Stacked

Legal

Privacy Policy

Last updated: March 2, 2026

1. Introduction

This Privacy Policy describes how Stacked ("Stacked", "we", "our", or "us") collects, uses, stores, and protects personal data when you use runstacked.com and related services.

If you use Stacked, you agree to the practices described in this Privacy Policy.

2. Data We Collect

We may collect the following categories of data:

  • Account information: name, email address, password hash, phone number.
  • Business profile information: business name, customer size, and location details.
  • Payment information: transaction reference and status from payment providers (we do not store your full card details).
  • Connected inbox data: provider account email, OAuth tokens, token expiry, and sender configuration.
  • Contact and campaign data you upload or create, including recipient data and campaign metrics.
  • Operational and security logs, device/browser metadata, and IP address.

3. How We Use Data

We use personal data to:

  • Create and secure your account.
  • Process beta signup and payment verification.
  • Enable inbox connection and campaign sending features.
  • Provide analytics, safety checks, and service support.
  • Detect abuse, spam misuse, fraud, and security threats.
  • Comply with legal and regulatory obligations.

4. Google API Data

If you connect Google, Stacked may access Google account data required for configured features, including sending emails through Gmail API.

Stacked's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

  • Google user data is used only to provide requested user-facing features.
  • Google user data is not sold and is not used for advertising profiling.
  • We do not transfer Google user data to third parties except where required to operate, secure, or comply with law.

5. Lawful Basis

Depending on jurisdiction, we process data based on:

  • Performance of a contract (providing the service).
  • Legitimate interests (security, fraud prevention, product operations).
  • Legal obligations.
  • Consent, where required.

6. Data Sharing

We may share data with:

  • Infrastructure providers (hosting, database, monitoring).
  • Email and payment service providers used to operate core features.
  • Professional advisers and legal authorities when required by law.

We do not sell personal information to data brokers.

7. Data Retention

We retain personal data for as long as needed to provide services, resolve disputes, enforce our terms, and satisfy legal obligations. Retention periods vary by data type and purpose.

8. Security

We use administrative, technical, and organizational safeguards, including encrypted token storage, HTTPS transport, and access controls. No system can be guaranteed 100% secure.

9. Cookies and Similar Technologies

We use cookies and similar technologies for session management, security, product functionality, and basic analytics.

10. Your Rights

Subject to local law, you may request access, correction, deletion, or restriction of personal data, and you may object to certain processing activities.

You may also disconnect linked inbox accounts and unsubscribe recipients through service controls.

11. Account Deletion and Data Requests

To request account deletion or data-related requests, contact us at hello@runstacked.com. We may require verification before processing requests.

12. International Transfers

Your information may be processed in countries other than your own where our service providers operate. We use appropriate safeguards where required.

13. Children

Stacked is not intended for children under 18. We do not knowingly collect personal data from children.

14. Changes to This Policy

We may update this policy from time to time. The updated version will be posted on this page with the revised effective date.

15. Contact

Stacked (runstacked.com)
Email: hello@runstacked.com