Privacy Policy

Last updated: February 24, 2026

1. Introduction

Postworthy is operated by Archetype Media Inc. ("we," "us," or "our"). This Privacy Policy explains what information we collect, how we use it, and your choices regarding your data when you use the Postworthy platform.

By using Postworthy, you agree to the collection and use of information as described in this policy.

2. Information We Collect

Account Information

Email address (provided during registration or via Google sign-in)
Name (from your Google profile when using Google Sign-In)
Authentication credentials (managed by our authentication provider; passwords are hashed and never stored in plaintext)

Google Account Data

When you sign in with Google, we receive your email address and basic profile information
We use Google OAuth solely for authentication purposes
We do not access your Google contacts, Google Drive, Gmail, or any other Google service data

LinkedIn

Postworthy generates content for you to share on LinkedIn
We do not connect to your LinkedIn account or store any LinkedIn credentials
Sharing is done via LinkedIn's share dialog — you review and post content yourself

Client Profile Data

Professional background, expertise areas, content preferences, and voice/tone guidelines you provide
This data is used to generate personalized LinkedIn content

Generated Content

AI-generated LinkedIn posts created by the platform
Editing history and publication status of posts
Pipeline session data (processing metadata)

Automatically Collected Information

Standard web server logs (IP address, browser type, access times)
Cookies used for session management and authentication

3. How We Use Your Information

Authenticate your identity and manage your account
Generate personalized LinkedIn content using AI
Research relevant industry news and supporting material
Prepare content for you to share on LinkedIn
Send email notifications about your content pipeline
Improve the quality of generated content

4. Third-Party Services

We share data with the following service providers as necessary to operate the platform:

Supabase — authentication and database hosting
Google Gemini — AI content generation (receives your profile context and article content to generate posts)
Tavily — web search for research material (receives search queries related to your content topics)
Event Registry — news article discovery (receives industry-specific search queries)
Resend — transactional email delivery
Vercel — application hosting
LinkedIn — content sharing (via LinkedIn's share dialog when you choose to post)

We do not sell, rent, or trade your personal information to third parties.

5. Data Storage and Security

Data is stored on Supabase Cloud (Postgres database with row-level security)
Application hosted on Vercel with HTTPS encryption in transit
We do not store any LinkedIn credentials or access tokens
Access to administrative functions is restricted to authorized personnel

6. Data Retention

Account data is retained as long as your account is active
Generated posts and session history are retained for your reference
You may request deletion of your account and associated data by contacting us

7. Your Rights

You have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your account and data
Withdraw consent for data processing

8. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.

9. Children's Privacy

Postworthy is not intended for users under 18. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or in-app notice.

11. Contact

Archetype Media Inc.
editor@postworthy.ink