Privacy Policy
Last updated · July 3, 2026
This Privacy Policy explains what data seenpaid (the “Service”) collects, why, and what choices you have. We aim to collect only what we need to run the Service.
1. Data we collect
- Account data — your email, workspace name, and a securely hashed password. If you sign in with Google, we receive your name, email, and profile picture.
- Connected-account credentials — access tokens for the social and payment accounts you connect. These are encrypted at rest and used only to act on your behalf (publish posts, read payment data) as you direct.
- Content — the posts, captions, media, and schedules you create.
- Attribution data — clicks on your tracked links (with a first-party cookie, IP, and user-agent), and payment events read from your connected Stripe account, used to match sales to posts.
- Billing data — handled by Stripe. We store a Stripe customer ID and your plan status; we never see or store full card numbers.
- Usage & logs — basic technical logs needed to operate and secure the Service.
2. Cookies
We use essential cookies to keep you logged in. Our link tracker sets a first-party cookie (cp_tid) so a sale made days after a click can still be matched to the post that drove it. We don’t use third-party advertising cookies. You can clear cookies in your browser at any time; doing so may reduce attribution accuracy.
3. How we use data
To provide and secure the Service: authenticate you, publish and schedule your posts, compute per-post revenue attribution, process your subscription, and communicate with you (for example, password-reset and account emails). We do not sell your personal data.
4. Service providers we share with
We share data only with providers that help us run the Service, including:
- Stripe — billing and (via Connect) reading your revenue;
- Google, X, LinkedIn, Meta, TikTok, Bluesky — the accounts you connect;
- Resend — transactional email;
- Railway, Vercel, Cloudflare R2 — hosting, database, and media storage.
Each processes data under its own privacy terms.
5. Data retention & deletion
We keep your data while your account is active. You can permanently delete your account and all associated data at any time from Settings → Delete account. Deletion removes your posts, connected accounts, tokens, and attribution data from our database. Some data may persist briefly in backups before being overwritten.
6. Your rights
Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to certain processing. You can exercise access and deletion directly in the app, or email us at justinasrolando@gmail.com for anything else.
7. Security
We use industry-standard measures including encrypted connected-account tokens, hashed passwords, scoped multi-tenant access, and transport encryption (HTTPS). No system is perfectly secure, but we work to protect your data.
8. International users
Your data may be processed in countries other than your own, including the United States and the EU, by us and our providers. By using the Service you consent to this processing.
9. Changes
We may update this policy from time to time. We’ll update the date above and, for material changes, try to notify you.
10. Contact
Questions about your privacy? Email justinasrolando@gmail.com.
This document is a general template and not legal advice. Have a lawyer review it before relying on it for a real business.