Privacy Policy

Last updated: December 7, 2025

We collect the minimum data needed to operate AEOBRO and to provide verification, billing, and account features. This policy describes what we collect, why, how long we keep it, and your rights under applicable laws (GDPR/CCPA).

Information We Collect

• Account & Authentication: Email address and sign-in events (via NextAuth). If you use magic links, we process emails to deliver sign-in links.
• Profile Content: The facts you publish in your profile (e.g., name, handles, links, business details) and verification artifacts (e.g., DNS TXT proof or platform code-in-bio).
• Billing: Subscription status, plan, and payment identifiers processed by Stripe (we do not store full card data).
• Operational Communications: Service emails (e.g., receipts, verification notices) sent via Resend.
• Technical Data: Basic logs and request metadata for security and abuse prevention.

How We Use Data

• Provide and secure authentication and sessions.
• Verify profiles (platform OAuth or domain-based proofs) and publish structured data.
• Process subscriptions and payments through Stripe.
• Send essential service emails (verification, receipts, alerts).
• Prevent fraud and enforce our Terms and Acceptable Use Policy.

Service Providers

• Authentication: NextAuth (email and optional OAuth providers you connect).
• Email Delivery: Resend (transactional emails).
• Payments: Stripe (subscriptions and invoices).
• Hosting: Vercel (app hosting and build logs).

Cookies & Similar Technologies

We use strictly necessary cookies for sign-in sessions and account security. If analytics are enabled in the future, we will update this page to describe those technologies and provide controls.

Data Retention

• Profile & Account Data: Retained while your account is active. If you cancel, profile publishing stops; we retain core data for up to 90 days for reactivation, then delete or archive per policy.
• Billing Records: Retained as required for tax and accounting compliance.
• Security Logs: Retained for a limited time necessary to detect, investigate, and prevent abuse.

Your Rights

Depending on your location, you may have the right to access, correct, export, object to processing, or request deletion of your personal data. To exercise these rights, contact us at privacy@aeobro.com (or your preferred address).

Children’s Privacy

AEOBRO is not directed to children. Do not use the service if you are under the age required by law in your jurisdiction.

International Transfers

We may process data in the United States and other countries. Where required, we use appropriate safeguards for cross-border transfers.

Security

We implement technical and organizational measures to protect data. No method of transmission or storage is 100% secure; we continuously improve our safeguards.

Changes to This Policy

We may update this policy from time to time. Material changes will be posted here with a new “Last updated” date.

Contact

Questions or requests? Email privacy@aeobro.com.