Studio doesn't sell your data. We don't share it. Here's exactly what we collect, why we collect it, and the controls you have over it.
What we collect
- Account info: name, email, timezone — to log you in.
- LinkedIn profile (with OAuth): your recent posts, headline, and follower count — to infer brand voice. Stored encrypted; we never re-share.
- Workspace content: brands, posts, ideas, engagement targets — owned by you, scoped by
workspace_id, never visible cross-tenant. - AI generations: prompts and outputs, logged to your workspace for credit accounting and audit.
- Your AI key: the provider key you bring is stored encrypted in your workspace and used only to run your own generations. Never shared across workspaces.
- Usage analytics: page visits and feature usage. Aggregated, never sold.
- Billing: processed by our payment provider — we don't store card numbers.
What we don't collect
- Your LinkedIn DMs or messages
- Your private network connections (unless you explicitly add a target)
- Anything outside Studio
Where it lives
Cloudflare D1 (SQLite-compatible) for primary data, Cloudflare R2 for assets. Both are scoped per workspace. Backups are encrypted at rest. The specific edge region depends on your location.
Multi-tenancy
Every row in our database carries a workspace_id. Every query filters by it. We have automated tests that verify cross-tenant queries return zero rows. This is the core data isolation guarantee.
Bring your own key
When you generate content, Studio sends your prompt to the AI provider you configured, using your stored key. That request is also subject to your provider's privacy terms. We never use your key for anyone else's workspace, and you can rotate or remove it anytime in Settings.
Your rights
- Export: full workspace export via API, anytime.
- Delete: hard-delete a workspace via Settings → Account. 30-day soft-delete window first.
- Correct: edit anything via the UI or API.
- Object: opt out of analytics in Settings → Notifications.
Third parties we use
- Payment provider — billing
- Your chosen AI provider — LLM generation (OpenRouter, Gemini, Groq, or DeepSeek, per your key)
- Email provider — transactional and lifecycle email
- Product analytics — aggregated usage
- Error monitoring — crash and error tracking
Cookies
We use cookies for session, brand selection, and onboarding state. Functional only; no advertising trackers.
Contact
Privacy questions: privacy@studioapp.io. Data deletion request: same address with subject "DELETE".