MyPublicist

Legal Information

Privacy Policy

Last Updated: May 2, 2026

1. Introduction

TEN ELEVEN TWELVE LLC ("we", "us", or "our") operates MyPublicist. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service.

2. Information We Collect

Account Information

When you create an account, we collect:

  • Name and email address
  • Password (encrypted and never stored in plain text)
  • Profile photo (optional)

Profile Data

To provide personalized recommendations, we collect:

  • Your areas of expertise and topics of interest
  • Professional background and credentials
  • Podcast preferences and target audience
  • Pitch content you create using the Service

Usage Data

We automatically collect:

  • How you interact with our AI assistant
  • Discovery searches and results
  • Email campaigns and engagement metrics
  • Feature usage and navigation patterns

Payment Information

Payment processing is handled by Stripe. We never store your full credit card details. We receive only:

  • Last 4 digits of your card
  • Card brand and expiration date
  • Billing address
  • Transaction history

Technical Data

  • IP address and approximate location
  • Browser type and version
  • Device information and operating system
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use your personal information to:

  • Provide and maintain the Service
  • Process payments and manage subscriptions
  • Generate AI-powered podcast recommendations and pitches
  • Send transactional emails (confirmations, updates, notifications)
  • Improve the Service through analytics and AI model training
  • Detect and prevent fraud and abuse
  • Comply with legal obligations
  • Communicate with you about the Service (with your consent)

4. Google API Services User Data

When you connect your Google account to send pitches via Gmail, we request the following Google API scopes:

  • gmail.send — to send pitch emails on your behalf from your connected Gmail account
  • userinfo.email — to identify which Google account is connected

What we DO with Gmail data:

  • Send pitch emails you compose within MyPublicist, on your behalf, to recipients you select
  • Store the message ID and sent timestamp in our database for tracking

What we DO NOT do with Gmail data:

  • We do NOT read, list, or access any messages in your inbox
  • We do NOT modify, label, or delete any messages
  • We do NOT use Gmail data to train AI/ML models
  • We do NOT sell, share, or transfer Gmail data to third parties
  • Only humans on our team may access this data for security incidents, to comply with legal requirements, or with your explicit consent

MyPublicist's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

5. Third-Party Services

We share your information with trusted third-party service providers:

  • Stripe - Payment processing (PCI DSS compliant)
  • Anthropic Claude - AI-powered assistance and content generation
  • Perplexity - Podcast discovery and search
  • Resend - Transactional email delivery
  • Railway - Cloud hosting infrastructure
  • MongoDB - Database storage and management
  • Google APIs - Gmail sending (only when you connect your Google account — see Section 4)

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

6. Data Security

We implement industry-standard security measures:

  • Encryption in transit (TLS/SSL) and at rest
  • Secure authentication with bcrypt password hashing
  • Regular security audits and vulnerability assessments
  • Access controls and audit logging (GDPR Article 32 compliant)
  • Data pseudonymization where applicable
  • OAuth tokens (including Google) encrypted at rest with AES-256-GCM

7. Data Retention

We retain your personal data for 120 days after your subscription ends. After this period, your data is permanently deleted unless:

  • We are legally required to retain it longer
  • It is necessary for fraud prevention or security
  • You have outstanding payment obligations

You can request immediate deletion of your data at any time by contacting us. You can also revoke Google access at any time at https://myaccount.google.com/permissions.

8. Your Privacy Rights

GDPR Rights (for EU users)

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing
  • Right to restrict processing

CCPA Rights (for California residents)

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your rights

9. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential functionality (authentication, security)
  • Performance monitoring and analytics (with consent)
  • Marketing and personalization (with consent)

You can manage cookie preferences through our Cookie Settings banner or your browser settings. See our Cookie Policy for details.

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses approved by the European Commission.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email at least 30 days before they take effect. Continued use of the Service after changes constitutes acceptance.

13. Contact Us

For privacy questions or to exercise your rights:

We will respond to all requests within 30 days.