Legal
Privacy Policy
What Inflique collects, how your session is stored, and the services your data is shared with.
Draft — Not Legal Advice
This page is a first-draft skeleton grounded in Inflique's current app behavior. It has not been reviewed by legal counsel and must not be published or relied upon until reviewed and approved by a lawyer.
Last updated: 2026-07-15
1. Information We Collect
Account data: name, email, password (hashed) or OAuth identifier, and your selected role. Brand/Agency profile data: company name, position, phone number, company details, website, and social links. Influencer profile data: bio, gender, content categories, style tags, country, and (for connected or scraped accounts) follower counts, engagement, and other performance metrics. Campaign data: briefs, messages, drafts, and uploaded files exchanged through the platform.
2. How Your Session Is Stored
When you log in, Inflique issues a short-lived access token and a refresh token, both stored in your browser's local storage — not in cookies. These tokens authenticate your requests via an Authorization header. You can end a session at any time by logging out, which invalidates it on our servers.
3. Third-Party Services We Share Data With
- Google — for account sign-in (name, email, profile picture).
- YouTube, TikTok, and Instagram — if you connect a creator account, we read basic profile and performance data (e.g. follower/subscriber counts, recent videos or posts, analytics) via those platforms' official APIs, using the access you grant during connection.
- Apify — for public influencer profiles that haven't connected an account, we may use this service to fetch publicly available profile stats (followers, posts, average views) from TikTok/Instagram, so the profile can appear in Discover.
- Anthropic (AI provider) — campaign brief text, influencer profile or media-kit content, and search queries are sent to Anthropic's API to power Smart Plan, Smart Search, and AI profile analysis.
4. File & Media Storage
Files are stored with Supabase Storage in one of two places. Avatars, campaign cover images, and brief images go in a public bucket and are accessible via a direct URL. Rate cards, payment proofs, draft/deliverable files, and chat attachments go in a private bucket and are only accessible via time-limited signed links generated for the people involved.
5. Payment-Related Data
Payments happen off-platform. Inflique stores a record of the payment status and any proof file (e.g. a bank transfer screenshot) uploaded to confirm it — Inflique does not process card or bank details itself.
6. Data Retention
We retain account and campaign data for as long as your account is active, and as needed to resolve disputes or meet legal obligations after account closure.
7. Your Rights & Choices
You can review and update most profile information from your account settings, disconnect a connected platform at any time, and request account deletion by contacting support.
8. Data Security
We use industry-standard measures to protect stored data, including hashed passwords, signed URLs for private files, and short-lived access tokens with server-side revocation.
9. Children's Privacy
Inflique is not directed at children and is not knowingly used by anyone under 18.
10. Changes to This Policy
This policy may be updated as the platform evolves. Material changes will be reflected here with an updated date.
11. Contact
Questions about this Privacy Policy can be sent to the Inflique support team.