Privacy Policy

Last updated: 23 August 2025

At Storylinr, we take your privacy seriously. This policy explains what data we collect, why we collect it, how we use it, and your rights under UK and EU data protection laws.

1. Who We Are

Storylinr is a software-as-a-service (SaaS) platform operated in the United Kingdom by Jay Shallcrass. If you have any privacy-related questions, you can contact us at:

📧 privacy@storylinr.io

🌍 https://storylinr.io

2. What Data We Collect

a. Account Information

  • Name and email address
  • Password or OAuth credentials (e.g. via LinkedIn or Google)

b. Usage Data

  • IP address and browser type
  • Pages visited, features used, session duration
  • Device identifiers

c. Stakeholder Data (User-Entered)

  • Names, job titles, motivations, goals, notes, and other personal details you manually enter about stakeholders
  • You are responsible for ensuring this content is lawfully entered under applicable data protection laws

d. Optional Third-Party Data (LinkedIn)

If you connect LinkedIn, we may access:

  • Your basic profile (name, title, profile image, LinkedIn URL)
  • Company metadata (industry, logo, size, description)

Access is granted via OAuth and is revocable at any time from your LinkedIn account settings

e. Optional AI-Powered Features

If you use features like “Generate Summary” or “3 Whys,” the input text is temporarily sent to a third-party AI provider (e.g. OpenAI) to generate results. AI use is entirely optional and triggered by your actions — we do not process or store this data beyond the generation step unless you explicitly save it.

3. How We Use Your Data

We use your data to:

  • Operate and improve the Storylinr platform
  • Personalise your experience
  • Generate outputs like influence maps, summaries, and slides
  • Provide in-app feedback and guidance (via Pendo)
  • Respond to support requests or legal requirements
  • Analyse usage patterns to improve the product

We do not sell or share your data with advertisers or data brokers.

4. Third-Party Services We Use

We use the following third-party tools to operate Storylinr:

ProviderPurpose
SupabaseAuthentication, database, and file storage
VercelHosting and performance optimisation
Zoho MailTransactional and system emails
OpenAIOptional AI summarisation and generation (only when triggered)
Google AnalyticsAnonymous usage tracking and analytics
LinkedInOAuth login and optional profile/company import
PendoProduct analytics, in-app feedback, session tracking, and engagement

All providers are GDPR-compliant or bound by equivalent legal safeguards.

5. Cookies

We use cookies for the following purposes:

  • Essential cookies – to manage login sessions and keep you authenticated
  • Analytics cookies – to understand how users interact with the platform
  • Engagement cookies (Pendo) – to track usage patterns and display in-app guides or surveys

You can manage cookie preferences through your browser settings. Blocking some cookies may affect app functionality.

See our Cookie Policy for more details.

6. Legal Basis for Processing (UK GDPR)

We process personal data on the following lawful bases:

  • Consent – when connecting LinkedIn or using AI features
  • Contract – to deliver the Storylinr platform to you
  • Legitimate interest – to improve product quality, maintain security, and support user engagement

7. International Data Transfers

Some of our data processors may store or access data outside the UK and EU (e.g. the United States). We rely on Standard Contractual Clauses (SCCs) or equivalent safeguards to ensure your data is protected to GDPR standards.

8. Your Rights

Under UK GDPR and the EU GDPR, you have the right to:

  • Access, correct, or delete your data
  • Export your data (data portability)
  • Revoke access to third-party integrations (e.g. LinkedIn)
  • Object to or restrict processing of your data

To exercise any of these rights, email privacy@storylinr.io.

9. Data Retention

  • Account and workspace data is retained while your account is active
  • You can delete your account at any time
  • AI-generated content is only retained if you explicitly save it
  • Analytics data may be retained in aggregate for performance insights

10. Security

We use encrypted connections, access controls, and secure cloud providers to protect your data. While no system is 100% secure, we follow industry best practices to reduce risk.

11. No Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

12. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email or in-app notice.

You can always find the latest version at: https://storylinr.io/privacy

13. Contact Us

For questions, data requests, or complaints, contact:

📧 privacy@storylinr.io

📍 Storylinr is operated in the United Kingdom