Skip to main content

PostLane

ProductPricingDownloadDocs
Sign inGet started

legal/privacy — postlane.dev

Last updated 25 May 2026

Privacy

Plain English. We collect what we need to keep your account working — nothing more, nothing sold.

§ 01

Introduction

Postlane (“we”, “us”, “our”) is committed to protecting your personal data. This policy explains what information we collect, how we use it, and your rights in relation to it. It applies when you use postlane.dev or the Postlane desktop application.

We act as data controller for the personal data we process about you. If you have any questions, please contact us.

§ 02

Data we collect and how we use it

Account data

When you sign in using GitHub or GitLab, we receive your name and email address from that provider. We use this to create and manage your Postlane account and issue your licence.

Legal basis: performance of a contract.

Usage data

Our self-hosted servers capture standard server logs including IP addresses, browser type, and pages visited. We use this to monitor service health and diagnose problems.

Legal basis: legitimate interests in operating a reliable service.

Support ticket data

If you submit our contact form, we receive your name, email address, and message. We use this solely to respond to your enquiry. Tickets are processed through our own servers — no third-party support platform receives your enquiry data.

Legal basis: legitimate interests in responding to customer enquiries.

§ 03

Third parties we share data with

We use the following sub-processors:

SupabaseDatabase and authentication. Stores your account data and licence records.
CloudflareBot protection on our sign-in page via Turnstile.
DigitalOceanServer hosting for postlane.dev and the support ticket API.
ResendTransactional email (e.g. ticket acknowledgements). Receives your email address when we reply to your support ticket.

We do not sell your personal data to third parties and do not use it for advertising.

§ 04

International transfers

Some of our sub-processors are based outside the UK and EEA, including in the United States. Where data is transferred internationally, we rely on appropriate safeguards such as standard contractual clauses or adequacy decisions.

§ 05

Data retention

  • Account data— retained while your account is active and for two years after closure, unless a longer period is required by law.

  • Support ticket data — retained for three years.

  • Server logs — retained for 90 days.

§ 06

Your rights

Under UK GDPR, you have the right to:

  • access the personal data we hold about you

  • have inaccurate data corrected

  • have your data deleted in certain circumstances

  • restrict or object to our processing

  • receive your data in a portable format

  • withdraw consent where processing is based on consent

  • lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk

To exercise any of these rights, please contact us.

Account deletion

You may delete your Postlane account and all associated data at any time from within the Postlane desktop application (Settings → Account → Danger Zone). Deleting your account removes your account record and licence data from our servers, all project data and post history associated with your account, and any scheduler credentials we hold on your behalf.

If you prefer, you can request deletion by contacting us instead and we will action your request within 30 days.

§ 07

Cookies

Cookies are small files stored on your device by your browser. We use the following categories:

Essential cookies

Required for the service to function and cannot be disabled. They include session cookies that keep you signed in and security cookies used by our authentication provider (Supabase).

Security cookies

Cloudflare Turnstile sets a short-lived cookie on our sign-in page to distinguish human visitors from bots. No personal data is stored in this cookie.

Analytics

We use self-hosted, privacy-preserving analytics. No personally identifiable information is collected and no cross-site tracking occurs. See our cookie policy for full details.

You can control cookies through your browser settings. Disabling essential cookies will prevent you from signing in.

§ 08

Changes to this policy

We may update this policy from time to time. The date at the top of this page shows when it was last revised. Continued use of our services after any update constitutes acceptance of the revised policy.

§ 09

Governing law

This policy is governed by the law of England and Wales. Any disputes are subject to the exclusive jurisdiction of the courts of England and Wales.

§ 10

California residents (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) gives you additional rights regarding your personal information.

Your CCPA rights

  • Right to know— you may request details of the personal information we collect, use, and disclose.

  • Right to delete— you may request deletion of the personal information we have collected about you, subject to certain exceptions.

  • Right to opt out— we do not sell or share your personal information for cross-context behavioural advertising. No opt-out is needed.

  • Right to non-discrimination— we will not discriminate against you for exercising any of these rights.

What we collect

In the preceding 12 months we have collected: identifiers (name, email address from your OAuth provider); internet activity (server logs, page visits); and inferences drawn from these to operate your account.

How to exercise your rights

Submit a request via our contact form. We will verify your identity and respond within 45 days. You may designate an authorised agent to make a request on your behalf.

Questions about your data?

We answer privacy queries within one business day.

Contact us →