PlaceMint← back

Privacy Policy

Last updated: May 18, 2026

PlaceMint ("we," "our," or "us") is operated by No Labels Necessary LLC. This Privacy Policy explains what information we collect when you use placemint.us (the "Service"), how we use it, and the choices you have.

1. Information we collect

We collect only the information needed to provide the Service:

  • Account info: email address, password (hashed), and — if you sign in with Google — basic profile information returned by Google (name, profile picture, Google ID).
  • Artist profile: artist name, monthly listener count, genres, similar artists, release details, format preferences, and project themes you enter during onboarding.
  • Usage data: platforms you save, skip, or flag; campaign status; budget allocations; outreach notes you write.
  • Payment data: handled entirely by Stripe — we never see your card number. Stripe sends us a confirmation event so we can grant access.

2. How we use it

  • To match you with the most relevant platforms based on your sound, stage, and goals.
  • To remember your progress so you can resume where you left off.
  • To process subscription payments and grant access to paid features.
  • To communicate with you about your account, the Service, and (with your consent) product updates.
  • To improve the matching algorithm in aggregate — we do not sell or rent your data.

3. Third parties

We use the following processors to operate the Service. Each handles data under its own privacy terms:

  • Supabase — authentication and database hosting.
  • Vercel — application hosting and analytics.
  • Stripe — payment processing.
  • Google — OAuth sign-in (only if you choose "Continue with Google").
  • OpenAI — generates embeddings of your project description to power semantic matching. Project text is sent to OpenAI; we do not include your email or name.
  • Meta (Instagram Graph API) — used to fetch public metrics for platforms in our directory. We do not access your personal social accounts.
  • Resend — transactional email delivery.

4. Cookies and session storage

We use first-party cookies to keep you signed in. We do not use third-party advertising cookies or behavioral tracking. Closing the browser or signing out ends your session.

5. Data retention

We retain your account data as long as your account is active. If you delete your account, we remove your personal information from our active databases within 30 days. Aggregated, non-identifiable analytics may be retained for product improvement.

6. Your rights

You can request access, correction, or deletion of your personal data at any time by emailing the address below. If you're in the EU, UK, or California, you have additional rights under GDPR / CCPA — same email works.

7. Security

Data is transmitted over HTTPS. Passwords are hashed by Supabase Auth using industry-standard algorithms. Service-role keys are never exposed to the browser. We follow OWASP best practices for input validation, rate limiting, and row-level security on every database table.

8. Children

The Service is not directed at anyone under 16. We do not knowingly collect data from minors.

9. Changes

If we make material changes to this policy, we'll post the updated version here and update the "Last updated" date at the top.

10. Contact

Questions, requests, or concerns: nolabelsnecessaryadmin@gmail.com