PricingAPI DocsLoginGet Started

Privacy Policy

Last updated: November 18, 2025

1. Introduction

Mouthfully ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our referral tracking platform.

2. Information We Collect

We collect the following types of information:

2.1 Account Information

  • Email address
  • Company name
  • Password (hashed and encrypted)
  • Billing information (for paid plans)

2.2 Tracking Data

Through our JavaScript tracking widget, we collect:

  • Visitor IDs (stored in localStorage with expiration)
  • Session IDs
  • Page views and navigation data
  • Referral code clicks and interactions
  • Referrer information
  • User agent and browser information
  • Conversion events (purchases, signups, etc.)

2.3 Customer Data

When you use our service to track referrals, we collect data about your customers:

  • Email addresses (when customers enroll in referral programs)
  • Referral codes
  • Referral activity and statistics
  • Conversion data (order IDs, purchase values)

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain our referral tracking service
  • Track and analyze referral performance
  • Send automated emails to your customers (invitation emails, reward notifications, voucher codes)
  • Process payments and manage subscriptions
  • Send service-related communications
  • Improve our service and develop new features
  • Comply with legal obligations

4. Data Storage and Security

Your data is stored securely using:

  • Supabase: Our primary database provider for storing all account, customer, and tracking data. Supabase uses industry-standard encryption and security measures.
  • LocalStorage: Visitor IDs and referral codes are stored in your visitors' browsers using localStorage with configurable expiration periods.

We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet is 100% secure.

5. Email Delivery Service

We use Resend as our email delivery service provider to send emails to your customers on your behalf. When we send emails:

  • Email content is processed by Resend's servers
  • Customer email addresses are shared with Resend for delivery purposes
  • Resend may collect delivery and open rate data
  • Resend's privacy practices are governed by their own privacy policy

You are responsible for ensuring you have proper consent from your customers to send these emails and that your email content complies with applicable email marketing laws.

6. Cookies and LocalStorage

Our tracking widget uses:

  • LocalStorage: To store visitor IDs and referral codes with expiration dates. This allows us to track visitors across sessions while respecting privacy preferences.
  • Session tracking: To identify and track user sessions for referral attribution.

You can control localStorage usage through your browser settings, though this may affect the functionality of our tracking service.

7. Data Sharing

We share data in the following circumstances:

  • With your company: All customer and tracking data collected through your account is accessible to you through our dashboard.
  • With service providers: We share data with third-party service providers (Supabase for data storage, Resend for email delivery) who help us operate our service.
  • Legal requirements: We may disclose data if required by law or to protect our rights and safety.
  • Business transfers: In the event of a merger, acquisition, or sale, your data may be transferred to the new entity.

We do not sell your personal information to third parties.

8. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request access to your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to processing of your data
  • Withdrawal of consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at support@mouthfully.com

9. Third-Party Services

We use the following third-party services:

These services have their own privacy policies, and we encourage you to review them.

10. Data Retention

We retain your data for as long as:

  • Your account is active
  • Necessary to provide our services
  • Required by law or to resolve disputes

When you delete your account, we will delete or anonymize your data within 30 days, unless we are required to retain it for legal purposes.

11. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our service after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@mouthfully.com