Privacy Policy
Sparkum ("we," "our," or "us") is owned and operated by ONYX Labs LLC, a company registered in the State of New York. This Privacy Policy explains how we collect, use, store, and disclose your information when you use our services.
If you use Sparkum in connection with YouTube services, the Google Privacy Policy also applies.
1. Information We Collect
Account Information
- Email address, name, and optional profile picture
- User preferences and UI settings
Team & Brand Information
- Team and brand names, metadata, and configurations
- User roles, permissions, and collaboration activity (audit logs)
Connected Social Accounts
- Social media handles and platform identifiers
- OAuth access tokens for posting, analytics, and engagement features
- Post data, scheduled content, and publishing history
Analytics & Performance Data
- Platform analytics and cached social media metrics
- Daily performance stats per post and per account
Bio Link Data
- Bio link page configurations, items, and themes
- Click and visit analytics for bio link pages
Technical & Diagnostic Information
- IP address, browser type, device type, and access times
- Bug reports submitted through the platform
- Usage tracking data for feature adoption and quota management
Waitlist Information
If you join a feature waitlist, we collect your email address solely to notify you when the feature becomes available.
Cookies & Local Storage
- Session cookies for login, authentication, and OTP verification
- Analytics cookies via Vercel Analytics
- Local storage for invite tokens, UI state, and session continuity
Payment Information
All payments are processed by Stripe. Sparkum does not store payment credentials. We store subscription status, plan tier, and billing cycle metadata only.
2. How We Use Your Information
We use your information to operate and improve Sparkum, including: account management, team and brand organization, social media scheduling and analytics, bio link functionality, performance monitoring, security and abuse prevention, bug resolution, waitlist management, support, and legal compliance.
We do not sell your personal information, and we do not use your content for marketing, model training, or resale.
3. How We Store and Secure Your Information
Data Storage
- Supabase — user accounts, teams, brands, posts, analytics, bio links, subscriptions, OTPs, usage tracking, and waitlist data
- Vercel — frontend hosting and access logging
- Stripe — billing and payment data (Sparkum stores no payment credentials)
Security Measures
- All data in transit is encrypted via HTTPS (TLS)
- Data at rest is encrypted in Supabase
- Authentication via OAuth, hashed tokens, and OTP verification
- Row-Level Security (RLS) enforced on all database tables
4. Data Retention
We store your data for the duration of your account. If you delete your account, data is retained for up to 30 days before permanent deletion, except where legally required (e.g., fraud prevention, tax records). Collaboration audit logs may be retained for a limited period for legal and operational purposes.
If you disconnect a social media account, non-cached data for that platform is deleted. Cached analytics data may persist temporarily.
If you delete your Sparkum account or revoke YouTube access, all YouTube-related data will be permanently deleted within 30 days. You can revoke access at any time via your Google Security Settings.
5. Your Rights and Choices
You can view and update your account details, connected platforms, and preferences at any time from your account settings. You may delete your account at any time — data is permanently removed after 30 days.
To request a copy of your data, data deletion, or removal from a waitlist, email sparkum.support@onyxlabs.tech. Requests are processed within 30 days.
You can disconnect social accounts at any time from your team settings. You may block or delete cookies via your browser settings, though this may affect login functionality.
6. Data Sharing and Third-Party Services
We do not sell or share your personal information with third parties for marketing or advertising. We share data only as necessary to operate Sparkum:
- Supabase — database storage for all platform data
- Vercel — frontend hosting and performance logging
- Stripe — payment processing
- Google / OAuth providers — secure login and account linking
- YouTube API Services — analytics retrieval and content publishing, subject to YouTube Terms of Service and Google Privacy Policy
We may disclose information if required by law, to prevent fraud or abuse, or to protect the rights and safety of Sparkum and its users.
If you are part of a team, authorized members may see your name, email, connected social accounts, and activity within that team. Your data is never shared across teams without your explicit participation.
7. International Data Transfers
Sparkum is based in the United States. Your data may be processed in the US and other countries where our service providers operate. By using Sparkum, you consent to these transfers. We ensure appropriate safeguards are in place including encryption and use of GDPR/CCPA-compliant services.
8. Changes to This Policy
We may update this Privacy Policy at any time. When we do, we will update the "Last Updated" date at the top of this page. Your continued use of Sparkum after changes constitutes acceptance of the revised policy.
9. Contact Us
ONYX Labs LLC
New York, USA
sparkum.support@onyxlabs.tech