Back to Home

Privacy Policy

Last updated: February 4, 2026

Your Privacy Matters. This Privacy Policy explains how Creedn collects, uses, shares, and protects your personal information. We are committed to transparency and giving you control over your data.

Quick Navigation

→ Information We Collect→ How We Use Your Data→ Data Sharing→ Your Rights (GDPR/CCPA)→ Data Security→ Cookies & Tracking→ International Transfers→ Contact Us

1. Introduction

Creedn ("we," "our," or "us") operates the website creedn.com and provides a Software-as-a-Service (SaaS) platform for independent professionals, including content creators, coaches, consultants, therapists, freelancers, and service-based business owners (collectively, "Professionals"). This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our Service.

By accessing or using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use our Service.

This Privacy Policy complies with:

  • General Data Protection Regulation (GDPR) - EU regulation 2016/679
  • California Consumer Privacy Act (CCPA) - California Civil Code Section 1798.100 et seq.
  • California Privacy Rights Act (CPRA) - effective January 1, 2023
  • Other applicable data protection laws worldwide

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us:

Account Information:

  • Full name
  • Email address
  • Password (encrypted)
  • Profile picture (optional)
  • Biography and professional information

Professional Profile Data:

  • Social media handles and platform connections (YouTube, Instagram, TikTok, etc.)
  • Professional categories, expertise areas, and service offerings
  • Client and audience demographics
  • Brand partnership and client information
  • Booking availability and scheduling preferences
  • Revenue and financial data you enter
  • Survey responses and intake form data collected from your clients

Payment Information:

  • Billing address
  • Payment method details (processed securely by Stripe - we do not store full card numbers)
  • Transaction history

Communications:

  • Messages you send to our support team
  • Survey responses and feedback
  • Comments, questions, or other communications

2.2 Information Collected Automatically

When you use our Service, we automatically collect certain information:

Usage Data:

  • Pages visited and features used
  • Time and date of visits
  • Time spent on pages
  • Click patterns and navigation paths
  • Search queries within the Service

Device and Technical Information:

  • IP address
  • Browser type and version
  • Operating system
  • Device identifiers
  • Screen resolution
  • Referral source (how you found us)

Cookies and Similar Technologies:

  • Session cookies (essential for service functionality)
  • Authentication tokens
  • Preference cookies (remember your settings)
  • Analytics cookies (understand usage patterns)

See Section 6 for detailed cookie information.

2.3 Information from Third-Party Sources

We receive data from third-party platforms you connect:

Social Media Platforms:

When you connect your social media accounts, we collect:

  • YouTube: Channel statistics, video performance, subscriber count (via YouTube Analytics API)
  • Instagram: Profile information, follower count, engagement metrics (via Instagram Graph API)
  • TikTok: Profile data, video performance, follower statistics (via TikTok for Developers)
  • Wishlink: Affiliate link performance and revenue data
  • Stripe: Payment processing information and transaction status

Note: We only access data you explicitly authorize through OAuth consent screens. You can revoke these permissions at any time through your account settings or the respective platform's settings.

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 To Provide and Maintain the Service

  • Create and manage your account
  • Authenticate your identity and maintain security
  • Display your aggregated analytics dashboard
  • Sync data from connected platforms
  • Process payments and manage subscriptions
  • Provide customer support

3.2 To Improve and Personalize the Service

  • Analyze usage patterns to improve features
  • Provide personalized recommendations
  • Generate AI-powered insights specific to your content
  • Test new features and optimize performance
  • Conduct research and development

3.3 To Communicate with You

  • Send service-related notifications and updates
  • Respond to your inquiries and support requests
  • Send important account or security alerts
  • Provide product updates and feature announcements
  • Send marketing communications (with your consent - you can opt out)

3.4 For Legal and Security Purposes

  • Detect, prevent, and address fraud or security issues
  • Enforce our Terms of Service
  • Comply with legal obligations and respond to lawful requests
  • Protect our rights, privacy, safety, or property
  • Investigate and prevent prohibited or illegal activities

Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal data under the following legal bases:

  • Contractual Necessity: Processing necessary to provide the Service you've subscribed to
  • Legitimate Interests: Improving our Service, fraud prevention, and security
  • Consent: Marketing communications and optional features (you can withdraw consent anytime)
  • Legal Obligation: Compliance with applicable laws and regulations

4. How We Share Your Information

We do NOT sell your personal information to third parties.

We may share your information in the following circumstances:

4.1 Service Providers

We share data with trusted third-party vendors who help us operate our Service:

  • Supabase: Database hosting and authentication (data stored in USA)
  • Vercel: Website hosting and content delivery
  • Stripe: Payment processing (PCI-DSS compliant)
  • Google Analytics: Website analytics and usage statistics
  • Groq/OpenAI: AI-powered features and recommendations
  • Email service providers: Transactional emails and notifications

All service providers are contractually obligated to protect your data and use it only for providing services to us.

4.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders)
  • Government or regulatory requests
  • Protection of our legal rights
  • Investigation of fraud or security issues

4.4 With Your Consent

We may share information with third parties when you explicitly consent, such as when you integrate additional third-party services or share your data publicly.

4.5 Anonymized and Aggregated Data

We may share anonymized, aggregated data that cannot identify you personally (e.g., industry trends, benchmark statistics) for research, marketing, or business purposes.

5. Your Privacy Rights

You have control over your personal data.

Depending on your location, you have specific rights regarding your personal information under GDPR, CCPA, and other privacy laws.

5.1 Rights for All Users

✓ Right to Access

Request a copy of your personal data we hold

✓ Right to Rectification

Correct inaccurate or incomplete information

✓ Right to Deletion

Request deletion of your personal data

✓ Right to Object

Object to certain processing activities

✓ Right to Portability

Receive your data in a structured, machine-readable format

5.2 GDPR Rights (EU Users)

If you are in the European Economic Area (EEA), you have additional rights:

  • Right to Restriction: Limit how we use your data
  • Right to Withdraw Consent: Withdraw consent for processing at any time
  • Right to Lodge a Complaint: File a complaint with your local data protection authority
  • Right to Be Informed: Transparent information about data processing

5.3 CCPA/CPRA Rights (California Users)

If you are a California resident, you have these rights:

  • Right to Know: Categories and specific pieces of personal information collected
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information (Note: We do not sell data)
  • Right to Non-Discrimination: Equal service regardless of exercising privacy rights
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Limit Use: Limit the use of sensitive personal information

5.4 How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: privacy@creedn.com

Subject Line: "Privacy Rights Request"

We will respond to your request within 30 days (or as required by law). We may ask you to verify your identity before processing your request.

6. Data Security

We take the security of your personal information seriously and implement industry-standard technical and organizational measures to protect it.

Security Measures Include:

  • Encryption: Data encrypted in transit (TLS/SSL) and at rest (AES-256)
  • Authentication: Secure password hashing (bcrypt) and session management
  • Access Controls: Principle of least privilege and role-based access
  • Monitoring: Continuous security monitoring and logging
  • Infrastructure: Secure cloud infrastructure with enterprise-grade security
  • Regular Audits: Periodic security assessments and vulnerability testing

Important Notice

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security. Please use strong passwords and enable two-factor authentication when available.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and analyze usage of our Service.

Essential Cookies

Required for the Service to function. These cannot be disabled as they are necessary for authentication, security, and basic functionality.

Analytics Cookies

Help us understand how users interact with the Service. We use Google Analytics with IP anonymization. You can opt out of analytics cookies in your account settings.

Preference Cookies

Remember your settings and preferences (language, theme, etc.) to provide a personalized experience.

Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may affect Service functionality. Visit aboutcookies.org for information on managing cookies.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

  • Account Data: Retained while your account is active
  • After Account Deletion: 30-day recovery period, then permanent deletion
  • Financial Records: 7 years (tax and accounting requirements)
  • Analytics Data: 26 months (Google Analytics default)
  • Logs and Security Data: 90 days

9. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country where data protection laws may differ. By using our Service, you consent to this transfer.

Data Storage Locations:

  • Primary servers: United States (Supabase US region)
  • CDN and hosting: Global (Vercel Edge Network)
  • Payment processing: Secure Stripe infrastructure

EU-US Data Transfers

For transfers from the EEA to the US, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and implement additional safeguards to ensure adequate protection of your data.

10. Children's Privacy

Our Service is not directed to individuals under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@creedn.com.

Users between 13-17 years of age (or 16-17 in the EEA) must have parental or guardian consent to use the Service.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.

When we make material changes, we will notify you by:

  • Email notification to your registered email address
  • Prominent notice on our Service
  • Updating the "Last Updated" date at the top of this policy

Your continued use of the Service after notification constitutes acceptance of the updated Privacy Policy.

12. Do Not Track Signals

We currently do not respond to Do Not Track (DNT) browser signals, as there is no industry standard for compliance. We will continue to monitor developments and may adopt a DNT standard in the future.

13. Contact Us

If you have questions,concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer

Email: privacy@creedn.com

General Support

Email: support@creedn.com

Legal Department

Email: legal@creedn.com

Response Time

We aim to respond to all privacy inquiries within 72 hours. For formal data subject requests (access, deletion, etc.), we will acknowledge receipt within 3 business days and provide a substantive response within 30 days as required by law.

Your Privacy is Our Priority

This Privacy Policy demonstrates our commitment to protecting your personal information and providing transparency about our data practices. We continuously review and update our privacy measures to ensure the highest standards of data protection.

Last updated: February 4, 2026 | Effective Date: February 4, 2026

Terms of ServiceBack to Home