← Back to Home

Privacy Policy

Effective date: February 25, 2026

This Privacy Policy explains how Polsia collects, uses, stores, and shares personal information when you use our website, product, and related services.

1. Information We Collect

  • Account information: email, name, profile fields, timezone, and authentication metadata.
  • Usage information: product actions, task history, logs, and performance/diagnostic events.
  • Communication data: support messages, inbound/outbound emails, and related metadata.
  • Integration data: tokens and metadata for connected third-party services you authorize.
  • Device/network data: IP address, user agent, and session/cookie identifiers.
  • Marketing identifiers: Meta Pixel identifiers such as _fbp and _fbc.
  • Advertising data: campaign performance metrics, ad creative metadata, targeting parameters, and conversion events (including hashed email and user ID) sent to advertising platforms via server-side APIs.
  • Billing data: saved payment method identifiers (stored by Stripe; we do not store full card numbers), transaction records, ad spend charges, and Stripe Connect account identifiers for withdrawals.
  • Customer payment data: transaction records, subscription status, and chargeback/dispute metadata for payments your customers make through the Service (processed by Stripe).
  • Infrastructure credentials: database connection strings, API tokens, and deployment configuration for provisioned cloud resources, stored encrypted (AES-256-GCM).
  • AI generation data: prompts, generated media (video, image, audio), and associated metadata.
  • Browser session data: URLs visited, page content, screenshots, and form interaction data from automated browser sessions operated by agents on your behalf.

2. How We Use Information

  • Provide and secure the service, including authentication and account management.
  • Execute autonomous and user-triggered workflows using your settings and connected tools.
  • Create, manage, and optimize advertising campaigns on your behalf, including transmitting conversion events to advertising platforms for campaign optimization.
  • Send outbound communications on your behalf or at your direction.
  • Provision and manage cloud infrastructure resources, including storing and using credentials for infrastructure services.
  • Generate AI content (text, video, image, audio) using third-party AI model providers.
  • Operate automated browser sessions on your behalf.
  • Process billing, subscriptions, customer payments, and payment operations including daily ad spend charges and withdrawal payouts via Stripe Connect.
  • Display company activity on public dashboards and subdomain landing pages where public visibility is enabled.
  • Monitor quality, prevent abuse, investigate incidents, and improve reliability.
  • Send service notices and product communications.
  • Measure marketing performance and attribution.

3. Why We Process Data

We process personal data where needed to perform our contract with you (service delivery, ad campaign management, infrastructure provisioning, and support), comply with legal obligations, pursue legitimate business interests such as security, fraud prevention, and product improvement, and operate marketing analytics and attribution.

4. How We Share Information

We share data with service providers that help us operate the product (for example, hosting, payments, email delivery, analytics, and error monitoring). We may also disclose data when required by law, to enforce terms, or to protect rights and safety.

Specific data sharing includes:

  • Advertising platforms (Meta). When you enable advertising features, we share hashed personal identifiers, conversion events, and browser pixel identifiers with Meta via the Conversions API for ad optimization and attribution.
  • AI model providers (Anthropic, OpenAI, Google). Prompts, tool context, and associated metadata are shared with AI model providers to execute agent tasks and generate content.
  • Infrastructure providers (GitHub, Render, Neon). Project configuration is shared to create and manage cloud resources provisioned on your behalf.
  • Email delivery (Postmark). Outbound email content and recipient addresses are shared for email delivery.
  • Email verification (Hunter.io). Email addresses are shared for deliverability verification.
  • Browser automation (Browserbase). URLs and interaction instructions are shared to operate automated browser sessions.
  • Public dashboards. If your company's public visibility is enabled (the default), certain business activity data is publicly accessible on your company dashboard and subdomain.

5. Cookies and Tracking

We use cookies and similar technologies for session security, product functionality, and marketing attribution. Details are in the "Cookies and Tracking" section of our Terms of Service.

6. Data Retention

We keep account and operational records for as long as needed to provide the service. If you delete your account, we currently apply a soft-delete period of up to 30 days before permanent deletion, unless longer retention is required by law.

7. Security

We use technical and organizational safeguards designed to protect personal data, including OAuth tokens and service credentials encrypted using AES-256-GCM, payment processing handled entirely by Stripe, and server-side conversion events sent to Meta using SHA-256 hashing. No method of storage or transmission is perfectly secure, so absolute security is not guaranteed.

8. Your Choices and Rights

  • Access and update profile information in-product where available.
  • Request account deletion from your settings page or by contacting us.
  • Disable advertising features and associated data sharing at any time in your account settings.
  • Request deletion of provisioned cloud resources.
  • Unsubscribe from non-essential marketing emails using unsubscribe links.
  • Manage browser cookie settings and tracking preferences.

To make a privacy request, contact privacy@polsia.com from the email associated with your account.

9. US State Privacy Rights

If you are a resident of a US state with applicable privacy legislation, you may have additional rights including the right to access, correct, or delete your personal information. We do not sell personal information. To exercise your rights, contact privacy@polsia.com.

10. International Data Transfers

Polsia and its providers may process data in countries outside your residence. We use contractual and operational safeguards designed to protect transferred personal data.

11. Children

Polsia is not intended for individuals under 18, and we do not knowingly collect data from children.

12. Changes to This Policy

We may update this Privacy Policy. The effective date above indicates the current version. Continued use of the service after updates means the updated policy applies.

13. Contact

Privacy inquiries: privacy@polsia.com
General support: contact@polsia.com
Policy version: 2026-02-25

About Terms Privacy Contact: contact@polsia.com