Privacy Policy

Last updated: February 28, 2026

1. Introduction

0crew ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you visit 0crew.com or use our services. This policy is designed to comply with the European Union's General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is 0crew. You can reach us via the contact form on our website.

3. Data We Collect

Information you provide directly:

  • Name, email address, and company name (via contact form or chatbot)
  • Project details and content briefs
  • Payment information (processed by Stripe — we do not store card details)
  • Social media account credentials for auto-publishing (stored securely, used only for publishing)
  • Communications with us via our contact form or chat

Information collected automatically:

  • IP address and approximate location
  • Browser type, device type, and operating system
  • Pages visited, time spent, and referral source
  • Cookies and similar tracking technologies (see Section 8)

4. How We Use Your Data

We process your personal data for the following purposes:

  • Service delivery: To create and deliver content, manage subscriptions, and provide customer support
  • Communication: To respond to inquiries, send proposals, and provide service updates
  • Auto-publishing: To publish content to your connected social media accounts on your behalf
  • Payment processing: To process payments through Stripe
  • Improvement: To analyze usage patterns and improve our services
  • Legal compliance: To comply with legal obligations and protect our rights

5. Legal Basis for Processing (GDPR)

We process your data based on the following legal grounds:

  • Contract performance: Processing necessary to deliver services you've ordered
  • Consent: Where you've given explicit consent (e.g., contact form submissions, marketing emails)
  • Legitimate interest: For analytics, service improvement, and fraud prevention
  • Legal obligation: To comply with applicable laws and regulations

6. Data Sharing

We do not sell your personal data. We may share data with:

  • Stripe: For payment processing
  • Buffer / social media APIs: For auto-publishing services (only with your authorization)
  • Resend: For transactional email delivery
  • Vercel: Website hosting and analytics
  • Hetzner: Server infrastructure (EU-based)

All third-party processors are contractually bound to protect your data. We prioritize EU-based or GDPR-compliant processors.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Account data: For the duration of your subscription, plus 12 months after cancellation
  • Contact form submissions: Up to 24 months
  • Payment records: As required by applicable tax and accounting laws
  • Analytics data: Up to 26 months

8. Cookies

We use minimal cookies necessary for website functionality. We do not currently use advertising or third-party tracking cookies. Essential cookies include session management and security tokens.

If we introduce non-essential cookies in the future, we will implement a cookie consent mechanism before activation.

9. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: Request a copy of your personal data
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your data ("right to be forgotten")
  • Right to restrict processing: Request limitation of data processing
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interest
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, use our contact form. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encrypted connections (HTTPS/TLS), secure server infrastructure, and access controls. However, no method of transmission over the Internet is 100% secure.

11. International Data Transfers

Your data may be processed on servers located in the European Union (Hetzner, Germany) and the United States (Vercel, Stripe). For transfers outside the EU/EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where applicable.

12. Children's Privacy

Our services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a minor, we will take steps to delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active subscribers of material changes via email. The "Last updated" date at the top of this page reflects the most recent revision.

14. Contact & Complaints

For any questions, concerns, or to exercise your data rights, use our contact form or message us on 𝕏 @AIBuildThis.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.