Back to Idlewire

Privacy Policy

Last updated: January 29, 2026

Table of Contents

1. Introduction2. Information We Collect3. How We Use Your Information4. AI and Machine Learning5. Information Sharing6. Cookies & Tracking7. Data Retention8. Data Security9. Your Privacy Rights10. California Privacy Rights (CCPA)11. European Privacy Rights (GDPR)12. International Transfers13. Children's Privacy14. Policy Changes15. Contact Information

1. Introduction

Idlewire, Inc. ("Idlewire," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our publishing platform service (the "Platform").

This policy applies to all users of the Platform, including:

  • Creators: Users who create accounts to publish content, manage properties, and build audiences
  • Consumers: Readers who subscribe to creator newsletters, post comments, or interact with published content
  • Visitors: Anyone who browses publicly available content on the Platform

Please read this Privacy Policy carefully. By accessing or using the Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Platform.

2. Information We Collect

2.1 Account Information (Creators)

When you create a Creator account through our authentication provider (Clerk), we collect:

  • Email address
  • Name (first and last)
  • Profile picture (if provided)
  • Account creation and last login timestamps
  • Authentication tokens and session data

2.2 Consumer Information

When you subscribe to newsletters or post comments as a Consumer, we collect:

  • Email address
  • Name (if provided)
  • Subscription preferences
  • Comments and interactions with content
  • Email verification status

2.3 Content and Media

When Creators use our content creation features, we collect:

  • Articles, projects, and other written content
  • Images and videos you upload
  • Property/website settings, metadata, and customizations
  • Profile information for your public website (bio, social links)
  • Newsletter content and subscriber lists

2.4 Payment Information

For paid subscriptions and creator payouts, we collect limited payment data:

  • Billing name and email
  • Transaction history and subscription status
  • Stripe customer and subscription IDs (we do not store full credit card numbers)

Note: Full payment card details are processed and stored exclusively by our payment processor, Stripe. Please review Stripe's Privacy Policy for details on their data handling practices.

2.5 Usage and Analytics Data

To improve our Platform and provide analytics to Creators, we collect:

  • Page views and content engagement metrics
  • Scroll depth and time on page
  • Device information (browser type, operating system)
  • IP address and general geographic location
  • Referral sources and navigation patterns
  • Anonymous visitor identifiers (stored locally in your browser)

2.6 Affiliate Link Data

When Creators use affiliate link features (powered by Sovrn), we collect:

  • Click data on affiliate links
  • Conversion and earnings information
  • Affiliate network credentials (encrypted)

2.7 Support and Communications

When you contact us or submit support requests, we collect:

  • Support request content and category
  • Email correspondence
  • Feedback and survey responses

3. How We Use Your Information

We use the information we collect for the following purposes:

Platform Operations

  • Provide, maintain, and improve the Platform
  • Process account registrations and authentication
  • Host, display, and distribute your content
  • Process subscriptions and deliver newsletters
  • Process payments and creator payouts

Analytics and Insights

  • Provide Creators with audience analytics and engagement metrics
  • Analyze Platform usage to improve features and performance
  • Track affiliate link performance and earnings

Safety and Security

  • Moderate content using AI and human review
  • Detect and prevent fraud, abuse, and security threats
  • Enforce our Terms of Service and community guidelines

Communications

  • Send transactional emails (verification, password reset, notifications)
  • Deliver newsletters on behalf of Creators to subscribers
  • Respond to support requests and feedback

4. AI and Machine Learning Services

We use artificial intelligence and machine learning services powered by OpenAI as integral components of our Platform. By using AI-powered features, you consent to the processing described below.

4.1 AI Content Analysis (Voluntary)

  • Your article content may be processed by OpenAI's models for generating writing suggestions when you opt to use AI review features
  • Content is sent to OpenAI's servers for analysis and returned with improvement recommendations
  • OpenAI retains API data for up to 30 days for abuse monitoring, then deletes it; this data is not used to train models
  • This feature is voluntary - you can create and publish content without using AI analysis

4.2 Content Moderation (Automated)

  • User comments are automatically analyzed by AI to detect inappropriate, harmful, or policy-violating content
  • This automated moderation helps maintain community standards and platform safety
  • Flagged content may be reviewed by human moderators before publication
  • By posting comments, you consent to this automated safety screening

4.3 AI Image Generation (Voluntary)

  • Site names and descriptions may be processed to generate custom favicons and social media preview images
  • Generated images are created specifically for your use
  • This feature is voluntary - you can upload your own images instead

OpenAI Data Processing

When we send data to OpenAI, it is processed according to OpenAI's Privacy Policy and API Data Usage Policies. Under our API agreement, OpenAI does not use your data to train their models.

5. Information Sharing and Service Providers

We do not sell your personal information. We share information only as described below:

5.1 Service Providers

We work with trusted third-party service providers who process data on our behalf:

ProviderPurposeData Shared
ClerkAuthenticationEmail, name, profile picture
SupabaseDatabase & storageAll platform data
CloudflareMedia hosting (Images/Stream)Uploaded images and videos
OpenAIAI featuresContent for analysis, generation prompts
StripePayment processingBilling info, transaction data
VercelHosting infrastructureServer logs, request data
SovrnAffiliate link managementClick data, conversions

5.2 Creator-Subscriber Data Relationship

When you subscribe to a Creator's newsletter or post comments on their content, the Creator can view your email address and name. For subscriber data, the Creator acts as the Data Controller and Idlewire acts as the Data Processor.

This means:

  • Creators determine why and how your subscriber data is processed, and are responsible for ensuring they have a lawful basis to send you communications
  • Idlewire processes subscriber data on behalf of Creators according to their instructions and as necessary to provide the Platform services
  • For data subject requests (access, deletion, correction) related to a specific Creator's newsletter, you should contact the Creator directly
  • To unsubscribe from a Creator's newsletter, use the unsubscribe link in any email from that Creator

Creators are bound by our Terms of Service to handle subscriber data responsibly, comply with applicable privacy laws, and respect your communication preferences.

5.3 Imported Subscriber Data

Creators may import existing subscriber lists from other platforms (such as Substack, Ghost, Mailchimp, or Beehiiv). When your data is imported:

  • The Creator is responsible for ensuring they have lawful authority to transfer your data
  • Your original consent to receive communications from the Creator remains the lawful basis for processing
  • You may unsubscribe at any time using the unsubscribe link in any email
  • Idlewire processes imported data under the same security and privacy protections as all subscriber data

5.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas), or to protect our rights, privacy, safety, or property.

5.5 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Platform of any change in ownership.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to provide functionality, analyze usage, and deliver a better experience. When you first visit our Platform, you will be asked to consent to our use of non-essential cookies.

6.1 Types of Cookies We Use

Strictly Necessary Cookies (Always Active)

These cookies are essential for the Platform to function and cannot be disabled.

  • • Authentication session cookies (Clerk)
  • • Payment processing cookies (Stripe)
  • • Cookie consent preferences

Analytics Cookies (Requires Consent)

These help us understand how visitors interact with the Platform.

  • • Anonymous visitor identifier (localStorage)
  • • Page view and engagement tracking
  • • Scroll depth and time on page metrics

Affiliate/Marketing Cookies (Requires Consent)

These support affiliate link tracking and attribution.

  • • Sovrn affiliate tracking cookies
  • • Click attribution data

Third-Party Embed Cookies (Requires Consent)

When Creators embed third-party content, those services may set their own cookies.

  • • YouTube, Vimeo video embeds
  • • TikTok, Twitch embeds
  • • Other embedded media players

6.2 Managing Your Cookie Preferences

You can manage your cookie preferences at any time by clicking "Cookie Preferences" in the footer of our website. You can also control cookies through your browser settings, though this may affect Platform functionality.

7. Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy:

  • Account data: Retained while your account is active, deleted within 30 days of account deletion
  • Content: Retained while your account is active; published content may be archived per our Terms
  • Subscription data: Retained while subscription is active, deleted upon unsubscription
  • Analytics data: Aggregated and anonymized data may be retained indefinitely
  • Payment records: Retained for 7 years for tax and legal compliance
  • Support requests: Retained for 3 years after resolution
  • Backups: Deleted within 90 days of the source data deletion

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Row-level security (RLS) policies in our database
  • Regular security audits and monitoring
  • Access controls and authentication requirements
  • Secure credential storage and encryption for sensitive data

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. If you have reason to believe your interaction with us is no longer secure, please contact us immediately.

9. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request that we correct inaccurate or incomplete information
  • Deletion: Request that we delete your personal information
  • Portability: Request a copy of your data in a portable format
  • Opt-out: Unsubscribe from marketing communications at any time
  • Withdraw consent: Withdraw consent for optional processing (e.g., cookies, AI features)

To exercise these rights, please contact us at privacy@idlewire.io. We will respond within 30 days.

10. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

We Do Not Sell Your Personal Information

Idlewire does not sell, rent, or trade your personal information to third parties for monetary or other valuable consideration.

Your CCPA Rights:

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we collect
  • Right to Delete: Request deletion of your personal information
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise your rights, email privacy@idlewire.io with "CCPA Request" in the subject line.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing

We process your personal data based on:

  • Contract: To provide services you have requested
  • Consent: For optional features like analytics cookies and AI processing
  • Legitimate Interest: For security, fraud prevention, and platform improvement
  • Legal Obligation: To comply with applicable laws

Your GDPR Rights

  • Right of access, rectification, and erasure
  • Right to restrict or object to processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your local supervisory authority

For EU/UK privacy matters, contact our Data Protection Officer at dpo@idlewire.io.

12. International Data Transfers

Idlewire is based in the United States. If you access our Platform from outside the U.S., your information will be transferred to, stored, and processed in the United States and other countries where our service providers operate.

For transfers from the EEA/UK, we rely on:

  • Standard Contractual Clauses approved by the European Commission
  • Service providers with appropriate data protection certifications
  • Your explicit consent where applicable

13. Children's Privacy

Our Platform is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@idlewire.io.

For users in the EEA/UK, we apply the applicable age of digital consent in your country (typically 13-16 years old). Users below this age require parental consent.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page with an updated "Last updated" date
  • Sending an email notification to registered users for significant changes
  • Displaying a prominent notice on the Platform

Your continued use of the Platform after changes become effective constitutes acceptance of the revised policy.

15. Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, contact us:

Privacy Inquiries

Email: privacy@idlewire.io

Data Protection Officer (EU/UK)

Email: dpo@idlewire.io

Mailing Address

Idlewire, Inc.
Attn: Privacy
1001 Bannock Street #1010
Denver, Colorado 80204
United States

We will respond to privacy requests within 30 days of receipt, or within the timeframe required by applicable law.

This Privacy Policy is effective as of January 29, 2026 and replaces any prior privacy policies.