Privacy Policy

Effective Date: February 10, 2026

At Brandora (“we,” “us,” or “our”), we take your privacy seriously. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our AI marketing platform at brandora.ai (the “Service”).

1. Information We Collect

1.1 Information You Provide

  • Account Information: Email address and authentication credentials (via Google OAuth).
  • Payment Information: Billing details processed through Stripe. We do not directly store your complete credit card information.
  • Marketing Configuration: Brand details you provide to brief the AI agents, including your voice, positioning, competitors, target audience, goals, and connected social account tokens.
  • Support Communications: Messages and attachments you send to support@brandora.ai.

1.2 Information Collected Automatically

  • Usage Data: Agent activity, content generated, approvals, scheduling, and feature usage patterns.
  • Technical Information: IP addresses, browser type, device information, operating system, and access times.
  • Analytics: Google Analytics and Microsoft Clarity for page views, session duration, and navigation patterns. These run only after you accept analytics cookies (see Section 9).

1.3 Information from Third Parties

  • AI Model Providers: When agents generate marketing content, prompts and context pass through AI model providers (such as OpenAI and Anthropic). We receive usage metadata but do not sell or repurpose your content.
  • Connected Platforms: When you connect channels (such as X/Twitter and LinkedIn), we receive only the data necessary to plan, publish, and report on your marketing.

2. How We Use Your Information

  • Provide the Service: Run your social, SEO, ads, and creative through specialized AI agents, schedule and publish approved work, and report on performance.
  • Process Payments: Handle subscription billing and prevent fraud.
  • Communicate: Send service updates, billing notifications, security alerts, and respond to support requests.
  • Improve the Service: Analyze usage patterns to enhance features and optimize performance.
  • Security: Detect abuse, prevent unauthorized access, and enforce our Terms of Service.
  • Legal Obligations: Respond to lawful requests and enforce our legal rights.

3. How We Share Your Information

We do not sell your personal information. We share data only with:

3.1 Service Providers

  • Stripe: Payment processing and subscription management.
  • Supabase: Database hosting and authentication.
  • Hosting and Analytics: Platform hosting, Google Analytics, and Microsoft Clarity.
  • AI Model Providers: Your marketing prompts and context are processed by providers (OpenAI, Anthropic, etc.) to generate content.

These providers are contractually obligated to protect your data.

3.2 Legal Requirements

We may disclose information if required by law, legal process, or to protect the rights, property, or safety of Brandora, our users, or the public.

3.3 Business Transfers

If Brandora is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

4. Data Security

  • Encryption: All data in transit uses TLS encryption.
  • Access Controls: Employee access to personal data is restricted on a need-to-know basis.
  • Approval Queue: Marketing work routes through an approval queue before anything is published on your behalf.

No system is completely secure. You are responsible for maintaining the confidentiality of your account credentials.

5. Data Retention

  • Active Accounts: Data retained while your account is active.
  • Deleted Accounts: Minimal information retained for 90 days for legal compliance and fraud prevention.
  • Usage Logs: Activity and usage data retained for 90 days.

6. Your Rights and Choices

GDPR Rights (EEA Residents)

If located in the EEA, you have the right to: access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.

We process data based on: contract performance, legitimate interests, consent, and legal obligations.

All Users

  • Update account information through your dashboard.
  • Request a copy of your marketing configuration and usage data.
  • Delete your account at any time.
  • Unsubscribe from marketing emails.

To exercise these rights, contact support@brandora.ai. We will respond within 30 days.

California Privacy Rights (CCPA)

California residents have the right to know, delete, and opt-out. We do not sell personal information.

7. International Data Transfers

Your information may be transferred to countries outside your residence, including the United States. We implement appropriate safeguards including Standard Contractual Clauses and Data Processing Agreements.

8. Children's Privacy

The Service is not intended for users under 18. We do not knowingly collect information from children. Contact support@brandora.ai if you believe we have.

9. Cookies and Tracking

  • Essential Cookies: Required for authentication and session management.
  • Analytics Cookies: Google Analytics and Microsoft Clarity, loaded only after you accept analytics cookies via our consent banner.
  • Authentication: Google OAuth tokens for sign-in.

We use Google Consent Mode so analytics run in a privacy-safe mode until you consent. We do not use third-party advertising cookies or cross-site tracking. You can change your choice at any time by clearing your browser storage for this site.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by posting a notice on brandora.ai and sending an email. Continued use after changes constitutes acceptance.

11. Contact Us

Email: support@brandora.ai
Website: brandora.ai

For GDPR-related inquiries, include “GDPR Request” in your email subject line.

brandora
MADE WITH CARE · BUILT IN THE NETHERLANDS · MMXXVI
ISSUE №01 · THE MARKETING ISSUE