← Back

Privacy

Last updated 2026-05-16

What we collect

  • Account: email, name, password hash (bcrypt cost 10), OAuth profile when you sign in via Google or GitHub.
  • Workspace content: campaign boards, products, assets you upload, AI prompts and outputs, comments, sticky notes.
  • Usage telemetry: which routes you hit + when, plus an audit log of mutations (invites, role changes, deletions, AI runs, top-ups).
  • IP + user agent on auth events for security.

Where it's stored

  • Neon Postgres (US East) - primary database. Encrypted at rest + in transit.
  • Vercel - application hosting. No application data persists on Vercel between requests.
  • S3-compatible object storage (Cloudflare R2 in prod) - uploaded images, videos, generated assets. Public URLs for `public` assets; signed URLs for `private`.
  • Resend - transactional email (verification, password reset, approval pings, rights-expiry warnings).
  • Anthropic API - prompt + output text passed to Claude models for generation. Anthropic doesn't train on your data (per their API terms).
  • Picsum.photos - placeholder images on demo/seed assets only.

What we don't do

  • We don't sell or rent personal data.
  • We don't use your prompts or outputs to train any model.
  • We don't set any non-essential cookies. The session cookie + active-workspace cookie are both essential.

Retention + deletion

Workspace content is kept until you delete it or close the account. Assets older than 90 days that aren't pinned are auto-archived but not deleted (the lifecycle worker leaves storage objects in place until a future sweep).

To delete an account or workspace, email privacy@kampana.io and we'll wipe within 7 days. Workspace owners can also delete a workspace directly from settings (Cascade-deletes every linked row).

Security

  • HSTS, X-Frame-Options=DENY, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, COOP on every response.
  • Password reset + email verify tokens hashed (SHA-256) before storage.
  • Rate-limiting on auth + AI-run endpoints.
  • Tenant-scoped data access - workspace ownership verified on every mutation.
  • Optional 2FA / SSO is on the roadmap.

Contact

Privacy questions, data requests, or vuln disclosure: privacy@kampana.io.