Unlistd

LEGAL

Privacy Policy

Last updated: March 30, 2026

1. Introduction

Unlistd (“we,” “our,” or “us”) is operated by Unlistd Inc. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our data removal service at unlistd.com (the “Service”).

We built Unlistd to protect your privacy. This policy reflects that commitment by being transparent about our own data practices.

2. Information We Collect

2.1 Information You Provide

  • Account information: email address and password when you create an account.
  • Personal information for removal: full name, addresses, phone numbers, date of birth, and other identifying information you choose to submit for data broker scanning and removal.
  • Payment information: processed securely by Stripe. We do not store credit card numbers on our servers.

2.2 Information Collected Automatically

  • Usage data: pages visited, features used, scan and removal activity.
  • Device information: browser type, operating system, and IP address.
  • Cookies: essential cookies for authentication and session management only. We do not use advertising or tracking cookies.

3. How We Use Your Information

We use your information solely for the following purposes:

  • Scanning data broker sites to find listings matching your identity.
  • Submitting opt-out and removal requests on your behalf.
  • Monitoring for re-listings and sending you notifications.
  • Generating removal reports and exposure scores.
  • Communicating with you about your account and the Service.
  • Improving and maintaining the Service.

We do not sell, rent, or share your personal information with third parties for marketing purposes. Ever.

4. Data Security

All personal information submitted for removal is encrypted using AES-256-GCM at the application layer before being stored in our database. Encryption keys are derived per-user, ensuring that even in the event of a database breach, your data remains unreadable.

Additional security measures include:

  • TLS encryption for all data in transit.
  • Row-level security on all database tables.
  • Secret management through Supabase Vault.
  • Regular third-party security audits.
  • SOC 2 Type II certification in progress.

5. Data Retention

We retain your personal information for as long as your account is active. If you cancel your subscription:

  • Your account enters a 30-day read-only period for data export.
  • After 30 days, all personal information is permanently deleted.
  • Only anonymized, aggregated statistics are retained for service improvement.

6. Third-Party Services

We use the following third-party services:

  • Stripe: for payment processing.
  • Supabase: for database hosting, authentication, and file storage.
  • Vercel: for web application hosting.
  • Resend: for transactional email delivery.

Each third-party provider is bound by their own privacy policies and our data processing agreements.

7. Your Rights

You have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Delete your account and all associated personal data.
  • Export your data in a machine-readable format.
  • Opt out of non-essential communications.

To exercise any of these rights, contact us at privacy@unlistd.com.

8. Children’s Privacy

Unlistd is not directed to children under 13. We do not knowingly collect personal information from children under 13. The family plan is intended for parents or guardians to manage removal of their minor children’s data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Continued use of the Service after changes constitutes acceptance.

10. Contact Us

If you have questions about this Privacy Policy, contact us at: