Privacy Policy

We collect the following categories of information:

• Account info — email, password (hashed), display name, account type, niche tags, location city/region/country.
• Brand info (if you're a brand) — company name, industry, website, logo, contact email, description.
• Profile content — bio, vibe tags, pinned posts, social account handles and follower counts pulled from public APIs you connect, audience demographics you provide.
• Deal activity — offers sent and received, messages exchanged in deals, posts submitted for verification, ratings and testimonials.
• Payment info — handled by Stripe; we store identifiers (Stripe account IDs, payment intent IDs) but never card numbers or bank details.
• Usage data — pages visited, features used, IP address, browser and device info, error logs.

We use your data to:

• Operate the marketplace — show profiles, match creators with brands, process deals
• Verify post delivery and trigger automatic refunds when posts come down early
• Process payments through Stripe and remit creator payouts
• Send transactional emails (offer received, deal accepted, payment events, etc.)
• Send product updates if you opt in
• Prevent fraud, abuse, and violations of our Terms
• Improve the product through aggregated analytics

We share data only as needed to operate the Service:

• With other users — your public profile (display name, bio, niche tags, social handles, ratings) is visible to other users of the marketplace.
• With Stripe — to process payments and manage creator payouts. See Stripe's privacy policy for how they handle data.
• With Supabase — our database and authentication provider. They process data on our behalf under their data processing agreement.
• With Vercel — our hosting provider, which handles HTTP traffic and deployment logs.
• With Resend (or our equivalent email provider) — to deliver transactional emails.
• For legal reasons — when required by law, court order, or to investigate fraud or abuse.

We do not sell your personal data.

We use essential cookies to keep you signed in and to remember UI preferences. We may use minimal analytics cookies to understand product usage in aggregate. We do not run advertising trackers.

We retain your account data for as long as your account is active. After you close your account, we retain the minimum needed to comply with legal, tax, and dispute obligations (typically up to seven years for financial records). Deal history may be retained in anonymized form for analytics.

Depending on your jurisdiction, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data (subject to legal retention requirements)
• Export your data in a portable format
• Object to certain processing
• Withdraw consent for marketing communications

To exercise any of these, email hello@getplug.io. We'll respond within 30 days.

Plug is not directed to children under 18. We do not knowingly collect personal data from minors. If you believe a minor has signed up, contact us and we'll remove the account.

Plug operates from the United States. If you access the Service from outside the U.S., your data will be transferred to and processed in the U.S. We rely on standard contractual clauses or equivalent safeguards where required by law.

We use industry-standard safeguards: encrypted connections (HTTPS), encrypted storage for sensitive fields, row-level security on the database, and limited access by Plug staff. No system is perfect; we'll notify affected users in the event of a breach that materially affects their data.

We may update this Privacy Policy over time. Material changes will be announced via email or in-app notice. Continued use of the Service after a change constitutes acceptance of the updated policy.

Privacy questions? Email hello@getplug.io.