Privacy Policy

1. Information We Collect

When you use SoloProof, we collect the following information:

• X (Twitter) Profile Data: Your public name, handle (@username), profile picture URL, and follower count. This data is accessed via X OAuth 2.0 with read-only permissions.
• Stripe Revenue Data: If you connect Stripe, we access your monthly revenue data in read-only mode via Stripe Connect. We do not access customer personal information, payment methods, or bank details.
• Account Data: We store a unique identifier, your connected platform IDs, and profile preferences (e.g., public/private visibility, niche category).

2. How We Use Your Information

We use the collected data to:

• Display your verified SoloProof profile with audience and revenue metrics
• Calculate your AR (Audience-to-Revenue) Ratio
• Generate leaderboards and niche benchmarks (for public profiles only)
• Create shareable cards and OG images for social sharing
• Improve the Service and provide aggregated, anonymized industry benchmarks

3. Data from X (Twitter)

We access your X/Twitter data exclusively through the official X API with OAuth 2.0 authentication. We only request read permissions. We do not:

• Post tweets or threads on your behalf
• Send direct messages
• Follow or unfollow accounts
• Access your private/protected tweets
• Access your email address via X
• Sell or share your X data with third parties

You can revoke SoloProof's access at any time by going to X Settings → Security and account access → Apps and sessions → Connected apps and removing SoloProof.

4. Data from Stripe

When you connect your Stripe account, we use Stripe Connect OAuth with read-only scope. We only access charge and balance data to compute your MRR. We do not access customer names, emails, addresses, payment methods, or bank account details. You can disconnect Stripe at any time from your dashboard.

5. Data Storage and Security

Your data is stored securely in a PostgreSQL database hosted on Neon (AWS US East). All connections use SSL/TLS encryption. We do not store X or Stripe access tokens beyond what is necessary for the Service to function. API keys and secrets are stored as encrypted environment variables and are never exposed in client-side code.

6. Data Sharing

We do not sell, rent, or trade your personal data. We may share aggregated, anonymized benchmark data (e.g., “average MRR for SaaS creators with 5k–10k followers”) that cannot be traced back to individual users. Public profile data (name, handle, MRR, followers, AR ratio) is visible on the Service if you choose to make your profile public.

7. Cookies and Analytics

We use Vercel Analytics for anonymous, privacy-friendly usage analytics. We do not use third-party tracking cookies, advertising pixels, or fingerprinting techniques. Essential cookies may be used for authentication sessions.

8. Your Rights

You have the right to:

• Access the data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Revoke third-party platform access (X, Stripe) at any time
• Make your profile private or public at any time

To exercise any of these rights, contact us at max@soloproof.com.

9. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days. Aggregated, anonymized benchmark data may be retained indefinitely.

10. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect data from minors.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the date at the top of this page. Continued use of the Service after changes constitutes acceptance.

12. Contact

For questions about this Privacy Policy, contact us at max@soloproof.com.