Last updated: July 1, 2026
This Privacy Policy explains how HeyLinks, operated by Tastemaker Supply LLC ("HeyLinks", "we", "us", "our"), collects, uses, and shares information when you visit our site or use the service. By using HeyLinks you agree to this policy.
Account data: your email address, name or display name, and the identifiers used for passwordless sign in (including basic profile information from Google if you sign in with Google).
Usage data: your projects, prospects, outreach activity, settings, and related logs.
Prospect and outreach data: the target domains, referring pages, contact details, and messages you input or process through the service. You are the controller of the prospect data you gather and process; HeyLinks processes it on your behalf to provide the service.
Payment data: payments are handled by Stripe. We store a Stripe customer and subscription identifier and your plan status. We do not store your full card number.
Cookies and local storage: authentication session cookies and local storage used to keep you signed in and to hold app state.
We use information to:
Provide, operate, and secure the service, and authenticate your account.
Process billing and manage your subscription.
Send transactional emails (account, billing, and security notices).
Provide support and respond to your requests.
Improve the service and prevent abuse.
Send product updates or marketing only if you have opted in.
Transactional emails are always sent because they are part of the service (for example account, billing, and security notices).
Service and activity notifications, such as reply alerts and a weekly summary, are controlled by your notification preferences on the account page.
Promotional and product update emails are opt in. We send them only if you choose to receive them. Every marketing email includes a way to unsubscribe, and you can manage your preferences on the account page or through the unsubscribe flow at any time.
We share data with service providers that help us operate HeyLinks, only as needed for them to perform their function:
Stripe, for payment processing.
Supabase, for database and authentication.
Unipile, together with your connected Google or Gmail account, to send your outreach and read reply status.
Ahrefs, only through your own API key (bring your own key), for metrics you request.
Vercel, for hosting.
Sentry, for error monitoring.
We do not sell your personal data.
We keep your data for as long as your account is active or as needed to provide the service and meet legal obligations. You can delete your account and its associated data at any time from the account page. Deleting your account cascades to remove your project data. Some records may be retained where required by law or for legitimate business purposes such as billing history.
We use cookies and local storage for authentication and session management and to hold app state. We do not use third party advertising trackers.
HeyLinks is based in the United States, and your data is processed in the United States. If you are located in the European Union, the United Kingdom, or another region, you understand that your data will be transferred to and processed in the United States. Depending on where you live, you may have rights under laws such as the California Consumer Privacy Act (CCPA) or the General Data Protection Regulation (GDPR), described below.
Depending on your location, you may have the right to access, correct, delete, or export your personal data, and to opt out of marketing. You can exercise most of these directly from the account page (including account deletion and email preferences), or by contacting us. We will respond consistent with applicable law. We do not sell personal data, and you can opt out of marketing at any time.
We use reasonable measures to protect your data, including row level security in our database, encryption in transit over HTTPS, access controls, and keeping privileged service keys on the server side. No method of transmission or storage is 100 percent secure, and we cannot guarantee absolute security.
HeyLinks is not directed to and is not intended for anyone under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.
We may update this Privacy Policy from time to time. If we make material changes, we will provide notice by a reasonable means and update the date above. Your continued use of the service after a change means you accept the updated policy.
Questions about this Privacy Policy, or requests regarding your data, can be sent to support@heylinks.ai.