Privacy Policy

Last updated: January 30, 2026

RentMyHeader Inc. ("RentMyHeader," "we," "us," or "our") operates the RentMyHeader platform, a marketplace connecting content creators with brands and organizations for advertising placements. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Email address, username, password (stored in hashed form), and display name.
  • Creator Profile Information: Bio, pricing rates, availability settings, timezone preferences, and service offerings.
  • Organization Information: Organization name, logo, budget preferences, and categories of interest.
  • Payment Information: We do not store credit card details directly. All payment processing is handled by Stripe, Inc. We store Stripe customer IDs and transaction references.
  • Booking and Campaign Details: Booking notes, requirements, decline reasons, cancellation reasons, and proof of deliverables.
  • Messages and Support: Messages exchanged through the platform, support requests, and feedback submissions.
  • Uploaded Content: Files and assets you upload, such as images, banners, and attachments.
  • Scheduling Information: If you choose to book a call, details you submit through our scheduling provider.

1.2 Information Collected Automatically

  • Device and Usage Information: IP address, browser type, operating system, and user agent when you access our services.
  • Session Data: Authentication tokens and session identifiers to maintain your logged-in state.
  • Analytics Events: Page views, referrers, aggregated usage data, and performance metrics collected through our analytics providers.
  • Security and Audit Logs: Timestamps, IP addresses, and user agent details associated with security events and admin actions.

1.3 Information from Third Parties

When you connect your Twitter/X account, we collect publicly available profile information including:

  • Twitter ID, username, display name, and bio
  • Profile image and banner image URLs
  • Follower count, following count, tweet count, and listed count
  • Account verification status
  • Location (if publicly displayed)
  • Account creation date

This data is used to verify your identity, display your profile to potential advertisers, and calculate appropriate pricing recommendations. We periodically refresh this data to keep your profile current.

We also receive payment and payout status information from Stripe to process bookings and creator payouts.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Operate real-time messaging and notifications
  • Process transactions and send related information
  • Verify your identity and prevent fraud
  • Match creators with relevant brand opportunities
  • Send transactional emails (booking confirmations, payment notifications, verification emails)
  • Send marketing emails and product updates (you can opt out at any time)
  • Analyze usage trends and improve site performance
  • Respond to your comments, questions, and support requests
  • Comply with legal obligations

3. Information Sharing and Disclosure

3.1 With Other Users

Creator profiles (including Twitter analytics, pricing, and availability) are visible to registered organizations seeking advertising placements. Organization profiles may be visible to creators reviewing booking requests.

3.2 With Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Stripe, Inc.: Payment processing, creator payouts, and financial compliance. Stripe receives transaction amounts, customer emails, and booking metadata.
  • Resend: Transactional and marketing email delivery. Resend receives email addresses and message content for verification emails, booking notifications, platform communications, and marketing emails.
  • Cloudflare (R2 Storage): File storage for uploaded assets, campaign materials, and proof of deliverables.
  • Neon: Database hosting and storage of application data.
  • Upstash: Realtime messaging infrastructure and rate limiting for chat and notifications.
  • Vercel: Hosting and infrastructure for our web application.
  • Vercel Web Analytics: Privacy-focused analytics that do not use cookies. Learn more at vercel.com/docs/analytics.
  • Databuddy: Privacy-first analytics that do not use cookies and anonymize data. Learn more at databuddy.cc/privacy and databuddy.cc/data-policy.
  • Cal.com: Scheduling provider used for optional strategy calls. Cal.com receives the details you submit when booking.

3.3 Analytics and Privacy Controls

We use Vercel Web Analytics and Databuddy to understand how visitors use our site and to improve performance. These services are designed to be privacy-first and do not rely on cookies. Data is collected in an aggregated and anonymized manner and is not used to identify you across different websites.

3.4 Cookies and Similar Technologies

We use essential cookies and similar technologies to keep you signed in, maintain security, and remember basic preferences. We do not use cookies for advertising or cross-site tracking. You can control cookies through your browser settings, but some features may not function properly if cookies are disabled.

3.5 Twitter/X API

We access Twitter's API to retrieve and refresh your public profile information. We do not post content on your behalf or access your direct messages. Your Twitter access credentials are used solely to authenticate your identity and retrieve public analytics.

3.6 Legal Requirements

We may disclose your information if required by law, subpoena, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We retain transaction records for a minimum of seven (7) years to comply with financial reporting and tax obligations. You may request deletion of your account and personal data, subject to our legal retention requirements.

Realtime message history used for delivery and notifications is stored for up to 24 hours. Audit logs related to administrative actions may be retained for security and compliance purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit (TLS/SSL)
  • Secure password hashing
  • Regular security assessments
  • Access controls and authentication requirements

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

6. Your Rights and Choices

6.1 Access and Portability

You may request a copy of the personal information we hold about you by contacting us at privacy@rentmyheader.com.

6.2 Correction

You may update your account information at any time through your dashboard settings.

6.3 Deletion

You may request deletion of your account and personal data. Note that we may retain certain information as required by law or for legitimate business purposes (such as transaction records for tax compliance).

You can delete your account from your account settings or by contacting us at privacy@rentmyheader.com.

6.4 Opt-Out

You may disconnect your Twitter account at any time. You may also opt out of non-essential communications by using the unsubscribe link in marketing emails or by contacting us.

6.5 Do Not Track and Global Privacy Control

Some browsers offer Do Not Track (DNT) and Global Privacy Control (GPC) signals. Where supported by our analytics providers, these signals may limit analytics collection. You can also use browser settings or content blockers to restrict analytics scripts.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws different from your country. By using our services, you consent to the transfer of your information to these countries.

8. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt out of the sale of your personal information (we do not sell personal information)
  • Non-discrimination for exercising your privacy rights

To exercise these rights, contact us at privacy@rentmyheader.com.

9. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have additional rights including:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

Our legal basis for processing your personal data includes: performance of a contract with you, our legitimate business interests, compliance with legal obligations, and your consent where applicable.

10. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at: