followIQ
Sign in →
Last updated: March 18, 2026

Privacy Policy

We believe privacy policies should be readable. This one explains exactly what we collect, why we collect it, and how you can control it — in plain English.

Overview

FollowIQ (“we”, “us”, or “our”) is an AI-powered follow-up sequence generator for recruiters. This Privacy Policy describes how we collect, use, store, and share information when you use our platform at followiq.com.

By using FollowIQ, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of the service.

Short version: We collect your account info and candidate data to operate the service. We share data with a small set of trusted third parties only as needed. We never sell your data. You can delete your account and all associated data at any time.

Data We Collect

Account information

  • Name, email address, and password (if using email/password sign-up)
  • OAuth profile data (name, email, profile picture) if you sign in with Google, LinkedIn, or Microsoft
  • Recruiter profile details: display name, agency name, sign-off, default tone

Candidate data (you provide this)

  • Candidate names, email addresses, LinkedIn URLs, job titles, company names, and notes you enter manually or import via CSV
  • Pipeline stages and contact dates you assign to candidates
  • This data belongs to you. We process it solely to operate the service on your behalf.

Generated content

  • Email sequences generated by our AI, stored in your account history
  • Outcome labels you apply (sent / replied / no response / offer accepted)

Usage and technical data

  • IP address, browser type, and device information
  • Pages visited, features used, and session duration
  • Error reports and performance traces (via Sentry)
  • Billing history and subscription status (via Stripe)

How We Use Your Data

  • Provide and operate the service — authenticate your account, display your candidates and sequences, enforce plan limits.
  • Generate AI email sequences — your candidate data and recruiter profile are sent to Anthropic's Claude API to produce personalized email drafts. See the Third-Party Services section for details.
  • Process billing — Stripe handles all payment processing. We store your plan status and subscription metadata but never your card details.
  • Send transactional emails — welcome emails, trial expiry reminders, and follow-up scheduling notifications via Resend.
  • Monitor and fix errors — error reports including your user ID and email are sent to Sentry to help us diagnose and fix bugs.
  • Improve the product — aggregated, anonymized usage patterns inform feature prioritization. We do not build individual behavioral profiles.

We do not use your candidate data to train AI models. We do not sell your data.

Third-Party Services

We integrate with the following third-party services. Each has its own privacy policy governing how they handle data we share with them.

Anthropic (Claude API)Privacy policy ↗

Generates email sequences from your candidate and role data. Prompts include candidate name, pipeline stage, recruiter profile, and any notes you have added.

Data shared: Candidate name, role, pipeline stage, recruiter display name, sign-off, and candidate notes.

StripePrivacy policy ↗

Processes subscription payments and manages billing. We never see or store your payment card details.

Data shared: Email address, billing name, subscription plan, and payment events.

Neon / Vercel (Database & Hosting)Privacy policy ↗

Our database (Neon Serverless Postgres) and hosting (Vercel) run in the US. All your application data is stored here.

Data shared: All application data including accounts, candidates, and sequences.

ResendPrivacy policy ↗

Sends transactional emails such as welcome messages and trial reminders.

Data shared: Your email address and first name.

SentryPrivacy policy ↗

Captures application errors and performance traces so we can fix bugs quickly. Error reports include your user ID and email to help us identify which account was affected.

Data shared: User ID, email address, IP address, and error stack traces.

Google / LinkedIn / Microsoft (OAuth)Privacy policy ↗

Optional sign-in providers. Only basic profile data (name, email) is retrieved during authentication.

Data shared: Name and email address from your OAuth profile.

Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data — including your recruiter profile, candidates, sequences, and billing records — is permanently deleted within 30 days.

Some anonymized aggregate data (e.g. total sequences generated per month) may be retained indefinitely for internal analytics, but it cannot be linked back to your account.

Stripe may retain billing and transaction records for longer periods as required by financial regulations. This is governed by Stripe's own privacy policy and retention obligations.

Security

We take security seriously and implement industry-standard practices to protect your data:

  • All data is transmitted over HTTPS/TLS
  • Passwords are hashed and never stored in plaintext
  • Database access is restricted to application services only
  • API keys and secrets are stored as environment variables, never in code
  • Error monitoring via Sentry helps us detect and respond to anomalies quickly

No method of transmission or storage is 100% secure. If you discover a security vulnerability, please contact us immediately at security@followiq.com.

Your Rights

Depending on where you are located, you may have the following rights over your personal data:

All users

  • Access: Request a copy of the personal data we hold about you.
  • Deletion: Delete your account and all associated data via Settings → Danger Zone → Delete Account. This is immediate and irreversible.
  • Correction: Update your profile information at any time via Settings.
  • Portability: Export your candidate directory as CSV (Starter+ plan).

EU / EEA residents (GDPR)

  • Right to restrict processing of your data
  • Right to object to processing based on legitimate interests
  • Right to lodge a complaint with your local supervisory authority

California residents (CCPA)

  • Right to know what personal information is collected and how it is used
  • Right to opt out of the sale of personal information (we do not sell data)
  • Right to non-discrimination for exercising your privacy rights

To exercise any of these rights, contact us at privacy@followiq.com. We will respond within 30 days.

Cookies & Tracking

We use a minimal set of cookies necessary to operate the service:

  • Session cookie — keeps you signed in. Set by BetterAuth, our authentication library. Expires after 7 days of inactivity.
  • CSRF token — protects form submissions against cross-site request forgery attacks. Session-scoped.
  • Tunnel cookie — a first-party proxy cookie used to route Sentry error reports through our server, avoiding ad blockers. Contains no personal data.

We do not use advertising cookies, third-party tracking pixels, or behavioral analytics cookies. We do not use Google Analytics or similar tools.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, notify you via email.

Your continued use of FollowIQ after any changes constitutes acceptance of the updated policy. We encourage you to review this page periodically.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

FollowIQ

Privacy inquiries: privacy@followiq.com

Security issues: security@followiq.com