Legal

Privacy Policy

Effective[EFFECTIVE_DATE]Last updated[EFFECTIVE_DATE]

This Privacy Policy explains how [LEGAL_ENTITY] (“Biou”, “we”, “us”) collects, uses, and shares information when you use [BIOU_DOMAIN] and related services (the “Service”). By using the Service, you agree to the practices described here. If you do not agree, do not use the Service. This Policy distinguishes two situations: when you use Biou as a creator or buyer, Biou is the controller of your data; when you merely visit someone’s public bio page, the creator who owns that page is the controller and Biou acts only as their processor (see Section 4).

1. Who We Are

[LEGAL_ENTITY] operates Biou, a link-in-bio service that lets creators publish a single landing page, sell digital products, and view privacy-first audience and revenue analytics. For account, purchase, and billing data, the data controller responsible for your information is [LEGAL_ENTITY], based in [JURISDICTION]. Reach us at [PRIVACY_EMAIL]. Our EU/UK representative or Data Protection Officer, where one is appointed, is [EU_UK_REPRESENTATIVE].

2. Information We Collect

2.1 Information you provide (creators)

Account information — email, a hashed password (we never store the plaintext password), and, if you sign in with Google, the profile information in Section 2.4.
Profile content — your bio, links, page title, theme settings, and any other content you publish on your bio page. Anything you put on a bio page is, by design, public.
Product information — title, description, price, cover image, and the delivery asset (download file, external URL, unlock text, or booking URL) for items you sell.
Payment account information — when you connect Stripe to receive payouts, Stripe collects your tax ID, bank details, and government-issued ID directly. Biou receives only a limited reference (your Stripe Connect account ID and onboarding / payout status). We do not store your bank account or ID documents.
Communications — emails or messages you send us, including support requests.

2.2 Information you provide (buyers of a creator’s product)

Buyer email — when you purchase a digital product, we collect the email you enter at checkout so the creator can deliver the product and so we can send your receipt and download link.
Payment details — entered directly into Stripe Checkout. Biou never sees or stores your card number; we receive only the transaction outcome (amount, status, and Stripe’s transaction reference).

2.3 Information we collect automatically — visitor analytics (cookieless)

When someone views a public bio page or clicks a tracked link, we record privacy-first analytics built on the cookieless model used by privacy-focused analytics tools (e.g., Plausible / Fathom):

No cookies. We do not set any cookie, advertising pixel, or persistent client-side identifier for analytics.
No raw IP storage. Your IP address is used transiently, in memory, at the moment of the request to derive a token, and is then discarded. We never write your raw IP to our database.
No cross-day or cross-site tracking. The unique-visitor count is derived from a salted, one-way hash that mixes in the current date, so the same visitor produces a different, non-reversible token each day. The token cannot be used to recognize you tomorrow, on another creator’s page, or anywhere else.
Session scope. A single per-session identifier may be stored in your browser’s sessionStorage to avoid double-counting within one visit. It is cleared when you close the tab and is not a cookie.

The analytics events we record are:

Page views — device type, referrer, coarse country / city, and UTM parameters present in the URL.
Link clicks — the above, plus browser and operating-system family, and the daily-rotating non-reversible visitor token described above.

Coarse location only. Country and (where available) city are read from a coarse geolocation header injected by our edge network based on the visitor’s IP. This is approximate, region-level information used for audience analytics — it is not precise GPS geolocation and is not used to identify any individual.

2.4 Information from third parties

Google sign-in — if you choose “Sign in with Google”, Google shares your Google account email, name, and profile picture with us, per the scope you approve.
Stripe — for sellers and buyers, Stripe shares payment status, transaction amounts, payout status, and refund / dispute events related to products you sell or buy.

3. How We Use Your Information

We use your information to:

Provide, maintain, and improve the Service (bio pages, dashboard, analytics, and payouts).
Process payments and route each seller’s share to their Stripe Connect account.
Deliver purchased products and send transactional emails (receipts, download links, email verification, password reset, and payout notifications) through our email-delivery provider.
Produce the privacy-first audience and revenue analytics that creators see in their dashboard.
Detect, prevent, and respond to fraud, abuse, and security incidents.
Comply with legal obligations and enforce our Terms, Acceptable Use Policy, Creator Agreement, and Refund Policy.

We do not sell your personal information, we do not “share” it for cross-context behavioral advertising, and we do not use your data — or your audience’s data — to train any third-party AI model.

4. Roles: When Biou Is a Controller vs. a Processor

Account, billing, and purchase data — Biou is the controller. We decide why and how this data is processed, and this Privacy Policy governs it.
Public-bio-page audience analytics — the creator who owns the page is the controller, and Biou is their processor. We process visitor analytics on the creator’s behalf and under their instructions, as set out in our Data Processing Agreement. If you are a visitor and want to exercise rights over a specific page’s analytics, your request is properly directed to that page’s creator; we will assist them as their processor. Because the analytics are cookieless and contain no raw IP or persistent identifier, in most cases the data is not reasonably linkable to you as an individual.

5. Legal Bases (EEA / UK / Switzerland)

If you are in the EEA, UK, or Switzerland, we rely on the following legal bases under the GDPR / UK GDPR for the processing for which Biou is the controller:

Contract — to provide the Service you signed up for, deliver products you buy, and process payments.
Legitimate interests — to keep the Service secure, prevent fraud, and improve product quality, balanced against your rights. Our cookieless analytics are designed so this balance favors privacy: no cookie, no persistent identifier, no raw IP.
Consent — where we specifically ask for it.
Legal obligation — tax, accounting, anti-money-laundering, and lawful-request requirements.

For visitor analytics on a creator’s public page, the creator (as controller) is responsible for identifying the legal basis for processing their audience’s data; Biou processes it under their instructions per the Data Processing Agreement.

6. How We Share Your Information

We share information only with the following categories of recipients:

Recipient	Purpose	Data shared
Stripe	Payment processing and Connect payouts	Seller / buyer email, transaction amount, Connect account ID, payout / refund status
Google (sign-in)	OAuth login when you choose Google sign-in	OAuth scope you approve (profile, email)
Email-delivery provider	Send verification, receipt, download-link, and password-reset emails	Recipient email and the message contents
Cloud hosting, database, and storage provider	Hosting, database, file storage, content delivery, custom domains, and DNS	Service data and uploaded files
Error-monitoring provider	Detect and diagnose bugs and security issues	Diagnostic data such as stack traces, request path, and account identifier

Each processor is contractually bound to use your data only to provide its service to us, subject to confidentiality and security obligations. We may change providers from time to time without amending this Policy as long as the categories of recipients and the safeguards remain substantially the same.

We may also disclose information:

To comply with a valid legal request (subpoena, court order, or government investigation).
To enforce our agreements or protect the rights, property, or safety of Biou, our users, or others.
In connection with a merger, acquisition, financing, or sale of all or part of our business — in which case you will be notified.

7. International Data Transfers

Our processors operate primarily in the United States and the European Union. By using the Service, you understand your data may be transferred to, stored in, and processed in jurisdictions other than your own. Where required for transfers out of the EEA, UK, or Switzerland, we rely on the EU Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable) or another lawful transfer mechanism, together with supplementary safeguards as appropriate.

8. Cookies & Tracking

Strictly necessary — when you are signed in, a session / authentication token is stored in your browser so the dashboard works. This cannot be disabled for authenticated features.
Public bio pages — no analytics cookies. Viewing a creator’s public bio page sets no cookie and no persistent tracker. Analytics use the cookieless, daily-rotating, non-reversible model described in Section 2.3. A short-lived sessionStorage value may be used purely to avoid double-counting within a single visit and is cleared when you close the tab.

We do not serve targeted advertising and do not integrate third-party advertising or cross-site analytics SDKs (such as Google Analytics or a social-media tracking pixel).

9. Data Retention

Account & profile content — retained for as long as your account exists. When you delete your account, your account data and bio-page content are deleted, except records we are legally required to keep.
Transaction records — retained for at least [TAX_RETENTION_YEARS] years to meet tax, accounting, and anti-fraud obligations, even after account deletion.
Visitor analytics — retained for as long as the associated bio page and creator account exist. Because the analytics are cookieless, contain no raw IP, and use a daily, non-reversible visitor token, they are not designed to be linked back to an identifiable individual over time. When a creator deletes a bio page or their account, the associated analytics are deleted with it (subject to legally required records). A creator can also request deletion of analytics for a page at any time, and an individual may exercise the erasure right in Section 10.
Email-delivery and error-monitoring logs — retained only as long as needed for deliverability, security, and debugging, then removed.

10. Your Rights

EEA / UK / Switzerland (GDPR)

Access, rectification, erasure, restriction, portability, and objection.
Withdraw consent at any time, without affecting processing already carried out.
Lodge a complaint with your local supervisory authority.

Right to erasure (Art. 17). You can ask us to delete personal data we hold about you as a controller. For analytics held on a creator’s behalf (where Biou is processor), we will pass your request to, and assist, the relevant creator-controller; we also provide creators tools to delete page analytics directly.

California (CCPA / CPRA)

Know what personal information we collect, use, and disclose, and the purposes.
Delete your personal information.
Correct inaccurate personal information.
Opt out of the “sale” or “sharing” of personal information — we do not sell personal information and do not share it for cross-context behavioral advertising.
Limit use of sensitive personal information — we do not use personal information for the purposes that trigger this right.
Non-discrimination for exercising your rights.

All users

Export your data (your bio page, products, and orders) in a portable format.
Close your account at any time from Settings.

To exercise any of these rights, contact [PRIVACY_EMAIL]. We will respond within the timeframe required by applicable law (generally within 30 days under GDPR and 45 days under CCPA, extendable as the law permits). We may need to verify your identity before acting on your request. You may use an authorized agent where the law allows.

11. Children’s Privacy

The Service is not directed to anyone under [MIN_AGE], and we do not knowingly collect personal information from anyone under that age. If you believe a child has provided us with personal information, contact [PRIVACY_EMAIL] and we will delete it.

12. Security

All traffic is encrypted in transit using HTTPS.
Passwords are stored using a strong, industry-standard one-way hashing algorithm — never in plaintext.
Session tokens have limited lifetimes.
Visitor analytics are engineered to minimize personal data at the source: no raw IP is stored, and visitor tokens are salted, one-way, and rotate daily.
Payment data is handled directly by our PCI-compliant payment processor; we never store full card numbers.
Database access is restricted to the application, and we review access and dependencies periodically.

No system is 100% secure. If you suspect unauthorized access to your account, contact [PRIVACY_EMAIL] immediately.

13. Third-Party Links

Bio pages and products may link to third-party websites. We are not responsible for the privacy practices of those sites. Review their privacy policies before sharing information.

14. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email (to the address on file) or by a notice on the Service at least 14 days before the changes take effect. Continued use of the Service after the effective date means you accept the updated Policy.

15. Contact

Privacy: [PRIVACY_EMAIL]
General: [CONTACT_EMAIL]
Legal entity: [LEGAL_ENTITY]
Jurisdiction: [JURISDICTION]
EU / UK representative or DPO (if any): [EU_UK_REPRESENTATIVE]

This Privacy Policy is provided in English. Translations are for convenience only; the English version governs in case of conflict.