Privacy Policy

1. Data We Collect

We collect the minimum information needed to operate scheduling, AI generation, billing, and account support.

• Account information such as your email address and basic profile details from sign-in providers.
• Connected social account data and access tokens required to publish content on your behalf.
• Post content, scheduling settings, generated drafts, prompts, uploaded assets, and publishing history.
• Usage metrics such as plan limits, post counts, image generation counts, and product analytics needed to operate the service.

2. OAuth Data Scope

When you connect Meta, Google, or Threads accounts through OAuth, we only request the permissions required to authenticate your account and publish or manage authorized content.

• Meta and Threads: basic profile identifiers, connected page or account metadata, publishing permissions, and long-lived access tokens where required.
• Google: basic account profile and email address for authentication, plus any Google permissions explicitly shown during consent.
• We do not use OAuth data for unrelated advertising purposes, and we do not sell access tokens or connected account data.

3. Storage, Encryption, and Deletion

We retain data only as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce our agreements.

• Sensitive tokens and secrets are stored using industry-standard encryption controls.
• Operational records may be retained for security, fraud prevention, billing, and support purposes.
• You may request deletion of your account and associated personal data by contacting support@autopostbot.cc.

4. Cookies

We use cookies and similar technologies to keep you signed in, remember language and interface preferences, secure sessions, and measure site usage.

• Essential cookies are required for authentication, session continuity, and basic site functionality.
• Analytics and performance cookies may be used to understand service usage and improve reliability.

5. Third-Party Services

Autopost relies on third-party infrastructure and APIs to deliver the product. Those providers may process data according to their own terms and privacy policies.

• Supabase for authentication, database, and storage services.
• Vercel and Cloudflare for hosting, delivery, performance, and security services.
• Gemini API for AI-assisted content generation features.
• Meta API, Google API, and Threads API for social account connection and publishing.
• PAYUNI for payment processing and billing transactions.

6. Your Choices

You may disconnect connected accounts, request access or deletion, and contact us to update or remove personal information where applicable.

• You are responsible for ensuring the data you submit is accurate and lawfully shared with us.
• We may retain limited records where required for legal compliance, fraud prevention, or legitimate business purposes.

7. Contact

If you have privacy questions, access requests, or deletion requests, contact us at support@autopostbot.cc.