Skip to main content

Privacy Policy

Last updated: May 18, 2026

1. Introduction

Trenzitt ("we", "our", "us") operates a creator marketplace that connects brands with creators and influencers. This Privacy Policy explains what personal data we collect, why we collect it, how we use and share it, how long we keep it, and the rights you have over your data.

By using the Trenzitt platform (the "Platform") you agree to the practices described here. If you do not agree, please do not use the Platform.

2. Data We Collect

We collect only the data we need to operate the Platform:

  • Account data: name, role (Creator or Brand), profile picture, account creation timestamp.
  • Contact data (optional): personal email, phone number, website, location, company name, bio.
  • Authentication data: a unique identifier from your OAuth provider (Instagram or Google) and an access token used to call the provider on your behalf. We do not see or store your provider password.
  • Campaign data: campaigns you create or apply to, pitches, messages, and status updates.
  • Technical data: IP address, user-agent, request logs, and authentication events for security and abuse prevention.

3. Instagram Data — Specific Disclosures

When you sign in as a Creator using Instagram, we use the Instagram API with Instagram Login (provided by Meta Platforms, Inc.). We request the following permissions and use the data strictly as described below. Data is not sold, traded, or shared with third parties for advertising.

  • instagram_business_basic— We read your Instagram user ID, username, name, profile picture, account type and follower count. We use these to create your Trenzitt profile, display your handle on your dashboard, and verify your audience size for brands.
  • instagram_business_manage_insights— We read aggregate account insights (reach, profile views, accounts engaged, total interactions, follower count, website clicks) to compute and display your engagement metrics inside Trenzitt and to help brands evaluate your campaign suitability.

We store a long-lived Instagram access token so we can refresh your stats without requiring you to log in again. The token is encrypted at rest using AES-256-GCM. We never post on your behalf and we never read your direct messages, comments, or media files outside the metrics listed above.

You can revoke Trenzitt's access at any time from your Instagram settings (Settings → Apps and Websites) or from your Trenzitt dashboard.

4. Google Data (Brands)

When you sign in as a Brand using Google, we use Google OAuth 2.0 with the openid, email and profile scopes. We read your Google account email, name and profile picture to create and identify your Trenzitt account. We do not access Gmail, Drive, Calendar or any other Google service.

5. How We Use Your Data

  • To create and operate your Trenzitt account.
  • To display your profile (creators) or your campaigns (brands) inside the Platform.
  • To compute audience and engagement metrics shown to you and to brands evaluating you.
  • To enable communication between brands and creators on the Platform.
  • To detect, prevent and investigate fraud, abuse and security incidents.
  • To comply with our legal obligations.

6. How We Share Your Data

We share your data only with: (a) other Trenzitt users where you choose to make your profile or campaign visible; (b) service providers who host and operate the Platform on our behalf (cloud hosting, database, monitoring); and (c) authorities when required by law.

We do not sell your personal data. We do not share your Instagram or Google data with advertising networks or data brokers.

7. Data Retention

We retain your account data for as long as your account is active. If you disconnect your Instagram account, we delete the stored Instagram access token and stop fetching new insights, while retaining historical campaign records as long as those campaigns are referenced. If you delete your Trenzitt account, we delete your profile, OAuth tokens and personal data within 30 days, except where we are required to retain certain records (e.g. financial records) under applicable law.

8. Security

We protect your data using industry-standard measures: HTTPS in transit, AES-256-GCM encryption for stored OAuth tokens, JWT-based stateless authentication, restricted CORS origins, and least-privilege access for staff. No system is perfectly secure, and we cannot guarantee absolute security.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data (via your dashboard or by contacting us).
  • Delete your account and associated personal data (see Data Deletion).
  • Disconnect your Instagram or Google account from Trenzitt at any time.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with your local data protection authority.

10. Children

Trenzitt is not directed to children under 18. We do not knowingly collect personal data from children under 18. If you believe a child has provided us data, please contact us and we will delete it.

11. International Transfers

Trenzitt is operated from India. If you access the Platform from outside India, your data will be transferred to and processed in India and the regions where our cloud providers operate. We rely on appropriate safeguards for any such transfer.

12. Changes to this Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last updated" date. Material changes will be highlighted on the Platform.

13. Contact

For privacy questions, data access or deletion requests, contact us at contactus@trenzitt.com. See our Data Deletion page for the deletion workflow, and our Terms & Conditions for general platform terms.