Draft, not yet legal advice. This document is an early draft prepared for review with legal counsel before launch. Governing-law and jurisdiction-specific terms are placeholders pending that review.

Privacy Policy

Last updated: June 12, 2026

This Privacy Policy explains how Beily Inc.("Beily," "we," "us") collects, uses, shares, and protects information when you use the Beily website, apps, and services (the "Service"). We have tried to write it so it can be read, not just scrolled past, and so that every statement in it matches how the product actually works.

1. Who we are

Beily Inc. is the data controller for personal data processed under this policy. For any privacy matter, contact privacy@beily.io or write to Beily Inc., 2261 Market Street STE 65437, San Francisco, CA 94114.

2. Scope

This policy covers the Beily platform: the public website, the logged-in app, and our communications with you. It does not cover the social platforms where promoters post content (TikTok, Instagram, YouTube, and others); those are governed by their own privacy policies, nor the websites we link to.

3. Information we collect

Information you give us:

  • Account & profile. Email address, username, display name, bio, role (promoter, creator, or company), and the colors or imagery you choose for your profile.
  • Business details. For company accounts: the registered legal name you provide when upgrading or signing up.
  • Content. Posts, comments, polls, images you attach, campaign briefs, brand rules, and the clip URLs you submit to campaigns.
  • Support & reports. Support tickets (subject, category, message, and the email we reply to), and reports you file about content or accounts (reason and details).
  • Newsletter. Your email, if you subscribe.

Information generated by using the Service:

  • Financial records. An append-only ledger of your deposits, campaign holds, earnings, fees, refunds, and payouts: the system of record for money on Beily.
  • Campaign & clip performance. View counts (raw and verified), earnings per clip, verification statuses, flags, appeals, and decisions.
  • Social graph & engagement. Who you follow, likes, reposts, poll votes, post view counts, mentions, and the accounts you mute or block.
  • Notifications. A record of in-app notifications sent to you.
  • Device & log data. Basic technical data needed to run and secure the Service (such as IP-derived request logs kept by our hosting provider), plus the cookies and local storage described in our Cookie Policy.

Information from third parties:

  • Connected social accounts. When you connect TikTok, Instagram, or YouTube, we store the platform's account identifier, your handle, and the access tokens needed to read your public clips and their view counts on your behalf. We do not receive your social-account password.
  • Verification outcomes. Identity (KYC) and business (KYB) verification run through specialist providers. We store the outcome (your verification status) not your documents (see section 4).
  • Payment events. Our payment processor sends us confirmations of deposits and payouts so the ledger stays accurate.

4. What we deliberately do not collect

  • No identity documents. Passports, IDs, and company registry documents go directly to the verification provider; Beily stores only the resulting status (unverified, pending, or verified).
  • No card or bank numbers. Payment details are entered with, and held by, the payment processor. Our ledger references transactions, not instruments.
  • No advertising trackers. The Service contains no third-party advertising or cross-site tracking cookies.
  • No precise location. We do not request or store GPS-level location.

5. How we use information

  • To operate the marketplace: run campaigns, track submitted clips, verify views, and calculate earnings and billing.
  • To move money correctly: process deposits, secure campaign budgets, pay promoters, refund unspent budget, and keep the ledger auditable.
  • To keep the platform trustworthy: detect fraudulent or low-quality views, handle flags and appeals, act on reports, and enforce our Terms.
  • To communicate with you: account and transaction emails, support replies, and (only with your opt-in) marketing.
  • To secure and improve the Service, and to comply with legal obligations (including tax and accounting rules).

6. Legal bases (EEA/UK)

Where the GDPR or UK GDPR applies, we rely on:

  • Contract (Art. 6(1)(b)): operating your account, campaigns, clip verification, earnings, and payouts.
  • Legal obligation (Art. 6(1)(c)): financial record-keeping, tax, and responding to lawful requests.
  • Legitimate interests (Art. 6(1)(f)): securing the Service, preventing fraud and abuse, moderating reported content, and improving the product. We balance these interests against your rights, and you may object (section 11).
  • Consent (Art. 6(1)(a)): optional cookies, the newsletter, and marketing emails. Consent can be withdrawn at any time.

7. Automated decisions: the integrity engine

Beily's integrity engine automatically evaluates the views your clips receive and decides which are payable: today by checking that the clip is live and on your own account; at launch it will also exclude bot, incentivized, and low-retention views before anyone is billed or paid. Because this directly affects what promoters earn and what brands pay, we treat it with the safeguards automated decision-making deserves:

  • Counts are shown openly: you see raw versus verified views, not just a final number.
  • Flags always carry a written reason.
  • Every flag can be appealed in the app, and appeals are reviewed by a person (Beily Trust), not by the algorithm that made the call. Warnings pause while an appeal is open.

If you believe an automated decision is wrong, appeal it in the app or contact trust@beily.io.

8. How we share information

We share personal data only with:

  • Service providers (processors) who run parts of the Service under contracts limiting their use of the data: database, authentication and storage (Supabase); transactional email (Resend); payments and payouts (Stripe); identity and business verification (a specialist KYC/KYB provider); error monitoring; and hosting.
  • Social platforms, when you connect an account or submit a clip URL: we call their APIs with your tokens to read the public clips you submitted.
  • Other users, to the extent you choose: your profile, posts, campaigns you run, and (if you opt in) your promoter portfolio (verified clips and their view counts; earnings are never public).
  • Authorities or parties to a dispute, where the law requires it or where disclosure is necessary to enforce our Terms or protect rights and safety.
  • A successor entity, if Beily is involved in a merger, acquisition, or asset sale, with notice to you before your data becomes subject to a different policy.

We do not sell personal data, and we do not share it for cross-context behavioral advertising.

9. International transfers

We are based in the United States and our providers may process data there and elsewhere. Where data moves out of the EEA, UK, or Switzerland, we rely on adequacy decisions or Standard Contractual Clauses (and equivalent UK safeguards) with the receiving party.

10. Retention

  • Account, profile & content: kept while your account is active; deleted or anonymized after account deletion, except as below.
  • Financial ledger: kept for as long as accounting and tax law requires (typically up to 7 years), even after account deletion. Deletion also waits for open balances to settle: earnings still in the 7-day clearing window and unfinished campaigns must close first.
  • Flags, appeals & reports: kept for the duration of the dispute plus a limited period, so decisions remain reviewable.
  • Support correspondence: kept for up to 2 years after the ticket closes.
  • Backups: encrypted backups roll off on a fixed schedule after deletion from live systems.

11. Your rights (EEA/UK and similar laws)

You may, at any time:

  • Access the personal data we hold about you, and receive a portable copy of data you provided.
  • Correct inaccurate data: most profile data you can edit yourself in Account & Security.
  • Delete your data ("right to be forgotten"), subject to the retention rules in section 10.
  • Object to or restrict processing based on legitimate interests.
  • Withdraw consent for anything consent-based (cookies, newsletter, marketing) without affecting prior processing.

To exercise a right, email privacy@beily.io. We will verify the request (normally by confirming control of your account email) and respond within one month, extendable as the GDPR allows for complex requests. You also have the right to complain to your local supervisory authority; we would appreciate the chance to address your concern first.

12. US state privacy rights (California and others)

If you live in California or another US state with a comprehensive privacy law, you have rights to know what personal information we collect (sections 3–5 are the disclosure), to delete it, to correct it, and to opt out of sale or sharing. Beily does not sell personal information and does not share it for cross-context behavioral advertising; there is nothing to opt out of, and for the same reason there is no advertising response to Global Privacy Control signals; we do not use such trackers at all. We will never discriminate against you for exercising a privacy right. You may use an authorized agent; we will verify the request with you directly. Requests: privacy@beily.io.

13. Cookies & local storage

We use only strictly necessary and functional storage: a session cookie, your cookie-consent choice, and on-device app state. The full list, and how to change your choice, is in the Cookie Policy.

14. Security

We use technical and organizational measures appropriate to the data we hold: encryption in transit, scoped access for service providers, separation of money records into an append-only ledger, and the principle of not holding sensitive documents at all (section 4). No system is perfectly secure; if a breach affects your personal data, we will notify you and the relevant authorities as the law requires.

15. Children

The Service is for adults. You must be at least 18 (or the age of majority where you live) to create an account, and we do not knowingly collect data from anyone younger. If you believe a minor has an account, contact trust@beily.io.

16. Changes to this policy

We may update this policy as the Service evolves. The "Last updated" date above always reflects the current version, and we will notify you of material changes through the Service or by email before they take effect.

17. Contact

Beily Inc., 2261 Market Street STE 65437, San Francisco, CA 94114. Privacy requests: privacy@beily.io · everything else: help@beily.io.