Legal

Privacy Policy

We built UGCSignal to give brands and agencies clear insight into their creator programs. This policy explains what data we collect, how we use it, and the controls you have over it.

Effective: April 12, 2026Last updated: April 12, 2026

Contents

  1. 1. Who We Are
  2. 2. Information We Collect
  3. 3. How We Use Your Information
  4. 4. How We Share Information
  5. 5. Data Retention
  6. 6. Security
  7. 7. Your Rights
  8. 8. Cookies & Tracking
  9. 9. Third-Party Services
  10. 10. Children's Privacy
  11. 11. Changes to This Policy
  12. 12. Contact Us

1. Who We Are

UGCSignal (“we”, “us”, or “our”) operates the UGCSignal platform, accessible at ugcsignal.com and app.ugcsignal.com. We are the data controller for personal information processed under this policy.

For questions about this policy or your personal data, contact us at privacy@ugcsignal.com.

2. Information We Collect

Information you provide

  • Account registration: name, email address, company name, and password.
  • Billing information: payment card details processed by our payment provider; we never store raw card numbers.
  • Brand and campaign data: creator handles, campaign briefs, performance targets, and any other content you upload.
  • Communications: messages sent to our support team or via in-app chat.

Information collected automatically

  • Usage data: pages visited, features used, clicks, and session duration.
  • Device and browser: IP address, browser type, operating system, and device identifiers.
  • Log data: server logs including timestamps, referring URLs, and error reports.
  • Cookies and similar technologies: see Section 8 for details.

Creator data we process on your behalf

When you add creators to a campaign, we fetch publicly available social media metrics (follower counts, engagement rates, post performance) via authorised platform APIs. This data is processed as a service to you; you remain responsible for ensuring you have an appropriate basis to analyse creator data in your jurisdiction.

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the UGCSignal platform.
  • Process payments and manage your subscription.
  • Send transactional emails (account confirmations, invoices, security alerts).
  • Send product updates and marketing communications — you can opt out at any time.
  • Respond to support requests and diagnose technical issues.
  • Analyse aggregate usage patterns to guide product development.
  • Comply with legal obligations and enforce our Terms of Service.

We do not sell your personal information or use it to serve third-party advertising.

4. How We Share Information

We share your information only in these limited circumstances:

  • Service providers: companies that help us operate the platform (cloud hosting, payment processing, email delivery, analytics). They may only use your data to provide services to us.
  • Business transfers: if UGCSignal is acquired or merges with another company, your information may be transferred as part of that transaction.
  • Legal requirements: when we believe disclosure is required by law, regulation, or valid legal process.
  • Protection of rights: to prevent fraud, enforce our agreements, or protect the safety of our users.

We do not share your information with third parties for their own marketing purposes.

5. Data Retention

We retain your account data for as long as your account is active or as needed to provide services. If you close your account, we will delete or anonymise your personal data within 90 days, except where we are required to retain it for legal or financial compliance purposes (typically up to 7 years for billing records).

Creator analytics data tied to your campaigns is retained for the life of your account and deleted with it. Aggregate, anonymised analytics may be retained indefinitely for product improvement.

6. Security

We implement industry-standard safeguards including encryption in transit (TLS 1.2+), encryption at rest, access controls, and regular security reviews. Authentication is handled via Supabase Auth with session tokens that expire on inactivity.

No system is perfectly secure. If you believe your account has been compromised, contact us immediately at privacy@ugcsignal.com.

7. Your Rights

Depending on your location, you may have rights including:

  • Access: request a copy of the personal data we hold about you.
  • Correction: ask us to correct inaccurate or incomplete data.
  • Deletion: request erasure of your personal data (subject to legal retention obligations).
  • Portability: receive your data in a structured, machine-readable format.
  • Objection / restriction: object to or restrict certain processing activities.
  • Withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, email privacy@ugcsignal.com. We will respond within 30 days. We may need to verify your identity before fulfilling requests.

If you are located in the European Economic Area or the United Kingdom, you also have the right to lodge a complaint with your local supervisory authority.

8. Cookies & Tracking

We use the following categories of cookies:

CategoryPurposeCan you opt out?
EssentialAuthentication, security, and session management.No — required for the service to function.
FunctionalRemember your preferences (e.g. collapsed sidebar, selected brand).Yes — via browser settings.
AnalyticsUnderstand how features are used to improve the product.Yes — contact us or use browser opt-out.

Most browsers allow you to control cookies through their settings. Disabling essential cookies will prevent you from logging in.

9. Third-Party Services

The platform integrates with third-party services whose own privacy policies apply to data they process:

  • Supabase — authentication and session management.
  • Stripe — payment processing (we never receive or store full card numbers).
  • Social media platforms (Meta, TikTok, YouTube, etc.) — public creator metrics fetched via official APIs.

We are not responsible for the privacy practices of third-party services. We encourage you to review their policies.

10. Children's Privacy

UGCSignal is intended for use by businesses and is not directed at children under 16. We do not knowingly collect personal information from anyone under 16. If you believe a minor has provided us with personal data, contact us and we will delete it promptly.

11. Changes to This Policy

We may update this policy periodically. When we make material changes, we will notify you by email and display a prominent notice in the platform at least 14 days before the changes take effect. The “Last updated” date at the top of this page always reflects the most recent revision.

Continued use of UGCSignal after a policy update constitutes acceptance of the revised terms.

12. Contact Us

Questions, concerns, or requests regarding this policy or your personal data:

UGCSignal

Email: privacy@ugcsignal.com

General enquiries: hello@ugcsignal.com