Privacy Policy

The Local Send, LLC (“we,” “us,” or “our”) operates The Local Send platform (the “Platform”). This Privacy Policy describes the types of information we collect from users of our Platform, how we use and protect that information, and your rights regarding your personal data.

By using the Platform, you consent to the collection and use of your information as described in this policy. If you do not agree, please do not use the Platform.

Account Information

When you create an account, we collect your email address, password (stored in hashed form — we never store plaintext passwords), name, city, and bio. If you sign in with Google OAuth, we receive your email address and basic profile information from Google.

Social Media Data

Creators provide their Instagram, TikTok, and/or YouTube handles during the application process. We may retrieve publicly available information from these profiles — including follower counts, engagement rates, and recent post data — using third-party services to verify profile accuracy and calculate content analytics. If you connect your Instagram account via OAuth, we access your profile data and recent media through the Instagram API.

Restaurant Business Information

Restaurant users provide their business name, address, cuisine type, and logo during signup.

Payment Information

Payment processing is handled entirely by Stripe, our PCI-compliant payment processor. We store your Stripe customer ID and subscription ID to manage your account, but we never receive, process, or store your credit card number or full payment details.

Automatically Collected Information

• Analytics — we use Vercel Analytics to collect anonymized page view and performance data. This service is cookieless and does not track individual users.
• Error monitoring — we use Sentry to capture error and crash data to improve platform stability. This may include your email address and request data associated with the error.

Location Data

We collect city-level location data entered by Creators during the application process via Google Maps autocomplete. We do not collect GPS data or track your physical location.

We use the information we collect to:

• Operate your account — authenticate your identity, manage your profile, and provide access to Platform features.
• Match Creators with restaurants — display Creator profiles to restaurants and restaurant offers to Creators.
• Track collaboration analytics — measure content engagement, calculate estimated media value, and generate performance reports.
• Communicate with you — send transactional emails (booking confirmations, deadline reminders, content verification), marketing emails (waitlist updates, new offers), and account notifications.
• Process payments — manage restaurant subscriptions and UGC licensing transactions through Stripe.
• Improve the Platform — analyze usage patterns, diagnose technical issues, and develop new features.
• Monitor errors — identify and fix bugs and performance issues.

Service Providers

We share information with third-party service providers who help us operate the Platform. These providers are contractually obligated to use your data only to provide services to us:

• Supabase — authentication and database hosting.
• Stripe — payment processing.
• Resend — transactional and marketing email delivery.
• Sentry — error tracking and performance monitoring.
• Vercel — website hosting and analytics.
• Google — OAuth authentication and Maps autocomplete.

Other Users

Creator profiles (including name, bio, social handles, follower counts, and content samples) are visible to restaurant users when reviewing applications. Restaurant profiles (including business name, cuisine type, and offer details) are visible to Creators when browsing offers.

Legal Requirements

We may disclose your information if required to do so by law, or if we believe in good faith that disclosure is necessary to comply with a legal obligation, protect our rights or safety, or investigate potential violations of our Terms of Service.

• Active accounts — your data is retained for as long as your account is active.
• Deleted accounts — when you request account deletion, we remove your personal data within 90 days. Some data may be retained longer if required for legal compliance, dispute resolution, or fraud prevention.
• Email subscribers — email subscription data is retained until you unsubscribe. You can unsubscribe at any time using the link in any of our emails.

You have the following rights regarding your personal information:

• Access — request a copy of the personal data we hold about you.
• Deletion — request that we delete your account and personal data.
• Correction — update inaccurate information through your account settings or by contacting us.
• Email opt-out — unsubscribe from marketing emails at any time using the unsubscribe link in our emails. Transactional emails (booking confirmations, deadline reminders) cannot be opted out of while your account is active.

California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know — you may request details about the categories of personal information we collect and how it is used.
• Right to delete — you may request deletion of your personal information, subject to certain exceptions.
• Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights.

To exercise any of these rights, contact us at support@thelocalsend.com.

We take reasonable measures to protect your personal information from unauthorized access, use, or disclosure:

• Encryption in transit — all data transmitted between your browser and our servers is encrypted using HTTPS/TLS.
• Authentication security — user authentication is managed by Supabase with secure session management, password hashing, and support for OAuth 2.0.
• Payment security — all payment processing is handled by Stripe, which is PCI DSS Level 1 certified — the highest level of payment security certification.

While we strive to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

The Platform may contain links to third-party websites and services, including Instagram, TikTok, YouTube, and Stripe. We are not responsible for the privacy practices of these external services. We encourage you to review the privacy policies of any third-party services you interact with.

The Platform is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at support@thelocalsend.com.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email at least 30 days before the changes take effect. Your continued use of the Platform after the effective date constitutes acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy or our data practices, contact us at support@thelocalsend.com.