Privacy Policy
Last updated: June 20, 2026
This policy explains what data Mockly (“we”, “us”) collects when you use getmockly.com, why, and the choices you have — including cookies, analytics, session replays, and advertising. Questions? Email maurice@getmockly.com.
Who we are
Mockly is a browser-based tool for creating chat, AI chat, social post, comment, story, and email mockups. It is operated by The Automation Bureau B.V. (KVK no. 98237799), Hembrugstraat 11HS, 1013 WV Amsterdam, Netherlands, which is responsible for the personal data described in this policy.
For any privacy request or question, contact us at maurice@getmockly.com.
Data we collect
- Account & profile — when you sign up (by email or Google), your name, email address, and profile image. Sign-in and sessions are handled by our authentication provider.
- Billing — if you buy a plan, payments are processed by Stripe. Stripe handles your card details; we only store your subscription status and the identifiers needed to manage it. We never see or store full card numbers.
- Mockups you create— while you’re editing, your draft (chats, names, avatars, and images) is stored locally in your browser. When you export an image or video, the mockup content (including images you upload) and the rendered file are stored on our servers and file storage, linked to your account — or to an anonymous identifier if you’re not signed in — so you can access and download them. If your team uses a shared library, mockups saved there are stored on our servers for your organization.
- Usage & analytics — pages viewed, actions taken, and (with your consent) session replays, so we can understand and improve the product.
- Technical data — IP address, approximate country, device and browser information, and cookies or similar identifiers.
Cookies & tracking
We group non-essential cookies and trackers into categories. In the EU, EEA, UK, and Switzerland we ask for your consent before any non-essential category runs; elsewhere they run by default. You can change your choice anytime via “Cookie settings” in the footer.
- Necessary(always on, no consent) — sign-in/session cookies and security cookies set by our auth provider and by Stripe on payment pages. Without these the site can’t work.
- Analytics (consent) — PostHog for product analytics and session replays (recordings of interactions on app pages, with sensitive inputs masked), and Datafast for privacy-friendly traffic and revenue analytics. Datafast runs as a cookieless, anonymous baseline for everyone and only uses cookies once you accept Analytics.
- Marketing (consent) — Meta Pixel to measure ad performance, and Google One Tap to offer faster sign-in. These load only if you accept Marketing.
How we use your data
- To provide the editor, render and deliver your exports, and manage your account.
- To take payment and manage subscriptions.
- To respond to support requests and send essential service emails.
- To understand usage and improve the product (analytics; replays with consent).
- To measure and run marketing, where you’ve consented.
- To keep the service secure and prevent abuse.
Legal bases (EEA/UK)
- Contract — running your account, exports, and payments.
- Consent — analytics, session replays, and marketing/advertising. You can withdraw it anytime.
- Legitimate interests — basic, privacy- respecting operation and security of the service.
- Legal obligation — e.g. keeping records required by law.
Who we share data with
We don’t sell your personal data. We share it only with providers that help us run Mockly, under contracts that limit their use of it:
- Vercel — website hosting and delivery.
- Amazon Web Services — rendering your image and video exports.
- Stripe — payment processing.
- PostHog — product analytics and session replays (with consent).
- Datafast — traffic and revenue analytics.
- Meta and Google — advertising measurement and sign-in (with consent).
International transfers
Some providers are based in the United States, so your data may be transferred there. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses or an equivalent framework) for those transfers.
How long we keep it
We keep account and billing data for as long as your account is active and as needed to meet legal and accounting obligations, then delete or anonymize it. Exports and mockups saved to a team library are kept until you (or your team) delete them. Analytics data is retained according to each provider’s settings. Drafts you’re editing live in your browser’s storage and are removed when you clear it.
Your rights
Depending on where you live, you may have the right to access, correct, delete, export, or restrict use of your data, to object to certain processing, and to withdraw consent. To exercise any of these, email maurice@getmockly.com. EEA/UK users also have the right to complain to their local data protection authority.
Security
We use reasonable technical and organizational measures to protect your data, including encryption in transit. No method of transmission or storage is completely secure, so we can’t guarantee absolute security.
Children
Mockly isn’t intended for children under 16 (or the minimum age in your country), and we don’t knowingly collect their data.
Changes
We may update this policy from time to time. We’ll change the “last updated” date above and, for material changes, take additional steps where required.
Contact
Questions or requests? Email maurice@getmockly.com.