Privacy Policy

Effective date: 2026-04-23

This Privacy Policy describes how CreatorCompli ("we," "us," or "our") collects, uses, and shares information when you use our websites at creatorcompli.com and related services (collectively, the "Service").

1. Information we collect

1.1 Information you provide

  • Account information — email address, name, and role (creator, brand, or agency) when you sign up via our authentication provider (Clerk).
  • Payment information — collected and processed by Stripe. We do not store full card numbers; we retain only a Stripe customer reference and the last 4 digits of your card for receipts.
  • Content you submit — social media post captions, transcripts, and URLs you submit for compliance scanning.
  • Platform handles — your public Instagram, TikTok, YouTube, or X handles, which you enter to enable monitoring.

1.2 Information collected from public sources

We scan publicly available social media content (captions, video descriptions, and transcripts) from Instagram, TikTok, YouTube, and X for FTC disclosure compliance. This includes posts from creators who have not signed up for the Service. We may also collect publicly listed contact information (email addresses) from creator bios and brand websites solely for the purpose of compliance outreach.

1.3 Automatically collected information

  • Usage data — pages visited, features used, and timing information.
  • Device and log data — IP address, browser type, operating system, and request timestamps.
  • Email event data — when you receive an email from us, we record delivery, open, click, bounce, and unsubscribe events via our email provider (Resend).

2. How we use information

  • Provide, operate, and maintain the Service.
  • Run compliance scans and generate evaluation reports.
  • Send outreach emails about compliance issues we detect in your public content.
  • Process subscriptions, payments, and account-related communications.
  • Improve the Service, including training and tuning detection models.
  • Comply with legal obligations and enforce our Terms of Service.
  • Detect and prevent fraud, abuse, or security incidents.

3. How we share information

We do not sell personal information. We share information only in the following circumstances:

  • Service providers — Clerk (authentication), Stripe (billing), Resend (email delivery), Anthropic (AI analysis), Neon (database), Vercel (hosting), Railway (worker infrastructure), Google (YouTube API), and scraping provider fallbacks (Apify, ScrapingBee) when enabled. Each is contractually bound to process data only as directed.
  • Aggregated or de-identified data — we may publish aggregate statistics (e.g., total posts scanned, industry-level non-compliance rates) that do not identify any individual.
  • Legal requirements — when required by law, subpoena, or to protect our rights, property, or safety.
  • Business transfers — in a merger, acquisition, or sale of assets, subject to this Policy.

4. AI model processing

Content you submit for scanning is sent to Anthropic's Claude API for analysis. Anthropic does not use customer data submitted via API to train their models. Scan results are cached in our database and used only to serve your account.

5. Email + commercial outreach (CAN-SPAM)

Some emails you receive from us are commercial outreach about compliance issues detected in your public posts. Every such email includes:

  • Our physical mailing address: 43 Mildred Ave, Asheville, NC 28806.
  • A functional unsubscribe link that removes you from all future commercial email within 10 business days (usually within minutes).
  • Native one-click unsubscribe support for Gmail and Apple Mail (RFC 8058).

You can also request removal by emailing privacy@creatorcompli.com.

6. Your rights (US-based users)

Depending on your state, you may have rights to access, correct, delete, or port your data. To exercise these rights, email privacy@creatorcompli.com. We respond within 30 days.

California residents have additional rights under the CCPA/CPRA, including the right to know what personal information we collect, to request deletion, and to opt out of "sharing" for cross-context behavioral advertising. We do not engage in such sharing.

7. Data retention

We retain account information for as long as your account is active and for a reasonable period thereafter for legal and operational purposes. Scan results and compliance history are retained to maintain your score and badge. You may request deletion at any time; we will honor such requests within 30 days unless retention is required by law.

8. Security

We use industry-standard safeguards including TLS encryption in transit, encrypted storage at rest, role-based access controls, and signed webhook verification. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

9. Children's privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from minors. If you believe we have, contact privacy@creatorcompli.com.

10. Changes to this policy

We may update this Policy from time to time. The "Effective date" above will reflect the latest version. Material changes will be announced via in-app notification or email to registered users.

11. Contact

CreatorCompli
43 Mildred Ave, Asheville, NC 28806
privacy@creatorcompli.com

This Policy is provided for general informational purposes and is not legal advice. Consult an attorney for advice about your specific situation.

Privacy Policy — CreatorCompli — CreatorCompli