Privacy Policy

Last updated: March 2026

1. Introduction

Wildfire Growth LLC ("Wildfire Growth," "Dropin," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Dropin platform, including our website at getdropin.io, web application at app.getdropin.io, APIs, and all related services (collectively, the "Service").

By using the Service, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Service.

2. Information We Collect

2.1 Information You Provide Directly

Account Information

  • Name (first and last)
  • Email address
  • Profile image (optional)
  • Password or authentication credentials

Workspace and Organization Information

  • Organization or company name
  • Billing contact information
  • Team member information (names and email addresses of invited users)

Payment Information

  • Billing name and address
  • Payment method details (processed securely by Stripe)

Complete credit card numbers are not stored on our servers. Stripe handles payment processing in accordance with their privacy policy.

Content and Communications

  • Content you create, upload, or schedule for publication (text, images, videos, documents)
  • Comments, feedback, and approvals within the platform
  • Communications with our support team
  • Survey responses and feedback

Social Media Account Information

  • Account identifiers and usernames
  • Profile information from connected platforms
  • Access tokens allowing posting on your behalf
  • Follower counts and engagement metrics (where available)

2.2 Information Collected Automatically

  • IP address, browser type, and operating system
  • Device identifiers and time zone
  • Pages visited, features used, and actions taken within the Service
  • Frequency and duration of your activities
  • Referring URLs and access times
  • Errors encountered and performance data

2.3 Information from Third Parties

When you connect social media accounts (YouTube, Instagram, LinkedIn, TikTok, Facebook), we may receive public profile information, post performance metrics, follower and audience data, and content published through the Service. We also receive payment confirmations from Stripe and analytics data from our analytics providers.

3. How We Use Your Information

  • Providing the Service: Creating and managing your account, processing and publishing scheduled content, facilitating team collaboration, and providing customer support.
  • Improving the Service: Analyzing usage patterns, developing new features, and ensuring security and integrity.
  • Communications: Sending transactional emails (account confirmations, password resets, subscription notices), product updates, and marketing communications (with your consent).
  • Billing: Processing subscription payments, managing invoicing, and handling refund requests.
  • Legal and Safety: Complying with legal obligations, enforcing our Terms of Service, and protecting against fraud and security threats.
  • Analytics: Generating aggregated, de-identified analytics about Service usage and conducting research to improve our products.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: Third-party vendors who perform services on our behalf, including cloud hosting, payment processing (Stripe), analytics (PostHog), and email communications. These providers are contractually obligated to use your information only as necessary to provide their services.
  • Social Media Platforms: When you use the Service to publish content, your content is transmitted to connected social media platforms as necessary for core functionality.
  • Workspace Members: Information you share within a workspace (posts, comments, approvals) is visible to other members according to permissions set by workspace administrators.
  • Business Transfers: If Wildfire Growth LLC is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
  • Legal Requirements: We may disclose information if required by law, in response to valid legal requests, or to protect the rights, property, or safety of Wildfire Growth LLC, our users, or the public.
  • With Your Organization: If you use the Service through an organization (such as your employer), the organization's administrators may have access to your account information and activity within their workspace.

5. Data Retention

We retain your information as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law.

  • Account Data: Retained as long as your account is active. If you request account deletion, personal information will be deleted or anonymized within a reasonable timeframe, except as required for legal obligations.
  • Content: Retained as long as your account is active or until you delete it. Content published to third-party platforms remains on those platforms per their retention policies.
  • Billing Records: Retained as required for accounting, tax, and legal purposes.
  • Log Data: Server logs and technical data are typically retained for up to 90 days.

6. Data Security

We implement appropriate technical and organizational measures to protect your information, including encryption of data in transit (TLS/SSL) and at rest, access controls, regular security assessments, and employee training on data protection.

No method of transmission over the Internet is completely secure. While we strive to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact hello@getdropin.io immediately.

7. Your Rights and Choices

  • Access and Correction: You can access, update, or correct your account information at any time through your account settings or by contacting us.
  • Account Deletion: You may request deletion of your account by contacting hello@getdropin.io. Certain information may be retained as required by law.
  • Communication Preferences: You can opt out of marketing communications by clicking the "unsubscribe" link in emails or adjusting your notification settings. You cannot opt out of transactional communications related to your account.
  • Social Media Connections: You can disconnect your social media accounts at any time through Service settings.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve the Service:

  • Essential Cookies: Required for the Service to function properly, including authentication and session management. These cannot be disabled.
  • Analytics Cookies: Help us understand how users interact with the Service. We use PostHog for analytics.
  • Functional Cookies: Remember your preferences and settings to provide a personalized experience.

Most browsers allow you to control cookies through their settings. Blocking essential cookies may prevent the Service from functioning properly. We do not currently respond to Do Not Track (DNT) signals.

9. Google API Services User Data

Dropin's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

9.1 What Google Data We Access

When you connect your YouTube account to Dropin, we request access to the following Google API scopes:

  • YouTube Upload (youtube.upload): Used to publish and schedule video content to your YouTube channel on your behalf.
  • YouTube Read-Only (youtube.readonly): Used to retrieve your channel name, profile image, and basic channel information to identify your connected account within the Service.

9.2 How We Use Google Data

Data obtained through Google APIs is used exclusively to:

  • Display your connected YouTube channel name and profile image in your Dropin dashboard
  • Upload and publish video content you have scheduled through the Service to your YouTube channel
  • Verify the status and health of your YouTube connection

9.3 How We Store Google Data

We store OAuth access tokens and refresh tokens securely in our database, encrypted at rest. Access tokens are short-lived and automatically refreshed as needed. You can revoke access at any time by disconnecting your YouTube account in your Dropin settings, which will also revoke the tokens with Google.

9.4 Google Limited Use Disclosure

Dropin's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google user data to provide and improve user-facing features that are prominent in Dropin's interface (video scheduling, publishing, and account management).
  • We do not transfer Google user data to third parties, except as necessary to provide the Service, for security purposes, to comply with applicable laws, or as part of a merger or acquisition with the user's prior consent.
  • We do not use Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising.
  • We do not use Google user data to determine creditworthiness or for lending purposes.
  • Humans do not read Google user data unless you have given affirmative consent to view specific data, it is necessary for security purposes, it is required by law, or the data is aggregated and anonymized for internal operations.

10. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete that information. If you believe we have collected information from a child under 18, please contact hello@getdropin.io.

11. California Privacy Rights (CCPA)

If you are a California resident, you have certain rights under the California Consumer Privacy Act, including the right to know what personal information we collect, the right to request deletion, the right to correct inaccurate information, and the right to non-discrimination for exercising your rights.

We do not sell personal information. To exercise your CCPA rights, contact hello@getdropin.io.

12. International Data Transfers

Wildfire Growth LLC is based in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country. By using the Service, you consent to the transfer of your information to the United States.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When material changes are made, we will update the "Last updated" date at the top of this policy and notify you through the Service or via email. Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Wildfire Growth LLC

Email: hello@getdropin.io