Privacy Policy

Last updated: May 17, 2026

Who we are

creds.wtf (operated by CWBY) is a link-in-bio platform with a built-in CRM, verified stats, and a reputation system. This policy explains what we collect, why, and what control you have.

Data we collect

• Account data: email, username, display name, password hash (via Supabase Auth).
• Profile content: bio, avatar, cover, links, appearance settings you publish.
• Visitor data: anonymous view counts, clicks, plus name/email/phone if a visitor endorses, messages, or unlocks a gated link.
• Connected platforms: when you connect a social account, we store the OAuth tokens (encrypted) and pull follower counts.
• Payments: handled by Stripe. We never see your card. We store subscription status and customer ID only.

How we use it

To run the product: render your profile, deliver messages, calculate your Cred Score, send transactional emails (welcome, endorsement received, message received, link unlock claimed), and process payments.

We do not sell your data. We do not use your profile or visitor data for advertising.

Cookies

Strictly necessary cookies for auth (session token) and a small client-side preference store. No third-party tracking cookies on the public profile.

Sharing

We share data with subprocessors required to run the service: Supabase (database, auth), Stripe (payments), Cloudflare (hosting, email), and the OAuth provider you connect. No other third parties.

Your rights

Export your CRM contacts to CSV any time. Delete your account from Settings → Danger zone, this anonymizes your profile and signs you out. Email hello@creds.wtf for a full data export or erasure request.

Contact

hello@creds.wtf