Privacy Policy
Last updated: June 25, 2026
Plug is operated by Plug Marketplace LLC, 522 W Riverside Ave STE N, Spokane, WA 99201 (“Plug,” “we,” “us”). This policy explains how we collect, use, and protect your information.
1. What we collect
We collect the following categories of information:
- Account info — email, password (hashed), display name, account type, niche tags, location city/region/country.
- Brand info (if you're a brand) — company name, industry, website, logo, contact and business email, description, and your brand-verification status (we verify a business email and may review the brand before certain actions).
- Profile content — bio, vibe tags, pinned posts, social account handles and follower counts pulled from public APIs you connect, audience demographics you provide.
- Connected platform data (OAuth) — when you choose to connect a social platform through OAuth (YouTube via Google; Twitch; Kick; TikTok; and Instagram via Meta), we read your account’s public statistics (subscriber or follower count) and basic identity (your channel ID, handle, or username) to show a verified follower count on your Plug profile and keep it current. To refresh that count over time, we store the access and refresh tokens the platform issues — encrypted at rest and used only to re-read your public follower or subscriber count on a periodic schedule. These tokens never let us read your videos, comments, messages, or email, and we never post, change, or delete anything on your connected account. When you disconnect a platform — or close your account — we delete the stored tokens and stop refreshing. Platforms we don’t support through OAuth (such as X or Lemon8) are self-declared — you enter the handle and follower count yourself.
- Connected Pinterest data (OAuth) — if you connect Pinterest to take Pinterest Pin deals, you authorize Plug through Pinterest’s OAuth consent screen for read-only access only: pins:read, boards:read, and user_accounts:read. We use these to read your own Pins, boards, and basic account identity (your username) for a single purpose — to verify that a Pin you were paid to publish was actually posted to your account and stayed live for the agreed window. We never post, pin, edit, follow, message, or change anything on your Pinterest account; we hold no write access. We store the access and refresh tokens Pinterest issues encrypted at rest, used only for these reads. We don’t keep a copy of your Pinterest content or an ongoing mirror of your account: we re-read your Pin from Pinterest when a deal needs verifying. We retain only a minimal proof-of-delivery record on the deal — the Pin’s link, a one-way content fingerprint, and our verification result — so both you and the brand have a durable, tamper-evident record that the Pin was delivered. When you disconnect Pinterest — or close your account — we delete the stored tokens and stop reading.
- Deal activity — offers sent and received, messages exchanged in deals, posts submitted for verification, ratings and testimonials.
- Shipping details (gifted campaigns) — if you accept a gifted campaign, you provide a shipping name and mailing address so the brand can send the product. It’s used only to fulfill that campaign, shared with that brand, and never shown on your public profile.
- Phone number (optional) — if you verify your phone, we store a one-way hashed form of it to confirm it’s you. We don’t display it.
- In-person event details — for appearance bookings we store the deal’s logistics and the brand’s on-site host contact (name, phone, email), any credentials or files attached, and your post-event verification photos. Photos may carry embedded location and timestamp (EXIF) data, which becomes part of the deal’s private record.
- Legal name (in-person, optional) — your verified legal name is held by Stripe. For some in-person bookings you can choose to share it with the brand for entry or credentials; we record that choice.
- Livestream data (livestream rider) — if a booking includes a livestream, we record that your connected channel went live during the event window and capture stream metadata and periodic frames as proof, stored privately on the deal.
- Support & AI inputs — when you use our in-app support assistant or AI brief-drafting tools, we process the text you submit. Support conversations are logged so we can answer and follow up.
- Payment info — handled by Stripe; we store identifiers (Stripe account IDs, payment intent IDs) but never card numbers or bank details.
- Usage data — pages visited, features used, IP address, browser and device info, error logs.
- Login & security records — when you sign up or sign in, we record the event with the IP address and browser/device (user-agent) at that moment. We use these records to detect fraud, abuse, duplicate or coordinated accounts, and Terms violations. They’re kept only as long as needed for security and fraud prevention, then deleted.
- Precise location (in-person deals only) — when you check in at an event venue or capture an event photo, we record your device’s GPS location and the time at that moment to confirm attendance. We collect this only when you actively check in or take a photo, and only for in-person appearance deals. It becomes part of that deal’s private record, visible to you, the other party to the deal, and Plug (for dispute review). The receipt and dispute views show your distance from the venue, not a map or street address.
- Push notifications — if you enable them, we store the push subscription your browser issues so we can deliver alerts. You can revoke it any time in your browser or notification settings.
2. How we use it
We use your data to:
- Operate the marketplace — show profiles, match creators with brands, process deals
- Verify post delivery and apply the deal’s refund and post-survival rules
- Calculate your Plug Score and power features like Discover ranking, verification, and the support assistant
- Process payments through Stripe and remit creator payouts
- Send transactional emails (offer received, deal accepted, payment events, etc.)
- Send product updates and marketing emails — you can opt out any time via the unsubscribe link or your settings; transactional emails about your deals and account are always sent
- Detect and prevent fraud, abuse, and Terms violations, and review verifications, deals, and disputes — including with automated tools and AI
- Improve the product through aggregated analytics
3. Sharing
We share data only as needed to operate the Service:
- With other users — your public profile (display name, bio, niche tags, social handles, ratings) is visible to other users of the marketplace.
- With the brand or creator you’re dealing with — information tied to a specific deal is shared with the other party to complete it: for example your shipping address on a gifted campaign, or (if you choose) your legal name on an in-person booking.
- With Stripe — to process payments and manage creator payouts. See Stripe's privacy policy for how they handle data.
- With Supabase — our database and authentication provider. They process data on our behalf under their data processing agreement.
- With Vercel — our hosting provider, which handles HTTP traffic and deployment logs.
- With Resend (or our equivalent email provider) — to deliver transactional emails.
- With Cloudflare — for security, bot detection, and spam prevention, including the verification challenge on signup. This may process your IP address and request metadata.
- With our error-monitoring provider (Sentry) — to capture diagnostic and crash data, which can include IP address and device/browser details, so we can fix problems.
- With browser push services (such as Apple, Google, or Mozilla) — if you enable notifications, to deliver them to your device.
- With a mapping / geocoding provider — for in-person deals, venue addresses you enter are sent to a maps provider to validate and locate them.
- With our AI provider (Anthropic) — when you use AI brief-drafting or the support assistant, the text you submit is sent to Anthropic to generate a response. We don’t send your contact details or other users’ data, and your inputs are not used to train AI models.
- With post-preview services (such as APIFlash, Thum.io, and Microlink) — when you submit a post link for verification, the link is sent to these services to capture a screenshot and basic preview for the deal record.
- With the public (license verification) — a content license’s verification page (getplug.io/verify/…) is accessible to anyone who has the link. It shows only scoped, public-safe fields (see section 10) — never your messages, payment details, contact info, or IP/device data.
- For legal reasons — when required by law, court order, or to investigate fraud or abuse.
We do not sell your personal data.
4. Cookies and tracking
We use essential cookies to keep you signed in and to remember UI preferences. We may use minimal analytics cookies to understand product usage in aggregate. We do not run advertising trackers.
5. Data retention
We retain your account data for as long as your account is active. After you close your account, we retain the minimum needed to comply with legal, tax, and dispute obligations (typically up to seven years for financial records). Deal history may be retained in anonymized form for analytics.
6. Your rights
Depending on your jurisdiction, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your data (subject to legal retention requirements)
- Export your data in a portable format
- Object to certain processing
- Withdraw consent for marketing communications
To exercise any of these, email . We'll respond within 30 days.
Deleting your data: you can delete your account yourself any time in Settings → Account → Delete account, or disconnect an individual platform in Profile → Platforms. Deleting your account removes or anonymizes your public profile and frees your handle; transaction and financial records are retained in anonymized form where the law requires (see retention above). Full step-by-step instructions — including data obtained from connected accounts like Instagram or Pinterest — are on our Data Deletion page.
7. Children
Plug is not directed to children under 18. We do not knowingly collect personal data from minors. If you believe a minor has signed up, contact us and we'll remove the account.
8. International transfers
Plug operates from the United States. If you access the Service from outside the U.S., your data will be transferred to and processed in the U.S. We rely on standard contractual clauses or equivalent safeguards where required by law.
9. Security
We use industry-standard safeguards: encrypted connections (HTTPS), encrypted storage for sensitive fields, row-level security on the database, and limited access by Plug staff. No system is perfect; we'll notify affected users in the event of a breach that materially affects their data.
10. Content License Certificate & verification
When a brand licenses your content, Plug creates a Content License Certificate — a record of the agreement plus supporting metadata. This involves some additional data:
- Acceptance log — when you send or accept a content-license offer, we record who accepted, the server timestamp, your IP address, your browser/device (user-agent), and a hash of the exact terms you were shown. This is the certificate’s record that both sides agreed. Unlike our short-lived login/security records, this acceptance log is kept as part of the deal’s durable record for as long as the certificate needs to stay verifiable. We never show your raw IP or device to the other party or on the public page — the certificate shows only that you “accepted in-app” and when.
- File fingerprint — when a licensed master file is delivered, we compute a SHA-256 fingerprint (a checksum) of the file so the certificate is tied to that exact file. It’s a mathematical digest, not personal data, and doesn’t reveal the file’s contents.
- Public verification page — each certificate can have a public page at getplug.io/verify/… that anyone with the link can open, with no login. This page is off by default: it exists only if you (the creator/licensor) choose to publish that specific deal’s link, and you can revoke it at any time from Settings → Shared deals, which takes the public page down. When published, it shows the parties’ display names, the licensed work, the license terms and dates, the current status, the file fingerprint, and the acceptance timeline. It deliberately excludes your messages, payment and escrow details, contact information, and raw IP/device data. Treat a published link as shareable.
- Enforcement notices — if a license expires or is revoked for cause and you ask Plug to step in, we may email the brand’s account contact a notice to remove or renew. If the matter proceeds to a takedown, you (the creator and copyright owner) prepare and send a DMCA notice to the platform hosting the content — in good faith and, we recommend, with your own legal advice. Plug only helps you get ready and does not send or file it for you. A DMCA notice you send includes your name and contact details and the public verification link, and goes to that third-party platform.
- Commissioned UGC — when a brand commissions new footage from you, we store the brief, any creator-written script and the brand’s approval/revision feedback, the watermarked preview, the revision history, and the delivered master files (with their fingerprints). These are visible only to you, the brand, and Plug. We keep them while the deal is active and for a standard retention period afterward — generally up to seven years, in line with common industry practice and our legal, tax, and dispute-resolution obligations — after which we delete or anonymize them; your own files stay accessible to you.
11. Changes to this policy
We may update this Privacy Policy over time. Material changes will be announced via email or in-app notice. Continued use of the Service after a change constitutes acceptance of the updated policy.
12. Contact
Privacy questions? Email , or write to us at Plug Marketplace LLC, 522 W Riverside Ave STE N, Spokane, WA 99201.