Privacy Policy
Last updated: July 2026 · ReferTree is built privacy-first.
What we collect
- Account data: your email address, username, display name and bio when you create an account.
- Referral content: the referral URLs, codes, reward descriptions and categories you choose to publish.
- Anonymous analytics: when someone clicks a referral, we store an anonymous session identifier, a timestamp, and the referring site when the browser provides it. We do not store IP addresses, device fingerprints or any directly identifying visitor data.
What we never do
- No invasive fingerprinting, cross-site tracking or advertising pixels.
- We never sell your data or share it with advertisers.
- We never expose your email address on your public profile.
Cookies
- We use a small number of strictly-necessary cookies: an authentication session cookie for logged-in users, and an anonymous session cookie (rt_sid) used to prevent click spam and attribute referral clicks. No marketing cookies are used.
Your rights
- You can edit or delete your referrals at any time from your dashboard. You may request a full export or deletion of your account data by contacting us — the application is structured so GDPR-style access, rectification and erasure workflows can be expanded without schema changes.
Data processing
- Production data is stored in PostgreSQL via Supabase with row-level security. Authentication is handled by Supabase Auth. Analytics remain private to each profile owner and are never published.