PublishLayer
NL EN

Privacy

Legal documentation and governance details for PublishLayer customers and partners.

Privacy

PublishLayer processes personal data needed to operate the platform, manage customer accounts, handle public website requests, and secure the service.

Last updated: March 11, 2026

Data we process

  • Account and contact data such as name, email address, login and verification records, and public contact form submissions.
  • Organization and workspace data such as company details, member roles, workspace names, client site settings, API destinations, and integration configuration.
  • Customer content and content metadata such as briefs, drafts, revisions, generated content, publication settings, and related usage records.
  • Billing and operational data such as invoice details, billing addresses, VAT data, payment status, API key hashes, webhook settings, notifications, logs, and error events.
  • Analytics and performance data for connected content properties is processed in pseudonymized or hashed form where implemented, including hashed visitor, session, and IP-derived identifiers.

Data ownership

  • Customers retain ownership of the content they create or manage through the platform.
  • PublishLayer stores and processes that content to provide generation, editing, workflow, analytics, and delivery features.

Processing roles

  • PublishLayer may act as a processor or service provider when customers use the platform to generate, manage, or publish their own content and related account data.
  • PublishLayer acts as its own controller for website operations, account administration, billing, support, and service security.

AI processing

  • AI features may send prompts, instructions, and relevant content context to external model providers configured in the platform.
  • Current AI providers used by the platform are listed on the Subprocessors page.
  • This page does not claim additional privacy documentation or contractual artifacts beyond what is actually published.

Infrastructure and service providers

  • Operational providers such as Mailgun, Mollie, and Sentry may process limited personal or operational data to support email delivery, billing, payment events, monitoring, and error reporting.
  • The current list of verified external processors is maintained on the Subprocessors page.

Includes

  • Account and contact data
  • Organization and workspace data
  • Customer content and content metadata
  • Billing, integration, and operational records

Updates

  • This page reflects the current product implementation
  • Cookies, Security, and Subprocessors are linked below for related details

Related documents

Cookies Subprocessors Security