Privacy Policy

Effective date: March 22, 2026

Setalink ("we", "our", or "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website and services at setalink.com (the "Service"). Please read it carefully.

1. Information We Collect

Account Information

When you create an account, we collect your email address, chosen username, full name, and optionally a profile photo. This information is necessary to provide the Service.

Usage Data

We automatically collect certain technical data when you visit our site or use the Service, including IP address, browser type and version, pages visited, time and date of visits, referring URLs, and device information. We use this data to improve the Service and for security purposes.

Profile Analytics Data

When visitors view your Setalink profile, we record anonymized analytics events (page views, link clicks, country, device type) to power your dashboard analytics. We do not collect or store personally identifiable information about your visitors without their consent.

Payment Data

If you subscribe to a paid plan or sell products through the Service, payments are processed by Stripe, Inc. We do not store your full credit card number or banking details. We receive and store a Stripe customer ID, subscription ID, and transaction metadata.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Process payments and manage subscriptions
  • Send transactional emails (account confirmations, receipts, password resets)
  • Respond to support inquiries
  • Analyze usage to improve features and performance
  • Detect, prevent, and address fraud, abuse, or security issues
  • Comply with legal obligations

We do not use your data for advertising or sell it to third parties.

3. Data Sharing

We share your data only with the following trusted third-party service providers, and only to the extent necessary to provide the Service:

  • Stripe, Inc. — Payment processing. Your payment data is governed by Stripe's Privacy Policy.
  • Supabase, Inc. — Database infrastructure and authentication. Data is stored in EU/US regions with encryption at rest.
  • Resend, Inc. — Transactional email delivery.

We never sell your personal data to any third party.

We may disclose your data if required by law, court order, or governmental authority, or to protect the rights, property, or safety of Setalink, our users, or the public.

4. Cookies

We use strictly necessary cookies to maintain your login session and preferences. We also use analytics cookies (first-party) to understand how the Service is used. We do not use third-party advertising cookies. You can disable cookies in your browser settings, but some features of the Service may not function correctly.

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, tax, or fraud-prevention purposes (typically up to 7 years for financial records). Anonymized analytics data may be retained indefinitely.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your personal data ("right to be forgotten").
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Restriction: Request restriction of processing in certain circumstances.

To exercise any of these rights, email us at hello@setalink.com. We will respond within 30 days. If you are in the EU/EEA, you have the right to lodge a complaint with your local data protection authority.

7. Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, access controls, and regular security audits. However, no method of transmission over the internet is 100% secure. We encourage you to use a strong, unique password and enable two-factor authentication where available.

8. Children's Privacy

The Service is not directed to children under 13 years of age. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Effective date" at the top of this page and, where the changes are significant, notify you by email or a prominent notice within the Service. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

10. Contact

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Setalink
Email: hello@setalink.com