Privacy Policy

Last updated: March 2026

1. Information We Collect

When you use socialAF, we collect the following types of information:

  • Account information: Your name and email address when you create an account.
  • OAuth tokens: When you connect social media accounts (X, LinkedIn, Bluesky, Threads), we store the OAuth access tokens necessary to publish content on your behalf.
  • Usage data: Information about how you interact with our service, including features used, posts created, and scheduling activity.
  • Media files: Images or media you upload for inclusion in social media posts.

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our services.
  • Publish and schedule social media content on your connected platforms.
  • Generate AI-powered content suggestions and brand voice profiles.
  • Process payments and manage your subscription.
  • Send service-related communications (account notifications, security alerts).

3. Data Storage & Security

Your data is stored in MongoDB Atlas, a cloud-hosted database service with enterprise-grade encryption at rest and in transit. Media files are stored on Cloudflare R2, a secure object storage service.

We implement industry-standard security measures including encrypted connections (TLS), hashed credentials, and access-controlled infrastructure to protect your data.

4. Third-Party Services

We use the following third-party services to operate socialAF:

  • Stripe — for payment processing. Stripe handles all payment card data directly; we do not store your card details.
  • MongoDB Atlas — for database hosting and data storage.
  • Cloudflare R2 — for secure media file storage.
  • OpenAI — for AI content generation (see Section 6).

5. Cookies

We use essential cookies for authentication and session management (powered by Better Auth). These cookies are strictly necessary to keep you logged in and do not track you across other websites. We do not use third-party advertising or analytics cookies.

6. AI Content Processing

socialAF uses OpenAI's services to power AI content generation features, including post creation, content remixing, and brand voice matching. When you use these features, the content you provide (such as post drafts, URLs, or brand voice samples) may be sent to OpenAI for processing.

We send only the minimum data necessary for content generation. OpenAI processes this data according to their own privacy policy and data usage terms.

7. Data Sharing

We do not sell your personal data to third parties.

We share data only with the third-party services listed in Section 4, and only to the extent necessary to provide our services. We may also disclose information if required by law or to protect our rights, safety, or property.

8. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Delete your account and associated data. You can request full account deletion by contacting us.
  • Export your data in a portable format.
  • Revoke connected social media account access at any time from your account settings.

To exercise any of these rights, contact us at [email protected]. We will respond to requests within 30 days.

9. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it by law. Anonymized usage data may be retained for analytics purposes.

10. Changes to This Policy

We may update this privacy policy from time to time. If we make material changes, we will notify you by email or through a prominent notice on our service. Continued use of socialAF after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this privacy policy or how we handle your data, please contact us at [email protected].