Privacy Policy

At AutoPost AI, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at autopostai.app.

We are committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

AutoPost AI
Location: Belgium, European Union
Email: support@autopostai.app
Website: autopostai.app

2.1 Personal Information

• Account Information: Name, email address, password (encrypted)
• Profile Data: User preferences and settings
• Payment Information: Processed securely through Stripe (we do not store full credit card details)

2.2 Social Media Account Access

When you connect your social media accounts, we collect access tokens that allow us to:

• Create and schedule posts on your behalf
• Access basic profile information
• Retrieve engagement metrics and analytics

We only request the minimum permissions necessary to provide our service.

2.3 Usage Data

• Content you create and schedule through our platform
• Account balance and transaction history
• Feature usage and interaction patterns
• Device information and IP addresses
• Browser type and operating system

2.4 Cookies and Tracking

We use essential cookies to maintain your session and preferences. These are necessary for the platform to function properly.

We use your information to:

• Provide Services: Create, schedule, and publish content to your social media accounts
• Account Management: Maintain your account, process payments, and manage your balance
• Communication: Send service updates, security alerts, and support messages
• Improvements: Analyze usage patterns to enhance our platform
• Security: Detect and prevent fraud, abuse, and security incidents
• Legal Compliance: Comply with applicable laws and regulations

4.1 Service Providers

• Stripe: Payment processing and billing management
  Privacy Policy: stripe.com/privacy
• Supabase: Database and authentication services
  Privacy Policy: supabase.com/privacy
• Social Media Platforms: Facebook, Instagram, Twitter, LinkedIn, TikTok, Pinterest
  Each platform has its own privacy policy governing data access and usage

4.2 Data Sharing

We do not sell your personal information. We only share data with third parties when:

• Required to provide our services (e.g., publishing to social media)
• You explicitly consent to the sharing
• Required by law or legal process
• Necessary to protect our rights or prevent fraud

As an EU-based service, we fully comply with GDPR. You have the following rights:

• Right to Access: Request a copy of all personal data we hold about you
• Right to Rectification: Correct inaccurate or incomplete personal data
• Right to Erasure (Right to be Forgotten): Request deletion of your personal data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Restriction: Request limitation of processing your personal data
• Right to Object: Object to processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time without affecting lawfulness of prior processing

To exercise any of these rights, contact us at support@autopostai.app. We will respond within 30 days.

We implement industry-standard security measures to protect your data:

• End-to-end encryption for data transmission (HTTPS/TLS)
• Encrypted storage of passwords and sensitive data
• Regular security audits and updates
• Access controls and authentication mechanisms
• Secure payment processing through PCI-DSS compliant providers

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

We retain your personal data only as long as necessary to:

• Provide our services to you
• Comply with legal obligations
• Resolve disputes and enforce agreements

When you delete your account, we will permanently delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., financial records).

8. International Data Transfers

While we are based in the EU, some of our service providers may process data outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by the European Commission
• Binding Corporate Rules (BCRs)

9. Children's Privacy

Our service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Updating the "Last updated" date at the top of this page
• Sending an email notification to your registered email address
• Displaying a prominent notice on our platform

Your continued use of our service after changes become effective constitutes acceptance of the updated Privacy Policy.