Privacy Policy

Linee collects the following categories of information:

• Account info: email address, password hash (managed by Supabase Auth), display name, optional company name and profile photo.
• Operator scoring profile: machines placed, business goal, total budget, per-location cap, home-base ZIP, service radius, machine inventory — captured during onboarding.
• Platform activity: properties saved, pipeline status changes, outreach activity logs, comparison shortlist, search queries, and the auto-filter chips you dismiss.
• Billing: Stripe Customer ID and subscription tier. Linee never stores credit card numbers — those go directly to Stripe.
• Technical: server logs (IP address, user agent, request timestamps, path), error reports, and performance metrics.
• Analytics: if enabled, aggregate anonymized usage data via Plausible Analytics. Plausible is cookieless and does not track individuals across sites.

• Credit card numbers, bank accounts, or other payment instruments (Stripe handles all of this).
• Location data beyond the home-base ZIP you provide.
• Anything from a third-party social-login provider beyond the email address used to authenticate.
• Tracking pixels, advertising IDs, or cross-site tracking cookies.

• To operate the platform: deliver the map, the scoring engine, the comparison flow, outreach pipeline, billing, and customer support.
• To personalize: your scoring profile drives auto-filters, recommended setups, and personalized Linee Scores. We don't share this profile with other operators.
• To improve: aggregated, anonymized usage patterns help us decide what to build. Individual sessions are not used for product analytics beyond aggregate counts.
• To communicate: transactional emails (sign-up confirmation, password reset, billing receipts) and limited product announcements via email. You can opt out of announcements; transactional emails are required for service.

We do not sell, rent, or share your personal information with third parties for their independent marketing.

• Supabase — database, auth, file storage. Operates in US data centers.
• Stripe — payment processing.
• Vercel — application hosting.
• Google Maps Platform — map tiles, places autocomplete, Street View imagery. Their privacy terms apply to data they collect via map loads.
• Plausible Analytics (if enabled) — cookieless, privacy-respecting analytics. No personal data passed.
• Resend or Postmark (when wired up) — transactional email delivery.

Each of these services has its own privacy policy governing the data we entrust to it. We choose vendors that operate within US privacy laws and where reasonable, offer EU SCC protections.

Linee surfaces names, emails, and phone numbers of likely decision-makers at properties (sourced from Apollo, Hunter, and public records). This data is provided to operators for legitimate business outreach.

If you are a property owner or contact who appears on Linee and would like your information removed, email privacy@uselinee.com with your name and the property address. We will process removal within 30 days.

Subject to applicable law (CCPA in California, GDPR in EU), you have the right to:

• Access — request a copy of personal data we hold on you.
• Correct — request correction of inaccurate data.
• Delete — request deletion of your account and associated data.
• Export — receive a portable copy of your data.
• Restrict / object — limit how we process your data.

To exercise any of these, email privacy@uselinee.com. We respond within 30 days. California residents can also use their statutory CCPA rights without retaliation.

• Account data: retained while your account is active. Closed accounts are deleted within 30 days, except where retention is required by law or for fraud prevention.
• Billing records: retained for 7 years per US tax-record requirements.
• Server logs: 90 days, then aggregated or deleted.
• Anonymized analytics: indefinitely, but not linked back to your account.

We protect operator data via:

• HTTPS-only traffic in production.
• Supabase Row Level Security policies that prevent operators from reading each other's data.
• Service-role keys held in encrypted server-side environment variables.
• Stripe handles all card data — Linee never sees a PAN.

No system is perfectly secure. If we discover a breach of personal data, we'll notify affected operators within 72 hours per applicable disclosure laws.

Linee is not intended for anyone under 18. We don't knowingly collect data from minors. If we learn that we have, we'll delete it.

Linee infrastructure is hosted in the United States. By using the platform, EU and UK residents consent to the transfer of their personal data to the US under Standard Contractual Clauses with our vendors where applicable.

We may update this policy. Material changes are announced via email and an in-app notice at least 14 days before they take effect.

Questions, requests, or complaints? Email privacy@uselinee.com.