Privacy Policy

Account data: Name, email address, and password (hashed) when you register.

Usage data: Pages visited, features used, timestamps of actions, and browser/device information (user agent, screen size, IP address).

Product URLs: The URLs you submit for analysis are stored to power the Service and improve AI accuracy.

Lead data: Public post content fetched from Reddit and HackerNews is temporarily processed and stored in your account to display lead results. This is publicly available data originating from third-party platforms.

Payment data: Billing details are processed and stored by our payment processor (Stripe). We do not store full card numbers on our servers.

We use your data to:

• Provide, operate, and improve the Service
• Process payments and manage subscriptions
• Send transactional emails (account confirmation, password resets, billing receipts)
• Send optional product update emails (you may unsubscribe at any time)
• Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations

We do not sell, rent, or trade your personal data to any third party for marketing purposes.

We share data with the following trusted third-party processors:

• Supabase — Database, authentication, and server-side functions. Data is stored in a EU/US region as configured. Supabase Privacy Policy.
• Stripe — Payment processing. Card data never touches our servers. Stripe Privacy Policy.
• Anthropic (Claude API) — AI-powered keyword extraction and DM generation. Prompts include your product URL content and public post text. Anthropic Privacy Policy.
• Vercel — Hosting and serverless functions. Infrastructure provider. Vercel Privacy Policy.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of your account and associated data.
• Portability: Receive your data in a machine-readable format.
• Objection: Object to processing of your data for direct marketing.
• Restriction: Request we restrict processing in certain circumstances.

To exercise any of these rights, email support@qurlradar.com. We will respond within 30 days (or within the timeframe required by applicable law).

We use the following cookies and similar technologies:

• Authentication cookies: Set by Supabase to maintain your login session. These are strictly necessary and cannot be disabled.
• Preference cookies: Store your theme (light/dark) and language preference in localStorage.

We do not use advertising or tracking cookies. We do not use Google Analytics or any third-party analytics service.

We retain your account data for as long as your account is active. Lead data is retained until you delete it or close your account. If you cancel your subscription, your data remains accessible for 90 days before being permanently deleted, unless you request earlier deletion.

Your data may be processed in the United States or the European Union depending on which infrastructure region your data is stored in. We ensure appropriate safeguards are in place for any cross-border data transfers, including Standard Contractual Clauses where applicable.

For privacy-related questions, requests, or complaints, contact our Data Protection contact at:

Email: support@qurlradar.com

You also have the right to lodge a complaint with your local data protection authority (for EU residents: your national DPA).