Privacy Policy
Updated June 7, 2026
This Policy explains what data SuperPublisher collects and how we handle it, consistent with GDPR (and Brazil's LGPD). A plain-language summary, not legal advice.
1. Data we collect
Account: name and email at signup. Billing: subscription data processed by Stripe (we never store your card number). Usage: the content you generate, the sites and settings you create, and technical logs to operate the Service. Optional connectors: when you connect your Google/Meta accounts via OAuth, we store access tokens encrypted (AES-256-GCM) to read metrics from YOUR accounts — your site's ad/CDP data never passes through our cloud.
2. How we use it
To provide and operate the Service, process billing, generate content, offer support, and improve the product. We do not sell your data.
3. Sharing
We share the minimum necessary with processors: Stripe (payments), OpenAI (text generation — we send the brief, not your personal data), Cloudflare (build hosting). Each handles data under its own terms.
4. Retention and security
We keep data while your account exists. Third-party tokens are encrypted at rest. You can delete connectors anytime (we revoke access).
5. Your rights
You can access, correct, or delete your data and request account removal. To exercise any right (GDPR/LGPD), email nathan@manah.digital.
6. Cookies
We use one essential session cookie to keep you signed in. The site YOU publish may use other cookies/tags (GAM, GTM, Analytics) per your own configuration.