Privacy Policy

Last Updated: January 2025

1. Introduction

Welcome to UpClicker. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website and use our services, and tell you about your privacy rights.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Password (encrypted and securely stored via Supabase Auth)
  • Account ID (automatically generated)

2.2 Content You Upload

When you use our service, we store:

  • Open Graph images you upload
  • Campaign information (URL paths)
  • Variant names you assign to your images

2.3 Analytics Data (Privacy-First Approach)

We automatically collect aggregated analytics only:

  • Impression counts (how many times your OG images are viewed)
  • Click counts (how many visitors arrived via variant URLs)
  • Variant performance data (views, clicks, CTR)
  • Daily and monthly aggregates for trend analysis

Important: We do NOT store visitor-level data

  • No IP addresses are stored in our database
  • No user agents are persisted
  • No personally identifiable information about your visitors is retained
  • Only aggregate counts (totals and daily/monthly rollups) are stored
  • Ephemeral deduplication may use short-lived (10-30s TTL) hashed identifiers in memory or Redis, but these are never persisted to permanent storage

3. How We Use Your Information

We use your information to:

  • Provide and maintain our A/B testing service
  • Serve your Open Graph images to social media platforms
  • Track impression counts for your image variants
  • Improve and optimize our service
  • Communicate with you about your account and service updates
  • Ensure the security of our platform

4. Data Storage and Security

Your data is stored securely using industry-standard practices:

  • Passwords are managed by Supabase Auth with bcrypt encryption
  • Images are stored in Supabase Storage with secure URLs
  • Database connections use SSL/TLS encryption
  • Session cookies are httpOnly to prevent XSS attacks
  • All data is hosted on secure servers provided by Supabase and Vercel

5. Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We only share data with:

  • Supabase: For authentication, database, and file storage services
  • Vercel: For hosting and deployment services
  • Social Media Platforms: Your OG images are served to platforms like Twitter, LinkedIn, and Facebook when someone shares your links

These service providers are bound by their own privacy policies and data protection agreements.

6. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your account and all associated data
  • Data Portability: Request export of your data in a structured format
  • Withdraw Consent: Stop using our service at any time

To exercise these rights, please contact us at privacy@upclicker.com

7. Cookies

We use essential cookies to maintain your login session. These cookies are necessary for the service to function and cannot be disabled. We do not use tracking cookies or third-party analytics cookies.

8. Data Retention

We retain your data for as long as your account is active. When you delete your account:

  • All campaigns and variants are permanently deleted
  • All analytics aggregates (views, clicks, daily/monthly data) are removed
  • Uploaded images are removed from storage
  • Account information is removed from our database

8.1 Analytics Data Retention

  • Daily aggregates: Retained for 90 days
  • Monthly rollups: Retained for 24 months (created from daily aggregates after 90 days)
  • Lifetime totals: Maintained as long as your account is active (simple non-identifying counts)
  • Debug logs: Automatically purged after 7 days

9. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and stored in countries outside your residence. We ensure appropriate safeguards are in place to protect your data in accordance with this privacy policy.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last Updated" date.

12. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us at:

Email: privacy@upclicker.com

Last Updated: January 2025