Legal

    Privacy Policy

    Last updated: July 10, 2026

    Overview

    This Privacy Policy explains what information Privly collects, why we collect it, how we use it, and the choices you have.

    Privly is operated by MASTERPIECE Technologies Inc.

    Information we collect

    • Account data: email address, name (if provided), workspace and settings.
    • Platform connection data: connected account identifiers (e.g., profile/page IDs) and OAuth tokens.
    • Privly Leads Chrome extension data: LinkedIn profile details that you choose to save from visible LinkedIn pages, such as a person's name, profile URL, headline, source page title, source URL, and duplicate-detection metadata.
    • LinkedIn viewer data: if you use Privly Leads, the extension may save your visible LinkedIn name, profile URL, and profile image URL so we can connect the extension to the right Privly account.
    • Content you provide: post drafts, scheduled posts, captions/text, links, and media you upload.
    • Usage & diagnostics: basic analytics (e.g., pages viewed, feature usage) and logs for reliability and security.
    • Billing data: plan, billing period, payment status, and transaction/subscription IDs from our payment providers. We do not store full card numbers.

    Analytics & cookies

    We use an analytics provider (currently PostHog) to understand how Privly is used (for example: which pages are visited and which features are used) and to improve performance and reliability.

    Analytics typically collects device and usage information such as pages viewed, events you trigger in the app, approximate location (derived from IP), and technical data like browser type. We configure analytics to avoid collecting sensitive content where possible.

    Our analytics provider may use cookies and/or local storage to recognize your browser or device across sessions. You can limit tracking through browser settings and cookie controls. If cookies/local storage are blocked, some parts of the app may not function as intended.

    AI features and model providers

    If you use AI features (for example idea generation, rewriting, hashtag suggestions, best-time suggestions, or in-app Help), your prompts and related context are sent to our AI model provider (currently OpenAI) to generate responses.

    We configure AI requests to avoid provider-side long-term storage where supported by the provider settings. However, providers may process request metadata for abuse prevention, reliability, and legal compliance.

    Payment processing

    Paid subscriptions are processed by third-party payment providers (currently Paddle and/or Helcim, depending on deployment). Those providers process payment information under their own privacy terms and may collect billing address, tax, and transaction details required to complete payment.

    Data we access from connected platforms

    When you connect a social platform, we may access:

    • Account/profile information needed to identify the connected account.
    • Pages/organizations you can post to (where applicable).
    • Permissions and scopes required to publish content.
    • In future versions (optional): comments/messages and performance metrics for analytics.

    Privly Leads Chrome extension

    Privly Leads is a Chrome extension that helps you save visible LinkedIn profiles from events, reactions, comments, likes, and profile lists into your Privly Leads Directory. The extension works only when you use it on LinkedIn pages where profiles are already visible to you.

    The extension may access or send the following data to Privly:

    • Visible LinkedIn profile names, profile URLs, headlines, and profile images where available.
    • The LinkedIn page title and URL used as the source for saved leads.
    • Your visible LinkedIn viewer identity so Privly can show which LinkedIn account is connected.
    • Basic extension diagnostics needed to keep lead saving reliable and secure.

    Privly Leads does not collect LinkedIn passwords, private messages, payment information, or unrelated browsing history.

    Privly Leads does not automatically send LinkedIn messages. You stay in control and review, copy, or send outreach manually.

    Chrome Web Store Limited Use disclosure

    Data accessed through Privly Leads is used only to provide and improve the extension's single purpose: saving visible LinkedIn profiles into your Privly Leads Directory so you can review leads, export CSVs, draft manual outreach, track replies, and follow up one lead at a time.

    • We do not sell extension user data.
    • We do not use extension user data for personalized, retargeted, or interest-based advertising.
    • We do not transfer extension user data except to provide Privly, comply with law, protect security, or as part of a business transfer.
    • We do not allow humans to read extension user data except with your consent for support, for security, to comply with law, or in aggregated and anonymized internal reporting.

    Why we use this data

    • To let you connect accounts and authenticate with OAuth.
    • To schedule, publish, and retry posts you create in Privly.
    • To save visible LinkedIn profiles you choose to import into your Privly Leads Directory.
    • To let you review leads, export CSVs, draft manual outreach, track replies, and manage follow-ups.
    • To show your posting history and delivery status.
    • To prevent abuse, detect fraud, and secure the service.
    • To improve product reliability and user experience.

    Where your data is stored

    Privly is deployed on cloud infrastructure. As of this version, we commonly use: Vercel (or a similar CDN hosting provider) for the web application, and Render for the backend API, database (SQLite on a persistent disk), and media storage. Your exact storage region depends on the project configuration.

    Retention & deletion

    We keep data as long as needed to provide the service, meet legal obligations, resolve disputes, and enforce agreements. You can request deletion at any time (see Data Deletion).

    Who we share data with

    • Connected platforms: when you publish or connect accounts (e.g., Meta, TikTok, X, LinkedIn).
    • Cloud vendors: hosting, database, storage, and monitoring providers used to operate Privly.
    • Analytics vendors: to understand product usage and improve reliability (currently PostHog).
    • AI vendors: to generate AI outputs from prompts you submit (currently OpenAI).
    • Payment providers: to process subscriptions, renewals, invoices, taxes, and refunds (currently Paddle and/or Helcim, depending on deployment).
    • Email providers: to send account and transactional emails (currently Resend).
    • Legal & safety: if required to comply with law or protect users and the service.

    Security

    We use industry-standard safeguards such as encrypted transport (TLS) and secure secret handling. See Security Overview.

    Contact

    Questions or requests? Email support@privly.app.

    This page is provided for platform review and user transparency. If any section needs updating for your deployment, edit this file and redeploy.