← Back to Home

Privacy Policy

Last updated: February 2025

1. Introduction

POSTAIFY ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered social media content generation platform at postaify.com (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Name, email address, and password when you create an account
  • Profile Information: Brand names, descriptions, and preferences you configure
  • Content Data: Text, prompts, and other content you input for AI generation
  • Payment Information: Billing details processed securely through Stripe (we do not store full card numbers)
  • Communications: Messages you send to our support team

2.2 Information from Google Sign-In

When you sign in using Google OAuth, we receive and store:

  • Email Address: Your Google account email for authentication and communication
  • Display Name: Your name as set in your Google account
  • Profile Picture: Your Google profile image (optional, for display purposes only)

We only request the minimum permissions needed to authenticate you. We do NOT access your Google Drive, Gmail, Contacts, Calendar, or any other Google services.

2.3 Automatically Collected Information

  • Usage Data: Features used, content generated, and interaction patterns
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP address, access times, and pages viewed
  • Cookies: Session cookies for authentication and preferences

3. How We Use Your Information

We use your information solely to provide and improve our Service:

  • Service Delivery: To authenticate you, process your requests, and generate AI content
  • Account Management: To manage your subscription, usage limits, and billing
  • Communication: To send service updates, security alerts, and support responses
  • Improvement: To analyze usage patterns and improve our features (aggregated, non-personal data)
  • Security: To detect and prevent fraud, abuse, or security threats
  • Legal Compliance: To comply with applicable laws and regulations

We do NOT use your data to train AI models. Your content remains yours.

4. How We Share Your Information

We do NOT sell, rent, or trade your personal information. We share data only in these limited circumstances:

4.1 Service Providers

We use trusted third-party services to operate our platform:

  • Convex: Database and backend infrastructure
  • Stripe: Payment processing (PCI-compliant)
  • OpenRouter/AI Providers: AI content generation (prompts are processed, not stored by providers)
  • Cartesia: Voice synthesis for voiceovers
  • Runware/Fal.ai: Image generation

These providers only process data as necessary to provide their services and are contractually obligated to protect your information.

4.2 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, safety, or property.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred. We will notify you before your data becomes subject to a different privacy policy.

5. Data Retention

We retain your data only as long as necessary:

  • Account Data: Retained while your account is active
  • Generated Content: Stored until you delete it or your account
  • Usage Logs: Retained for up to 12 months for security and analytics
  • Payment Records: Retained as required by tax and accounting laws (typically 7 years)

When you delete your account, we delete or anonymize your personal data within 30 days, except where retention is required by law.

6. Your Rights and Choices

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Update or correct inaccurate information in your account settings
  • Deletion: Delete your account and associated data from your dashboard settings
  • Export: Request an export of your data in a portable format
  • Withdraw Consent: Revoke Google OAuth access at any time via your Google Account settings
  • Opt-out: Unsubscribe from marketing emails (service emails cannot be opted out)

To exercise these rights, contact us at privacy@postaify.com or use the self-service options in your account settings.

7. Data Security

We implement industry-standard security measures to protect your data:

  • All data transmitted over HTTPS (TLS encryption)
  • Passwords are hashed and never stored in plain text
  • OAuth tokens are securely stored and regularly rotated
  • Access controls limit employee access to personal data
  • Regular security audits and vulnerability assessments

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

8. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for authentication and core functionality
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Help us understand how users interact with our Service

You can control cookies through your browser settings. Disabling essential cookies may prevent you from using the Service.

9. Children's Privacy

POSTAIFY is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete it promptly. If you believe a child has provided us with personal information, please contact us.

10. International Data Transfers

Your data may be processed in countries other than your own, including the United States. These countries may have different data protection laws. By using our Service, you consent to the transfer of your data to these countries. We ensure appropriate safeguards are in place to protect your information.

11. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any personal information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. For material changes, we will provide notice via email or through the Service. Continued use after changes constitutes acceptance.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

We will respond to privacy inquiries within 30 days.

14. Google API Services Disclosure

POSTAIFY's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we limit our use of Google user data to providing authentication services. We do not use Google data for advertising, do not sell Google data, and do not use Google data for any purpose other than providing and improving user-facing features of our Service.

By using POSTAIFY, you acknowledge that you have read and understand this Privacy Policy.