Privacy Policy
Effective April 1, 2026
Conversion Stack LLC ("Conversion Stack," "WebinarStack," "we," "us," or "our") operates the WebinarStack platform at webinarstack.co. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, whether as an account holder hosting webinars or as an attendee viewing them.
1. Information We Collect
Account Information
When you create a WebinarStack account, we collect your email address, password (stored securely by our authentication provider), and company name.
Attendee Registration Information
When you register for a webinar hosted on our platform, the webinar host collects your name and email address. We also capture UTM parameters (source, medium, campaign, term, content) from the registration URL to help hosts understand how attendees found their webinar.
Webinar Engagement Data
During a webinar, we automatically collect behavioral data to power the host's analytics and automation features. This includes:
- Join and leave times
- Watch duration and percentage viewed
- Video interactions (play, pause, seek)
- Call-to-action clicks and offer clicks
- Poll responses
- Chat messages
Geographic Location
When you register for a webinar, we record the two-letter ISO country code (for example, "US" or "DE") associated with your registration request. This country code is resolved at the edge by our hosting provider (Vercel) from the network connection and passed to our servers as a request header. We do not receive or store your IP address — no raw IP is ever written to our database or logs from this flow. The country code is used to power aggregate, country-level analytics (such as a registrations-by-country map) for the webinar host. Because only a country — not a personal identifier — is persisted, this capture is designed to be GDPR-compliant.
Technical Data
We collect standard technical information including your IP address, browser type, and device information through server logs. We use cookies for authentication sessions and to remember interface preferences (such as sidebar state).
2. How We Use Your Information
- Provide the service — Authenticate users, deliver webinars, process registrations, and send transactional emails (confirmations, reminders).
- Analytics and reporting — Generate engagement analytics for webinar hosts, including attendance rates, watch-time metrics, and conversion funnels.
- Automations — Trigger host-configured actions based on attendee behavior, such as follow-up emails, webhook deliveries, and integration events.
- Communication — Forward chat messages to hosts via connected integrations (e.g., Slack) and relay host replies back to attendees.
- Improve the platform — Analyze aggregate usage patterns to improve features and reliability.
3. Third-Party Services
We use the following third-party services that may process your data:
Webinar hosts may also connect third-party email marketing services (such as ConvertKit, ActiveCampaign, Mailchimp, or MailerLite) to sync attendee data. These integrations are configured and controlled by the host.
4. Cookies and Local Storage
We use the following cookies and browser storage:
- Authentication cookies — Session tokens managed by Supabase to keep you signed in. These are essential for the service to function.
- Preference cookies — Interface preferences such as sidebar state and theme selection.
- Session storage — Temporary event buffering during webinar viewing to prevent data loss on page reload. This data is cleared when you close the browser tab.
We do not use advertising or third-party tracking cookies.
5. Data Sharing
We do not sell your personal information.
We share data only in these circumstances:
- With webinar hosts — Attendee registration and engagement data is shared with the host of the webinar you registered for. Hosts control how they use this data.
- With service providers — Third-party services listed above that help us operate the platform, bound by their own privacy policies.
- Legal requirements — When required by law, regulation, or valid legal process.
6. Data Security
We implement industry-standard security measures including encrypted data transmission (TLS), Row Level Security on our database to enforce tenant isolation, encrypted storage of API credentials, and secure authentication via Supabase Auth.
7. Data Retention
We retain account data for as long as your account is active. Attendee registration and engagement data is retained for as long as the webinar host maintains their account. You may request deletion of your data at any time (see Section 9).
8. Your Rights
All Users
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Unsubscribe from webinar-related emails via the unsubscribe link in any email
Colorado Privacy Act (CPA)
If you are a Colorado resident, you have additional rights under the Colorado Privacy Act, including the right to opt out of the processing of your personal data for targeted advertising and the right to data portability.
California Residents (CCPA)
California residents have the right to know what personal information we collect and how it is used, request deletion, and opt out of the sale of personal information. We do not sell personal information.
European Residents (GDPR)
If you are in the European Economic Area, you have the right to access, rectify, erase, restrict processing, and port your data. Our legal basis for processing is legitimate interest (providing the service) and consent (where applicable).
9. Contact Us
To exercise any of your rights or if you have questions about this Privacy Policy, contact us at:
Email privacy@webinarstack.co
Company Conversion Stack LLC (dba WebinarStack)
Location Colorado, United States
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the effective date. Your continued use of the platform after changes constitutes acceptance of the updated policy.