Data Privacy Policy

Last Updated as of 2026-05-16

Data Privacy and User Data Handling

This page explains how the Service handles user data in connection with AI generation, social media account management, content publishing, scheduling, and related product features. It supplements our Privacy Policy and is intended to provide a clearer, product-specific explanation of how user data is stored and used.

We design our data handling around a simple principle: your content and account data should be used only to provide the features you request, protect the Service, maintain account security, process payments where applicable, and support normal service operations.

User Content Ownership

You retain ownership of the content that you upload, create, generate, schedule, publish, or otherwise manage through the Service, subject to the rights of any other people, brands, platforms, or third parties involved in that content.

We do not claim ownership of your prompts, uploaded media, generated outputs, captions, posts, schedules, campaigns, or social media content. We do not sell or rent your user content. We also do not use your user content for unrelated advertising, resale, or other unauthorized purposes.

You are responsible for making sure that the content you upload, generate, publish, or distribute through the Service is lawful and that you have the rights, permissions, and consents needed to use it.

Social Account Authorization

When you connect a social media account, the Service stores the authorization information needed to perform actions that you have approved, such as reading available channels, preparing publishing targets, publishing content, refreshing a connection, or managing the connected account within the Service.

Connected account authorization data is stored on our server in encrypted form and is protected by access controls. We use it only to operate the connected social media features that you request or enable.

Connected accounts may expire, be revoked, become invalid, or require re-authorization depending on the social platform's rules, the scope of the authorization, and account security conditions. If a connection is expired, invalid, disconnected, or no longer authorized, you may need to reconnect the account before the Service can publish or manage content for that account.

When you disconnect a social account through the Service, we remove the connected account record and related connection data used for that account. Some publishing history, logs, or records may remain where needed for service integrity, troubleshooting, abuse prevention, legal compliance, or normal account administration.

API Keys

If you create an API key, the full key is shown only at creation time. You should store it securely, because we cannot display the full key again later.

We do not store a directly recoverable copy of your API key. Instead, we store a secure verification record and limited display information so that the Service can verify future API requests and show you which key is being managed.

API keys may include permissions, expiration settings, status information, and last-use information. You can revoke an API key. Revoked, expired, or invalid keys cannot be used to access the Service.

Posts, Scheduling, and Publishing Data

To publish content immediately or schedule it for later, the Service processes the information needed to complete that request. This may include text, titles, captions, media references, target platforms, channels, scheduling time, publishing status, platform-specific settings, and delivery results.

For scheduled publishing, the Service stores the content and publishing instructions needed to perform the scheduled action. This information is used to execute the publish request, show publishing status, handle failures or retries, and support troubleshooting.

We do not use scheduled or published content for unrelated purposes. Publishing data may be retained where needed to operate the product, show history, debug failures, protect against abuse, support billing or usage records, comply with legal obligations, or maintain account integrity.

If you cancel a scheduled publish action where cancellation is supported, the Service removes the pending scheduling instruction and related queued publishing data. Published content may also remain on the third-party social platform according to that platform's own rules and your account settings.

AI Generation Data

AI generation features may process prompts, uploaded files, reference images, reference videos, reference audio, generation settings, generated outputs, task status, and related usage information. This data is used to submit generation requests, show recent results, recover task status, apply usage limits, calculate billing or credits where applicable, and troubleshoot failed or delayed jobs.

Some AI requests and related inputs may be sent to third-party AI model providers or infrastructure providers so they can process the generation task. These providers may include model inference services and cloud infrastructure used to create images, videos, audio, text, or other digital outputs.

Recent AI generation history may be retained for a limited period so that you can review recent results, resume pending work, and access outputs shortly after generation. Local generation history may also be periodically limited or cleaned up by the browser-side application. We avoid making fixed deletion promises here unless a specific retention rule is fully implemented and enforced across the relevant systems.

We do not use your uploaded or generated AI content for unrelated advertising, resale, or unauthorized reuse. We also do not claim ownership of AI outputs that you generate through the Service, subject to the Terms of Service, applicable law, third-party rights, and the policies of any model providers involved.

Local Browser Storage

Some data is stored locally in your browser to make the product faster and easier to use. This may include social post drafts, recent AI generation history, media previews, upload references, page cache data, and other records needed to restore your work or improve the editing experience.

Social post drafts are primarily stored in local browser storage and are not uploaded as server-side drafts simply because you save a local draft. If you publish immediately or schedule a post, the content needed for that publish or schedule action is sent to the Service.

Local records have default retention behavior inside the browser-side application, and you may also remove local data through product controls where available or by clearing your browser data. Because local browser storage is controlled by the browser and device environment, availability and deletion behavior may also depend on your browser settings, device storage, and privacy controls.

Temporary Uploads and Media Files

Large files, videos, scheduled publishing media, AI inputs, and generated outputs may need to be temporarily uploaded to our storage services so that the Service can process, preview, generate, publish, or troubleshoot the requested action.

Temporary media storage is used only for the purpose of completing user-requested workflows, such as AI generation, media processing, previewing, immediate publishing, scheduled publishing, delivery to a connected platform, or resolving a service issue. We do not use temporary uploads for unrelated advertising, resale, or unauthorized purposes.

Where media is sent to a third-party social platform or AI provider, that third party may process and retain the media according to its own policies and the action you requested. For example, content published to a social media platform may remain available on that platform until you remove it there or the platform removes it under its own rules.

Third-Party Processing

To provide the Service, we may rely on third-party service providers, including cloud infrastructure providers, payment processors, analytics services, social media platform APIs, and AI model or inference providers.

These providers process data only as needed to support the Service functions they provide, such as hosting, security, billing, usage analytics, social media authorization, publishing, AI generation, file processing, and service reliability.

For AI generation specifically, prompts, uploaded media, generation settings, and related task information may be shared with AI model or infrastructure providers so they can perform the requested generation. For social media publishing, the content and account authorization needed for a publishing action may be sent to the relevant social media platform.

Third-party providers may have their own privacy policies, security practices, data retention rules, and terms. We aim to use these providers only as needed to operate the Service and to keep the amount of shared data limited to the relevant purpose.

User Control and Deletion

You can control several categories of data directly through the Service or your browser:

  • You can disconnect social accounts where the product provides a disconnect option.
  • You can revoke API keys that you no longer want to use.
  • You can cancel scheduled publishing actions where cancellation is supported.
  • You can delete local drafts or clear local browser data.
  • You can remove published content directly from the relevant social media platform, subject to that platform's tools and policies.

You may also contact us to request access, correction, deletion, or additional information about your data. Some data may need to be retained where required for security, fraud prevention, billing, accounting, legal compliance, dispute resolution, service integrity, or backup and recovery processes.

Security Measures

We use technical and organizational safeguards designed to protect user data, including encrypted authorization data, access controls, secure verification records for API access, limited-use temporary media storage, and separation between local browser storage and server-side service data where appropriate.

No online service can guarantee absolute security. You should protect your login credentials, API keys, connected social accounts, and browser/device access. If you believe your account, API key, or connected social account has been compromised, revoke or disconnect access where possible and contact us promptly.

Contact Us

If you have questions about how the Service handles user data, social account authorization, API keys, AI generation data, publishing data, or local browser storage, please contact us.