Privacy Policy

Effective Date: May 5, 2025

Welcome to PostPilot (the "Service," "we," "us," or "our"), accessible via postpilot.social. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Effective Date" of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates. You will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted the changes in any revised Privacy Policy by your continued use of the Service after the date such revised Privacy Policy is posted.

Collection of Your Information

We may collect information about you in a variety of ways. The information we may collect via the Service depends on the content and materials you use, and includes:

Personal Data

Personally identifiable information, such as your name, email address, and demographic information, that you voluntarily give to us when you register with the Service or when you choose to participate in various activities related to the Service. You are under no obligation to provide us with personal information of any kind, however your refusal to do so may prevent you from using certain features of the Service.

Social Media Account Data

When you connect your social media accounts (e.g., Twitter, Mastodon, Bluesky, LinkedIn, YouTube, TikTok) to the Service, we collect and securely store the necessary authentication tokens (such as access tokens and refresh tokens, where applicable) required to interact with these platforms on your behalf according to the permissions you grant. We also collect and store publicly available profile information associated with your connected accounts (such as profile ID, username, display name, avatar URL) to display within the Service and facilitate its features. We request only the permissions essential for providing the core functionality of the Service. We do not store your direct social media account passwords (with the potential exception of platform-specific authentication methods like app passwords, which are also stored securely if collected).

Derivative Data

Information our servers automatically collect when you access the Service, such as your IP address, your browser type, your operating system, your access times, and the pages you have viewed directly before and after accessing the Service. This may also include device information depending on your settings.

Financial Data

Financial information related to your payment method (e.g., credit card details) may be collected when you subscribe to paid features of the Service. We minimize the financial information we store directly. Most financial information is securely collected and stored by our third-party payment processor(s) (e.g., Stripe). We encourage you to review the privacy policy of our payment processor(s).

User-Generated Content

We collect the content you create, schedule, and publish through the Service, including text, images, videos, and links ("Posts"). We also collect metadata associated with your Posts, such as scheduling times and target social media accounts.

Use of Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Service to:

• Create and manage your account.
• Process your payments and subscriptions.
• Connect to your designated social media accounts and perform actions (e.g., posting content) on your behalf as instructed by you.
• Display your connected social media profile information.
• Schedule and publish your Posts to connected social media accounts.
• Provide you with customer support and respond to your inquiries.
• Monitor and analyze usage and trends to improve your experience with the Service.
• Notify you of updates to the Service.
• Prevent fraudulent transactions, monitor against theft, and protect against criminal activity.
• Comply with legal and regulatory requirements.
• Perform other business activities as needed.

Disclosure of Your Information

We may share information we have collected about you in certain situations. Your information may be disclosed as follows:

By Law or to Protect Rights

If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation.

Third-Party Service Providers

We may share your information with trusted third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing, data analysis, email delivery, hosting services, customer service, authentication services, database management, and infrastructure provision. We authorize these service providers to use or disclose the information only as necessary to perform services on our behalf or comply with legal requirements. They are contractually obligated to safeguard the privacy and security of the personal information they process.

Social Media Platforms

When you use the Service to interact with third-party social media platforms, your information (including your Posts and potentially your authentication tokens if needed for an action) is shared with those platforms according to their respective APIs and privacy policies. We are not responsible for the actions of these third-party platforms.

Business Transfers

We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

Security of Your Information

We use administrative, technical, and physical security measures designed to help protect your personal information from unauthorized access, use, or disclosure. We employ reasonable security practices, including appropriate encryption for sensitive data like authentication tokens stored at rest. While we have taken significant steps to secure the information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information.

Cookies and Web Beacons

We may use cookies, web beacons, tracking pixels, and other tracking technologies on the Service to help customize the Service and improve your experience. For more information on how we use cookies, please refer to our Cookie Policy.

Policy for Children

We do not knowingly solicit information from or market to children under the age of 13 (or other age as required by local law). If we learn that we have collected personal information from a child under the applicable age without verification of parental consent, we will delete that information as quickly as possible. If you believe we might have any information from or about a child under the applicable age, please contact us at contact@support.postpilot.social.

Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.

Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal information:

• The right to access – You have the right to request copies of your personal data.
• The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The right to erasure – You have the right to request that we erase your personal data, under certain conditions. You can typically delete your account and associated data directly through the Service settings.
• The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
• The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: contact@support.postpilot.social.

You can also review, change, or terminate your account at any time via your account settings page. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Service and/or comply with legal requirements.

International Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Our primary infrastructure providers (Supabase, Stripe, Vercel) may process data in various locations globally. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Contact Us

If you have questions or comments about this Privacy Policy, please contact us at: contact@support.postpilot.social