Privacy Policy

Last updated: July 2026 · ReferTree is built privacy-first.

What we collect

  • Account data: your email address, username, display name and bio when you create an account.
  • Referral content: the referral URLs, codes, reward descriptions and categories you choose to publish.
  • Anonymous analytics: when someone clicks a referral, we store an anonymous session identifier, a timestamp, and the referring site when the browser provides it. We do not store IP addresses, device fingerprints or any directly identifying visitor data.

What we never do

  • No invasive fingerprinting, cross-site tracking or advertising pixels.
  • We never sell your data or share it with advertisers.
  • We never expose your email address on your public profile.

Cookies

  • We use a small number of strictly-necessary cookies: an authentication session cookie for logged-in users, and an anonymous session cookie (rt_sid) used to prevent click spam and attribute referral clicks. No marketing cookies are used.

Your rights

  • You can edit or delete your referrals at any time from your dashboard. You may request a full export or deletion of your account data by contacting us — the application is structured so GDPR-style access, rectification and erasure workflows can be expanded without schema changes.

Data processing

  • Production data is stored in PostgreSQL via Supabase with row-level security. Authentication is handled by Supabase Auth. Analytics remain private to each profile owner and are never published.
Privacy Policy · ReferTree