Privacy Policy
Last updated: March 27, 2026
Mainline (“we”, “us”, or “our”) operates mainline.live. This policy explains what data we collect, why we collect it, and how we protect it. By using Mainline, you agree to this policy.
1. What we collect
Account information
When you sign up, we collect your name and email address. If you sign in with Google, we receive your name, email, and profile photo from Google.
GitHub data
If you connect GitHub, we store an OAuth access token and sync your recent commit history (message, repository name, timestamp, additions/deletions). We only read commits authored by you.
Social account tokens
If you connect X (Twitter) or LinkedIn to post directly, we store encrypted OAuth access tokens for those platforms. We use these tokens only to post on your behalf when you explicitly click “Post.”
Content you create
We store drafts you save, style profile notes, example posts you provide for voice matching, and post templates you create.
News feed preferences
We store your custom RSS feeds, saved article URLs, and company news tracking preferences.
Usage data
We collect standard server logs including IP addresses, browser type, and pages visited. We do not use third-party analytics trackers.
2. How we use your data
- To provide and operate the Mainline service
- To generate AI-powered draft posts using your selected signals
- To rank and personalize your news feed based on your style profile
- To post to X or LinkedIn on your behalf when you request it
- To send transactional emails (e.g. password reset) — we do not send marketing emails without your consent
- To improve the product based on aggregate usage patterns
We do not sell your data. We do not use your content to train AI models. Your drafts, style notes, and example posts are used only to generate outputs for you.
3. AI processing
Draft generation and news ranking use the Anthropic Claude API. When you generate a draft, the relevant article titles, commit messages, and your style notes are sent to Anthropic's API to produce output. Anthropic's privacy policy governs how they handle API data. We do not send your name, email, or account details to Anthropic.
4. Third-party services
We use the following third-party services to operate Mainline:
5. Data retention
We retain your data for as long as your account is active. RSS feed articles are retained for 72 hours before being pruned. Commit events are retained for 90 days. Drafts and style profiles are retained indefinitely until you delete them or your account.
6. Your rights
You can at any time:
- Access and export your data by contacting us
- Delete your drafts, templates, and style profile from within the app
- Disconnect GitHub, X, or LinkedIn from Settings
- Request full account deletion by emailing us — we will delete all your data within 30 days
If you are in the EU or UK, you have additional rights under GDPR/UK GDPR including the right to data portability and to lodge a complaint with your local supervisory authority.
7. Cookies
We use a session cookie for authentication (required to keep you signed in) and a small localStorage value to remember your theme preference (light/dark). We do not use advertising cookies or third-party tracking cookies.
8. Security
All data is transmitted over HTTPS. OAuth tokens are stored encrypted at rest. We use Neon's serverless Postgres with connection encryption. We do not store passwords in plain text — passwords are hashed using bcrypt. Despite these measures, no system is 100% secure. Please use a strong, unique password.
9. Children
Mainline is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided us data, please contact us and we will delete it.
10. Changes to this policy
We may update this policy from time to time. If we make material changes, we will notify you by email or by a notice in the app. Continued use after changes means you accept the updated policy.
11. Contact
Questions about this policy? Email us at privacy@mainline.live