Poster Armory

Privacy Policy

Last updated: March 18, 2026

Poster Armory ("we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains what information we collect, how we use it, and the choices you have regarding your data when you use our website and services at posterarmory.com ("the Service").

1. Information We Collect

1.1 Information You Provide

  • Account information: When you create an account, we collect your email address and, if you sign in via Google, your name and profile photo.
  • Poster configurations: The locations, text, themes, and design settings you choose when creating posters.
  • Payment information: When you subscribe, payment details (credit card number, billing address) are collected and processed directly by Stripe. We do not store your full payment details on our servers — we only receive a Stripe customer ID and subscription status.
  • Communications: If you contact us for support, we collect the information you provide in your message.

1.2 Information Collected Automatically

  • Usage data: We track the number of poster designs and downloads you generate each month for quota enforcement purposes.
  • Authentication cookies: We use cookies strictly for maintaining your login session. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
  • Server logs: Our hosting infrastructure may automatically collect standard log data such as your IP address, browser type, and request timestamps for security and operational purposes.

1.3 Information from Third Parties

  • Google OAuth: If you sign in with Google, we receive your email address, display name, and profile photo from Google. We do not access your Google contacts, files, or any other Google account data.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Process your poster designs and deliver downloadable files.
  • Manage your account, subscription, and billing.
  • Enforce usage limits and prevent abuse.
  • Respond to your support requests and communications.
  • Ensure the security and integrity of the Service (fraud prevention, rate limiting).

We do not use your information for advertising, behavioral profiling, or selling to third parties.

3. How We Share Your Information

We do not sell, rent, or trade your personal information. We share data only with the following service providers, strictly as necessary to operate the Service:

ProviderPurposeData Shared
SupabaseAuthentication, database, file storageAccount data, poster configs, generated files
StripePayment processingEmail, payment method, billing address
GoogleOAuth sign-in (optional)Authentication tokens only
OpenStreetMap / NominatimGeocoding (location search)Search queries (city names, addresses)

We may also disclose information if required by law, regulation, legal process, or governmental request, or to protect the rights, safety, or property of our users or the public.

4. Cookies

We use essential cookies only. These cookies are necessary to maintain your authenticated session and are set by our authentication provider (Supabase). They do not track your activity across other websites.

We do not use analytics cookies, advertising cookies, or any third-party tracking technologies.

5. Data Retention

  • Account data: Retained for the lifetime of your account. Deleted upon account deletion.
  • Poster designs and files: Stored as long as your account is active. Generated files are stored in secure cloud storage.
  • Usage records: Retained for billing and quota tracking purposes. Historical records may be kept for up to 12 months after account closure for accounting and legal compliance.
  • Payment records: Managed by Stripe in accordance with their retention policies and applicable financial regulations.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encrypted data transmission (HTTPS/TLS) for all connections.
  • Secure authentication with hashed passwords and OAuth tokens.
  • Row-level security policies on our database ensuring users can only access their own data.
  • Rate limiting to prevent abuse and unauthorized access attempts.
  • Payment data handled exclusively by PCI-DSS compliant Stripe infrastructure.

While we take reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data and account.
  • Portability: Request your data in a portable format.
  • Objection: Object to processing of your data in certain circumstances.

To exercise any of these rights, contact us at posterarmory@gmail.com. We will respond to your request within 30 days.

California Residents (CCPA)

If you are a California resident, you have the right to know what personal information we collect and how it is used, to request deletion of your personal information, and to opt out of the sale of your data. We do not sell personal information.

European Residents (GDPR)

If you are located in the European Economic Area (EEA), the legal basis for collecting and using your personal information is: (a) your consent when creating an account, (b) performance of a contract when providing the Service, and (c) our legitimate interests in operating and securing the Service.

8. Children's Privacy

The Service is not directed at children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete that information promptly.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. Our service providers (Supabase, Stripe) may store data in data centers located in the United States or other jurisdictions. By using the Service, you consent to the transfer of your data to these locations. We ensure that all transfers comply with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the "Last updated" date at the top of this page. We encourage you to review this page periodically for the latest information on our privacy practices.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

posterarmory@gmail.com

This Privacy Policy should be read alongside our Terms of Service.