yala
privacy

the short version.

we hold three classes of data: your account data, your fans’ data, and analytics events. each one’s handled differently.

the technical version

the full breakdown lives in the help docs: privacy + DSAR. it’s the page we wrote when we built the GDPR endpoints. easier to keep in one place.

what we collect

  • your email + a hashed password (or google oauth identity).
  • the workspaces, links, destinations, and redirects you make.
  • fans who pre-save or capture their email — email + first name + IP/UA at consent time.
  • analytics events — hashed IP, user-agent, geo, referrer. the original IP never leaves the cloudflare worker.

what we don't collect

  • credit cards. stripe handles billing; we never see it.
  • the contents of your DMs, emails, messages anywhere.
  • your fans’ original IPs (we hash them at the edge).
  • data from third-party analytics tools you didn’t configure yourself.

who else processes it

cloudflare (edge + KV + custom-domain SSL), supabase (postgres + auth + storage), upstash QStash (event ingest queue), stripe (billing), resend (email), odesli (DSP aggregator). standard set; signed DPAs with each.

GDPR

Article 15 export and Article 17 erasure are real features, exposed both in the workspace admin and on the public API. see the help doc for the workflow.

contact

privacy questions: hi@yala.la. security disclosures: security@yala.la. we read every email.

this page is a plain-english summary, not a substitute for our full privacy policy — that’s a longer legal document we link to before any signup that actually involves your fans’ data.