GetThrough

Last updated 16 June 2026

Privacy Policy

1. Who we are

GetThrough (https://www.getthrough.to) operates a platform where creators publish public profiles and visitors pay for guaranteed conversations. This Privacy Policy explains how we collect, use, share, and protect personal data when you use our Service.

For privacy-related questions or requests, contact us at legal@getthrough.to.

2. What we collect

Depending on how you use the Service, we may collect:

  • Account data — email address, authentication identifiers, and password hash (for email sign-up).
  • Profile data — username, display name, bio, avatar, pricing, reply-by deadline, social links, and onboarding status.
  • X verification data — if you connect X, we may store your X user ID, username, display name, profile image URL, follower count, account creation date, and verification status to display trust signals on your profile.
  • Payment data — payment amounts, transaction IDs, and payout-related metadata processed by Stripe. We do not store full card numbers.
  • Conversation data — messages and metadata related to paid conversations, including deadlines and completion status.
  • Usage and technical data — log data, device/browser information, IP address, and cookies necessary to keep you signed in and secure the Service.

3. How we use your data

We use personal data to:

  • Create and manage your account.
  • Publish and display public creator profiles.
  • Process payments, payouts, and automatic refunds.
  • Enforce reply-by deadlines and conversation rules.
  • Display verification and performance metrics where applicable.
  • Prevent fraud, abuse, and security incidents.
  • Improve and operate the Service.
  • Comply with legal obligations.

4. Legal bases for processing

Where applicable under UK GDPR, EU GDPR, or similar laws, we rely on:

  • Contract — to provide the Service you sign up for (accounts, profiles, conversations, payments).
  • Legitimate interests — to secure the platform, prevent abuse, and improve functionality, balanced against your rights.
  • Consent — where required for optional features (such as connecting third-party accounts) or marketing communications, where offered.
  • Legal obligation — where we must retain or disclose data to comply with law.

5. How we share data

We share personal data only as needed to operate the Service:

  • Supabase authentication, database, and file storage.
  • Stripe payment processing.
  • Google sign-in (OAuth).
  • Apple sign-in (OAuth).
  • X sign-in and profile verification (OAuth).

Public profile fields you choose to publish are visible to anyone, including people who are not registered users.

We may also disclose data if required by law, to protect rights and safety, or in connection with a merger, acquisition, or asset sale.

6. International transfers

We operate a worldwide service. Your data may be processed in countries other than your own, including where our service providers host infrastructure. Where required, we use appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

7. Retention

We keep personal data for as long as your account is active and as needed to provide the Service, resolve disputes, enforce agreements, and meet legal, tax, and accounting requirements. When data is no longer required, we delete or anonymise it.

8. Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, or object to processing of your personal data, and to data portability. Where processing is based on consent, you may withdraw consent at any time.

UK and EEA residents may lodge a complaint with their local data protection authority. Users in other jurisdictions may have equivalent rights under local law — contact us and we will respond in line with applicable requirements.

To exercise your rights, email legal@getthrough.to. We may need to verify your identity before fulfilling a request.

9. Security

We use reasonable technical and organisational measures to protect personal data, including access controls and encryption in transit where supported by our providers. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

10. Children

The Service is not directed at children under 16 (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will take appropriate steps to delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will revise the “Last updated” date when we do. Material changes may also be communicated through the Service. Continued use after changes take effect means you accept the updated policy.

12. Contact

Privacy questions or requests: legal@getthrough.to.