undercue

Last updated · May 18, 2026

Privacy Policy

This Privacy Policy explains what data undercue collects, why we collect it, and how we keep it safe. We collect as little as possible. We don't sell your data. We don't run advertising. Plain and simple.

1. Information we collect

Account information

When you sign up, we ask for your company name, your name, your email address, and a password. We use these to authenticate you, send you transactional email (password resets, billing receipts, invoices), and identify your tenant data in our database.

Billing information

If you subscribe to a paid plan, you provide payment details directly to Stripe. We never see your card number — Stripe gives us a customer ID and a subscription ID. We store those. See Stripe's privacy policy.

Social-network credentials

When you connect a Facebook Page, Meta returns a long-lived Page access token. We store this token encrypted at rest using AES-256-GCM. The encryption key is held outside the database. Even with full database access, an attacker cannot read your tokens.

We use Page tokens only to publish posts you scheduled, fetch insights for posts you published, and validate that the connection is still healthy. Tokens are never logged in plaintext.

Content you create

The posts you schedule (text, image URLs, scheduled times) are stored in our database. They're deleted automatically when you delete the post, disconnect the linked Page, or delete your company.

Operational metadata

To run the service we capture: API request paths + status codes + durations (for performance monitoring), audit events (login, signup, billing changes), and IP addresses on session creation (for security auditing). These rotate out after 90 days.

2. What we don't collect

  • We don't run third-party analytics (Google Analytics, Pendo, FullStory, Mixpanel, etc.).
  • We don't use ad-tech cookies or tracking pixels.
  • We don't sell, rent, or share your data with marketing partners.
  • We don't read your post content for AI training — we don't train models.
  • We don't access your social accounts beyond publishing what you scheduled and reading insights for posts you published.

3. How we use your data

Only for the things you'd expect:

  • Authenticate you and keep your session valid.
  • Publish posts you scheduled, at the times you scheduled them.
  • Send you transactional email (welcome, password reset, scheduled-post failures, invoices).
  • Charge you according to your plan via Stripe.
  • Investigate security incidents and fix bugs.

4. Where data is stored

Your data is stored on our EC2 instance(s) in our chosen AWS region. The database is SQLite on encrypted EBS storage with hourly encrypted backups to S3 (optional, but on by default for hosted customers).

5. Sub-processors

We use these vendors to operate the service:

  • Amazon Web Services — hosting (EC2, S3).
  • Stripe — payment processing.
  • Your SMTP provider (you configure: SendGrid, Postmark, AWS SES, Resend, etc.) — transactional email.
  • Meta / Facebook — your scheduled posts go to their API.

That's it. We don't use a CDN that profiles users, an analytics suite that fingerprints them, or an A/B-testing service that hooks into the page.

6. Your rights (GDPR / CCPA / privacy laws)

You can, at any time:

  • Export your data — email hello@undercue.io, we send you everything within 14 days.
  • Delete your account and all associated data — the suite has a self-service flow, or email us.
  • Correct any inaccurate personal data — most fields are editable from /account.
  • Object to processing — cancel your subscription.

We process EU residents' data under the GDPR's contract legal basis (we need to process your data to provide the service you've subscribed to).

7. Cookies

We use exactly two cookies. Both are first-party and essential:

  • ss_session — your login session ID. HttpOnly, Secure, SameSite=Lax. Expires after 30 days of inactivity.
  • ss_workspace — the workspace you have open in the suite. Helps the right data load on each page.

No analytics cookies. No ad cookies. No third-party cookies.

8. Children

undercue is not for children under 16. We don't knowingly collect data from anyone under 16.

9. Security incidents

If we discover a breach that affects your personal data, we'll notify you within 72 hours of confirming the incident and tell you what was affected and what we're doing about it.

10. Changes to this policy

If we materially change this policy, we'll email all active users and post a banner in the app for 30 days. Minor wording / clarification edits are reflected in the "Last updated" date at the top.

11. Contact

Questions about your privacy? Email hello@undercue.io. We'll respond within 5 working days, usually within 1.