Privacy Policy

Last Updated: January 9, 2026

1. Introduction

Welcome to Blogs for Vercel ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information and content. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our CMS API service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Password (stored securely using industry-standard hashing)
  • Organization name and details
  • Subscription and billing information (processed securely through Stripe)

2.2 User Content

We store and process the content you create through our service:

  • Blog posts (including titles, content in Markdown and HTML formats, slugs, and tags)
  • Draft and published content
  • API keys and their usage data
  • Organization membership and team collaboration data

2.3 Usage Data

We automatically collect information about how you use our service:

  • API request logs and timestamps
  • Last used timestamps for API keys
  • Browser type and device information
  • IP addresses (for security and rate limiting purposes)

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our CMS API service
  • Process your transactions and manage your subscription
  • Authenticate API requests and ensure secure access to your content
  • Enforce usage limits based on your subscription tier
  • Send you service-related communications (account updates, security alerts)
  • Respond to your support requests
  • Monitor and prevent fraud, abuse, and security threats
  • Comply with legal obligations

4. Content Ownership and Storage

You retain full ownership of all content you create and store through our service. We act as a service provider and do not claim any ownership rights to your blog posts, text, or other content.

Your content is stored securely in our database and is:

  • Accessible only through authenticated API requests using your API keys
  • Protected by Row-Level Security (RLS) policies that ensure users can only access content from their own organizations
  • Backed up regularly for data protection
  • Retained until you delete it or close your account

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information or content to third parties. We may share your information only in the following circumstances:

  • Service Providers: We use trusted third-party services (Supabase for database hosting, Stripe for payment processing, Vercel for hosting) that are contractually obligated to protect your data
  • Legal Requirements: We may disclose information if required by law or to protect our rights, property, or safety
  • Business Transfers: In the event of a merger, acquisition, or sale, your information may be transferred as part of that transaction
  • With Your Consent: We may share information when you explicitly authorize us to do so

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (HTTPS/TLS) for all data transmission
  • Secure password hashing (never storing plain-text passwords)
  • API key authentication for secure API access
  • Row-Level Security policies in our database
  • Regular security audits and updates
  • Rate limiting to prevent abuse

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

7. Your Rights and Choices

You have the following rights regarding your information:

  • Access: You can access and download your content at any time through our API or dashboard
  • Correction: You can update your account information and content through the dashboard
  • Deletion: You can delete individual blog posts or close your account at any time
  • Data Portability: You can export your content in standard formats (Markdown, HTML)
  • Account Closure: You can request account deletion, which will permanently remove your data (subject to legal retention requirements)

8. Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain your authentication session
  • Remember your organization selection
  • Store your theme preferences

We do not use cookies for advertising or third-party tracking. You can control cookies through your browser settings.

9. Children's Privacy

Our service is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our service, you consent to the transfer of your information to these countries.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: support@lztek.io