed “last updated” date, and notify active users by email or in-app banner.

11. Contact

Data protection inquiries: use the contact form or email support@repping.ai with “Privacy” in the subject line.