Privacy Policy

Last updated: January 2024

Your privacy is important to us. This Privacy Policy explains how Postora collects, uses, and protects your personal information.

1. Introduction

Postora ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our AI-powered social media storytelling platform at postora.ai and related services (the "Service").

This policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

  • Name, email address, and phone number
  • Account credentials and profile information
  • Business information and branding details
  • Payment and billing information (processed by Stripe)
  • Communication preferences and settings

2.2 Business and Content Information

  • Business name, description, and industry
  • Brand guidelines, tone of voice, and visual identity
  • Target audience and marketing preferences
  • Generated content and post data
  • Social media platform connections and authorization tokens

2.3 Technical Information

  • IP address, browser type, and device information
  • Usage patterns and feature interactions
  • Cookies and similar tracking technologies
  • Log files and error reports
  • Performance and analytics data

2.4 Third-Party Data

  • OAuth tokens from connected social media platforms
  • Public profile information from social platforms
  • Engagement metrics and post performance data
  • Google account information (if using Google Sign-In)

3. How We Use Your Information

3.1 Service Provision

  • Generate AI-powered social media content based on your preferences
  • Schedule and publish content to connected social platforms
  • Provide analytics and performance insights
  • Maintain and improve AI content generation algorithms
  • Process payments and manage subscriptions

3.2 Communication and Support

  • Respond to customer support requests
  • Send service updates and important notifications
  • Provide onboarding assistance and training
  • Send marketing communications (with your consent)

3.3 Platform Improvement

  • Analyze usage patterns to improve features
  • Develop new AI capabilities and content templates
  • Conduct security monitoring and fraud prevention
  • Ensure compliance with legal and regulatory requirements

4. AI Content Generation and Data Usage

4.1 AI Training: We use your business information and preferences to train our AI models to generate brand-appropriate content. This data is processed securely and is not shared with third parties.

4.2 Content Ownership: You retain full ownership of all content generated through our platform. We do not use your generated content to train AI models for other users.

4.3 Third-Party AI Services: We use OpenAI and Anthropic APIs for content generation. These providers may process your content according to their privacy policies, but we do not share personal information beyond what's necessary for content generation.

5. Information Sharing and Disclosure

5.1 Service Providers

We share information with trusted service providers who help us operate our platform:

  • Payment Processing: Stripe for payment processing
  • Cloud Hosting: AWS or similar cloud providers
  • AI Services: OpenAI and Anthropic for content generation
  • Analytics: Google Analytics (anonymized data only)
  • Email Services: SendGrid or similar for transactional emails

5.2 Social Media Platforms

When you connect social media accounts, we share generated content with those platforms according to your publishing preferences. We only share what's necessary for content publication.

5.3 Legal Requirements

We may disclose your information if required by law, court order, or to protect the rights, property, or safety of Postora, our users, or others.

6. Data Security

6.1 Security Measures: We implement industry-standard security measures including encryption in transit and at rest, secure access controls, and regular security audits.

6.2 Data Encryption: All sensitive data, including social media tokens and payment information, is encrypted using AES-256 encryption.

6.3 Access Controls: We limit access to personal information to authorized employees and contractors who need it to perform their job functions.

6.4 Data Breach Response: In the event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by law.

7. Your Privacy Rights

7.1 GDPR Rights (EU Users)

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Export your data in a machine-readable format
  • Right to Object: Opt-out of certain data processing activities

7.2 CCPA Rights (California Users)

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Non-Discrimination: Equal service regardless of privacy choices
  • Right to Opt-Out: We don't sell personal information, but you can opt-out if we did

7.3 How to Exercise Your Rights

To exercise any of these rights, contact us at privacy@postora.ai or use the privacy controls in your account settings. We will respond within 30 days.

8. Cookies and Tracking Technologies

8.1 Essential Cookies: We use cookies necessary for the operation of our Service, including authentication and security cookies.

8.2 Analytics Cookies: We use Google Analytics to understand how users interact with our Service. This data is anonymized and aggregated.

8.3 Cookie Control: You can control cookies through your browser settings, but disabling certain cookies may affect Service functionality.

9. Data Retention

9.1 Account Data: We retain your account and business information for as long as your account is active or as needed to provide services.

9.2 Content Data: Generated content is retained until you delete it or close your account. Deleted content is permanently removed within 30 days.

9.3 Log Data: Technical logs and analytics data are retained for up to 2 years for security and improvement purposes.

9.4 Legal Requirements: Some data may be retained longer if required by law or for legitimate business purposes.

10. International Data Transfers

10.1 Global Service: Our Service is operated from the United States. By using our Service, you consent to the transfer of your information to the United States.

10.2 Safeguards: We implement appropriate safeguards for international data transfers, including standard contractual clauses and adequacy decisions where applicable.

11. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For material changes, we will provide additional notice via email or prominent notice on our Service.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Privacy Officer: privacy@postora.ai

General Support: support@postora.ai

Data Protection Officer: dpo@postora.ai

Website: https://postora.ai

Mailing Address:
TONTIIN, LLC
131 Continental Dr, Suite 305
Newark, DE 19713
United States

Back to Home