CreatorOS

Privacy Policy

This Policy describes what we collect, how we use it, and the choices you have. CreatorOS is built for GDPR-equivalent compliance from day one.

Replace with actual legal text before launch. Last updated: 2026-05-13.

1. What we collect

Account data (name, email, language preference, workspace metadata). Content you create on the platform (comments, leads, brand-deal records). Third-party content fetched on your behalf (social comments and DMs, brand-side campaign data) — scoped by the connect-account permissions you granted. Diagnostic logs scrubbed of personal data via Pino redaction.

2. How we use it

To run the platform features you turned on. To route AI workloads through the appropriate level (Level 1 cheap models for cached intents, Level 3 for hard problems). To send service notifications. We do not sell personal data. We do not train foundation models on your tenant's data.

3. Your rights

You can export your tenant's data at any time from Settings → Privacy. You can request full deletion via the same surface. Owner-role users can manage the data-retention policy per module. Encryption at rest, encryption in transit, tenant-level isolation, full audit log. See docs/09-SECURITY.md for the full security posture.