Privacy Policy
Last updated: July 10, 2026
1. Data Controller
DistributionOS is operated by Lawrence. For privacy inquiries, contact us at privacy@distributionos.com.
2. Data We Collect
Account Data
Email address, display name, and authentication provider (Google, GitHub, or email/password).
App Configuration
App names, domains, Brain Doc content (product descriptions, audience definitions, brand voice settings), scheduling preferences, and competitor URLs you provide.
Connected Account Tokens
OAuth access tokens for Instagram, GitHub, and Google Search Console. These are encrypted with AES-256-GCM before storage and are never accessible in plaintext outside of server-side processing.
Content and Performance Data
Generated social posts, blog articles, email campaigns, engagement metrics, SEO performance data, and attribution data collected from connected platforms.
Free Tool and AI Generation Data
The private version of each free tool runs in your browser, and its answers are not sent to DistributionOS. If you choose Generate with AI, the answers are sent through our Vercel-hosted API to the configured model provider, currently OpenAI or Anthropic, to create the result. We do not attach those answers or results to a DistributionOS account. A generated result may be cached in server memory for up to six hours to avoid duplicate model calls. We disable OpenAI response storage for these calls. The model provider's standard abuse-monitoring or API retention may keep inputs and outputs for up to 30 days, subject to its commercial terms and limited exceptions. Commercial API inputs and outputs are not used for model training by default by either provider.
Newsletter Data
If you opt in to the marketing-experiments newsletter, we store your email address, consent timestamp and source, and the free tool where you subscribed. We do not store your free-tool answers with the newsletter record.
Anonymous Campaign Link Tracker Data
The UTM Builder can create an optional public DistributionOS redirect and private results page without an account. We use the required operational email only to verify activation, recover the private report, and send one final report; this is separate from newsletter consent. The email is encrypted at rest. Private results and activation tokens are stored as one-way hashes, and the activation token expires after 24 hours if unused.
After activation, the redirect records eligible human clicks for exactly 30 days, up to 10,000 clicks. We do not store raw IP addresses, full referrer URLs, or raw user-agent strings. An approximate unique-click identifier uses a link-specific rotating salt and a one-way keyed hash. We retain only the referrer hostname, broad device category, bot classification, and click time. Known crawlers and suspicious automation are excluded from human totals, but bot filtering and approximate uniques are not perfect.
Billing Data
Payment processing is handled entirely by Polar. We do not store credit card numbers or payment credentials. We store subscription status, plan tier, and billing period dates.
Usage Data
On public marketing pages, we collect first-party analytics such as page visits, sessions, traffic source, content and campaign identifiers, and successful signup or newsletter events. We do not send newsletter email addresses or free-tool answers in analytics events. Optional Google Analytics data is collected only with consent. See our Cookie Policy for details.
3. Legal Basis for Processing (GDPR Article 6)
- Contract performance: Processing necessary to provide the Service (content generation, publishing, analytics).
- Legitimate interest: Product improvement, security monitoring, and fraud prevention.
- Consent: Analytics cookies and marketing email preferences.
4. Third-Party Processors
We share data with the following processors, each under appropriate data processing agreements:
| Processor | Purpose |
|---|---|
| Supabase | Authentication, database, file storage, and scheduled worker state |
| Vercel | Web application hosting and API routes |
| Google Cloud / Firebase Hosting | Optional customer-site deployment adapter when you connect a Firebase-hosted app |
| Anthropic (Claude) | Optional AI content generation. Commercial API inputs and outputs are not used for model training by default and may be retained for up to 30 days under Anthropic's standard terms. |
| OpenAI | Optional AI content generation. Free-tool calls disable response storage; API content is not used for training by default and standard abuse-monitoring logs may be retained for up to 30 days. |
| Resend | Email delivery (platform notifications and user email campaigns) |
| Polar | Subscription billing and payment processing |
| DataForSEO | Keyword research and SEO data |
| Apify | Competitor intelligence web scraping |
| GitHub | Blog article publishing via GitHub API |
| Instagram / Meta | Social media posting via Graph API |
| Google Analytics | Usage analytics (only with consent) |
| Google Search Console | SEO performance data |
5. Data Retention
Account and app data is retained for the duration of your active subscription plus 30 days after cancellation. Newsletter email, consent, and source data is retained until you unsubscribe or request deletion. We may retain a minimal suppression record so a previous unsubscribe, complaint, or delivery failure is not accidentally overridden. Free-tool AI inputs and outputs are not saved to a DistributionOS account; temporary processing and provider retention are described above. Minimal accounting and security records may be retained when required for legal compliance or abuse prevention.
Anonymous campaign click rows and approximate-unique hashes are retained only during the 30-day recording window. The frozen private report and operational email remain for a seven-day grace period so the final report can be delivered and opened. After the grace period, the operational email, token hashes, click data, unique hashes, and report are removed. A minimal public-code and destination record remains so a campaign link already shared continues redirecting without further recording. The private results page also provides an explicit deletion action that stops the redirect and removes associated private data earlier.
6. Your Rights (GDPR)
If you are in the European Union, you have the right to:
- Access: Request a copy of your personal data.
- Rectification: Request correction of inaccurate data.
- Erasure: Request deletion of your data.
- Portability: Receive your data in a machine-readable format.
- Restriction: Request restriction of processing.
- Objection: Object to processing based on legitimate interest.
- Withdraw consent: Withdraw consent for analytics cookies or marketing emails at any time.
To exercise these rights, email privacy@distributionos.com. We will respond within 30 days.
7. Your Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information is collected and how it is used.
- Request deletion of your personal information.
- Opt out of the sale of personal information. We do not sell personal data.
8. International Data Transfers
Your data may be processed in the United States and other countries where our processors operate. We rely on Standard Contractual Clauses (SCCs) and processor Data Processing Agreements to ensure adequate protection of transferred data.
9. Cookies
We use essential cookies for authentication and optional analytics cookies with your consent. See our Cookie Policy for details.
10. Data Breach Notification
In the event of a data breach, we will notify affected users within 72 hours as required by GDPR Article 33, and will notify the relevant supervisory authority.
11. Children's Privacy
The Service is not directed at children under 16. We do not knowingly collect personal data from children.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification.
13. Contact
For privacy inquiries or to exercise your data rights, contact privacy@distributionos.com.