Privacy Policy

Last updated: January 2026

At Credibly, we take your privacy seriously. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our testimonial management platform at getcredibly.org (the "Service").

By using Credibly, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

Your name and email address
Profile information you choose to provide
Authentication credentials managed by our authentication provider

1.2 Testimonial Data

When you use our Service to collect and manage testimonials, we store:

Testimonial content (text, ratings, customer names)
Contact information of testimonial providers (email addresses)
Campaign and collection settings you configure
Widget configurations and customizations
Files and images you upload

1.3 Usage Analytics

We automatically collect information about how you use the Service:

Page views and feature usage
Widget impressions, interactions, and conversions
Device information (browser type, operating system)
IP addresses and general location data
Session duration and navigation patterns

1.4 Communication Data

We retain records of emails sent through our platform for campaign management and delivery verification purposes.

2. How We Use Your Information

We use your information to:

Provide the Service: Store, analyze, and display testimonials according to your preferences
AI-Powered Analysis: Process testimonial content using artificial intelligence to generate insights, sentiment analysis, and conversion predictions
Send Email Campaigns: Deliver testimonial request emails to your customers on your behalf
Improve Our Platform: Analyze usage patterns to enhance features and user experience
Provide Support: Respond to your questions and technical issues
Security and Fraud Prevention: Protect against unauthorized access and abuse
Legal Compliance: Meet regulatory requirements and enforce our terms

3. Third-Party Services We Use

To provide our Service, we work with the following trusted third-party providers. Each has their own privacy policies governing their use of your information:

3.1 Clerk (Authentication)

Purpose: User authentication and account management

Data shared: Email address, name, profile information

Privacy Policy: clerk.com/legal/privacy

3.2 Supabase (Database & Storage)

Purpose: Data storage and database hosting

Data shared: All testimonials, campaigns, user data, and uploaded files

Privacy Policy: supabase.com/privacy

3.3 Google Gemini AI (AI Analysis)

Purpose: Artificial intelligence analysis of testimonial content

Data shared: Testimonial text content (excluding personal identifiers when possible)

Privacy Policy: policies.google.com/privacy

3.4 PostHog (Analytics)

Purpose: Product analytics, feature usage tracking, and A/B testing

Data shared: Page views, feature interactions, session data, device information

Privacy Policy: posthog.com/privacy

3.5 Resend (Email Delivery)

Purpose: Sending testimonial request emails on your behalf

Data shared: Recipient email addresses, email content, sender information

Privacy Policy: resend.com/legal/privacy-policy

3.6 Vercel (Hosting)

Purpose: Website and application hosting

Data shared: Server logs, request data, performance metrics

Privacy Policy: vercel.com/legal/privacy-policy

3.7 Stripe (Payment Processing)

Purpose: Subscription billing and payment processing

Data shared: Payment information, billing details, transaction history

Note: We do not store credit card numbers. All payment data is processed securely by Stripe.

Privacy Policy: stripe.com/privacy

4. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

Service Providers: With the third-party services listed above that help us operate our platform
Public Display: Testimonials you choose to display publicly via widgets are visible to anyone who views your website
Legal Requirements: When required by law, court order, or to protect our rights and safety
Business Transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)
With Your Consent: When you explicitly authorize us to share specific information

5. Data Retention and Deletion

We retain your information for as long as your account is active or as needed to provide you services. Specifically:

Account Data: Retained while your account is active and for 30 days after deletion
Testimonials: Retained until you delete them or close your account
Analytics Data: Aggregated analytics may be retained indefinitely for business insights
Email Logs: Delivery records retained for 90 days for troubleshooting purposes

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are legally required to retain it.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

Authentication: Keep you logged into your account (via Clerk)
Analytics: Understand how you use our platform (via PostHog)
Preferences: Remember your settings and customizations
Widget Tracking: Measure widget impressions and conversions on your website

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Service.

7. Data Security

We implement industry-standard security measures to protect your information:

Encryption of data in transit using HTTPS/TLS
Encryption of sensitive data at rest
Regular security audits and updates
Secure authentication via trusted providers
Access controls and audit logs

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

8. Your Rights and Choices

You have the following rights regarding your personal information:

Access: Request a copy of the personal information we hold about you
Correction: Update or correct inaccurate information in your account settings
Deletion: Request deletion of your account and associated data
Export: Download your testimonial data in a portable format
Opt-Out: Unsubscribe from marketing emails (service emails may still be sent)
Object: Object to certain processing activities

To exercise these rights, please contact us at support@getcredibly.org.

9. International Data Transfers

Our Service is hosted in the United States. If you access our Service from outside the United States, your information will be transferred to, stored, and processed in the United States. By using our Service, you consent to this transfer and acknowledge that data protection laws may differ from those in your country.

10. Children's Privacy

Our Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately and we will delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: support@getcredibly.org

Website: getcredibly.org

This Privacy Policy is effective as of January 2026.

Return to Home