Privacy Policy

Effective date: March 8, 2026

1. What we collect

When you use PubQ, we collect the following information:

  • Email address — used to create and identify your account.
  • Substack session cookies — captured via the PubQ browser extension and stored encrypted using AES-256-GCM. These are never stored in plaintext.
  • Note content — the text of Substack Notes you write and schedule through PubQ.
  • Publish timestamps — the scheduled and actual times notes are published.

2. How we use it

We use the data we collect solely to operate the PubQ service on your behalf:

  • Authenticate with Substack using your session cookie to publish Notes as you.
  • Schedule and publish Notes at the times you configure.
  • Send transactional emails (e.g., cookie expiry alerts) to the email address on your account.

We do not sell your data, share it with advertisers, or use it to train AI models.

3. Third-party services

PubQ relies on the following sub-processors:

  • Supabase — PostgreSQL database, hosted in US-West. Your account data and encrypted cookies are stored here.
  • Railway — Application hosting, US region. All server-side code runs here.
  • Stripe — Payment processing. Stripe handles all billing data; PubQ does not store card numbers. Stripe's own privacy policy governs payment data.
  • Resend — Transactional email (e.g., cookie expiry notifications). Only your email address is shared.

4. Data retention

Your account data — including your email, encrypted cookies, and note history — is retained for as long as your account is active. If you delete your account, we will delete your data within 30 days. Data held by Stripe is governed by Stripe's own retention policy.

5. Cookies

PubQ sets a single session cookie in your browser to keep you logged in to the PubQ dashboard. We do not use tracking cookies, advertising cookies, or any third-party analytics that set cookies in your browser.

6. Your rights

You have the right to request a copy of the data we hold about you, or to request its deletion. To exercise either right, email us at privacy@pubq.io. We will respond within 30 days.

7. Changes to this policy

If we make material changes to this privacy policy, we will notify you by email at least 7 days before the changes take effect. Continued use of PubQ after that date constitutes acceptance of the updated policy.

8. Contact

Questions or concerns? Reach us at privacy@pubq.io.

← Back to PubQ