The short version: We collect only what we need to run the marketplace. We don't sell your data to anyone. You can delete your account and data at any time.
1. What we collect
Account information: Name, email address, and password when you register. If you sign in with Google, we receive your name and email from Google.
Profile information: Optional: company name, bio, website. This is displayed publicly on your creator profile.
Payment information: We use Stripe to process payments. We never see or store your full card number — Stripe handles all card data. We store transaction IDs, amounts, and payout records.
Dataset uploads: Files you upload are stored in private cloud storage. We process them through our validation pipeline and generate preview images.
Usage data: Pages visited, features used, timestamps. Used to improve the platform, not to build ad profiles.
Communications: Emails you send to our support team.
2. How we use it
- To create and manage your account
- To process purchases and pay out sellers
- To run quality validation on uploaded datasets
- To send transactional emails (receipts, password resets, validation notifications)
- To prevent fraud and enforce our Terms of Service
- To improve the platform based on usage patterns
- To comply with legal obligations
We do not use your data for advertising. We do not sell your data to third parties. We do not use it to train AI models.
3. Who we share it with
We share data only with service providers necessary to operate the platform:
- Supabase — database and authentication (EU data residency available)
- Stripe — payment processing and seller payouts
- Resend — transactional email delivery
- Vercel — frontend hosting
- Railway — backend API hosting
- Upstash — job queue (Redis)
All providers are contractually required to handle your data in accordance with applicable privacy law. We do not share your data with anyone else unless required by law.
4. Data storage & security
Your data is stored on servers in the United States and EU. We use industry-standard security measures including:
- Encrypted connections (HTTPS/TLS) for all data in transit
- Encrypted storage for all data at rest
- Row-level security policies so users can only access their own data
- Dataset files stored in private buckets — accessible only with a time-limited signed URL after purchase
We retain your account data for as long as your account is active. Transaction records are retained for 7 years for legal and accounting purposes.
5. Cookies
We use minimal cookies — only those necessary to keep you logged in (authentication tokens stored in your browser). We do not use advertising cookies or third-party tracking pixels.
6. Your rights
You have the right to:
- Access — request a copy of all data we hold about you
- Rectification — correct inaccurate data in your account settings
- Deletion — delete your account and associated data (excluding legally required transaction records)
- Portability — export your data in a machine-readable format
- Objection — object to certain types of processing
To exercise any of these rights, email privacy@labelsets.ai. We will respond within 30 days.
If you are in the EU/EEA, you also have the right to lodge a complaint with your local data protection authority.
7. Children's privacy
LabelSets is not directed at children under 18. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us at privacy@labelsets.ai and we will delete the account.
8. Changes to this policy
We may update this policy as the platform evolves. We will notify registered users of material changes by email at least 14 days before they take effect.
9. Contact
Questions about your privacy? Email privacy@labelsets.ai.
For general support: support@labelsets.ai
LabelSets · labelsets.ai · Last updated March 2026