Privacy Policy

Last Updated: May 10, 2025

1. Information We Collect

We collect several types of information from and about users of our Services, including:

• Personal Information: Information that identifies you such as your name, email address, phone number, and billing information when you register for an account.
• Social Media Account Information: When you connect your social media accounts to PostNest, we access certain information from those accounts as permitted by the platforms and your privacy settings on those platforms. This may include profile information, follower counts, and posting permissions.
• Content Information: The content you upload to our Services, including images, videos, text, and captions intended for posting to social media platforms.
• Usage Information: Information about how you use our Services, including log data, device information, IP address, browser type, pages viewed, time spent on pages, and referring URLs.
• Cookies and Similar Technologies: We use cookies and similar tracking technologies to track activity on our Services and to hold certain information.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Services
• Process and complete transactions
• Send you technical notices, updates, security alerts, and support messages
• Post content to your connected social media accounts as authorized by you
• Respond to your comments, questions, and requests
• Develop new products and services
• Monitor and analyze trends, usage, and activities in connection with our Services
• Detect, investigate, and prevent fraudulent transactions and other illegal activities
• Personalize your experience by providing content or features that match your profile or interests

3. Platform-Specific API Usage

We use APIs to enable cross-posting and analytics. Your data may be subject to these platforms' privacy policies:

• TikTok: API usage complies with TikTok's policies (Privacy Policy).
• Instagram: API usage complies with Instagram's policies (Privacy Policy).
• Twitter/X: API usage complies with Twitter/X's policies (Privacy Policy).
• Bluesky: API usage complies with Bluesky's policies (Privacy Policy).
• Pinterest: API usage complies with Pinterest's policies (Privacy Policy).
• YouTube: API usage complies with YouTube's policies and Google's Privacy Policy (Google Privacy Policy).
• Facebook: API usage complies with Facebook's policies (Privacy Policy).
• LinkedIn: API usage complies with LinkedIn's policies (Privacy Policy).

We monitor API usage to ensure compliance with platform limits (e.g., TikTok's 100 posts/day, Instagram's 200 requests/hour).

4. How We Share Your Information

We share your information only as necessary:

• Social Media Platforms: To post or retrieve data on your behalf (e.g., OAuth tokens shared with TikTok).
• Service Providers: With third-party vendors (e.g., payment processors) under strict confidentiality agreements.
• Business Transfers: In case of a merger, sale, or acquisition, your data may be transferred.
• Legal Obligations: To comply with laws, court orders, or government requests.
• With Consent: For any purpose you explicitly approve.

5. Data Retention

We retain personal data only as long as necessary for the purposes outlined here, or to comply with legal obligations (e.g., 5 years for tax records, 6 years for accounting per U.S. law). After this, data is securely deleted or anonymized.

6. Data Security

We use industry-standard measures:

• Encryption: OAuth tokens and personal data are encrypted in transit (TLS) and at rest (AES-256).
• Access Controls: Only authorized personnel access your data, under strict confidentiality.
• Monitoring: We monitor for breaches and respond within 72 hours if detected.

Despite our efforts, no online system is 100% secure; we cannot guarantee absolute security.

7. International Data Transfers

All data is stored on servers in the United States. If you're outside the U.S., your data is transferred to the U.S., where privacy laws may differ. By using our Services, you consent to this transfer.

8. Your Data Protection Rights

Depending on your location (e.g., GDPR for EU, CCPA for California), you have rights:

• Access: Request a copy of your data.
• Rectification: Correct inaccurate data.
• Deletion: Request data deletion, subject to legal obligations.
• Restriction: Limit how we process your data.
• Portability: Receive your data in a machine-readable format.
• Objection: Object to processing (e.g., for marketing).
• Withdraw Consent: Revoke consent where applicable.

To exercise these rights, contact info@postnest.app. We'll respond within 30 days (or 45 under CCPA). You may also file a complaint with your local data protection authority (e.g., FTC in the U.S.).

9. Data Processing for Administrators and Brands

If you're an Administrator (e.g., agency) managing Brand accounts, we act as a data processor, processing data on your behalf per your instructions:

• Purpose: Manage social media accounts (e.g., posting, analytics).
• Data: Brand account data (e.g., posts, stats) you provide.
• Obligations: We process data only as instructed, maintain confidentiality, delete data post-service (except for legal retention), and notify you of breaches within 72 hours.
• Sub-Processors: We may use sub-processors (e.g., hosting providers) under the same terms, remaining liable for their compliance.

10. Children's Privacy

Our Services are not for children under 13 (or 16 under GDPR). We do not knowingly collect their data. If discovered, we'll delete it immediately. Contact us if you believe a child's data was collected.

11. Third-Party Services

Our Services link to third-party sites (e.g., social platforms). We're not responsible for their privacy practices. Review their policies before use.

12. Updates to This Privacy Policy

We may update this policy, notifying you via email or our site. Continued use after updates means acceptance. Check this page regularly.

13. Contact Us

For questions or to exercise your rights, email us at info@postnest.app.

Thank you for choosing PostNest!