← Back

Privacy Policy

Last updated: April 1, 2026

1. Information We Collect

When you use Social Agent, we collect information you provide directly: your email address, workspace settings, brand profile details, and uploaded media. When you connect social media accounts (Instagram, Facebook), we receive access tokens and basic account information (account name, account ID) through OAuth. We do not store your social media passwords.

2. How We Use Your Information

We use your information to:

  • Provide the Social Agent service — generating, scheduling, and publishing social media content on your behalf
  • Authenticate your identity and manage your workspaces
  • Connect to and publish content on your linked social media accounts
  • Fetch post performance insights (reach, likes, saves) from connected platforms
  • Generate AI-powered content and images based on your brand profile
  • Send you notifications about your account (failed posts, expiring tokens)

3. Third-Party Services

We integrate with the following third-party services:

  • Meta (Facebook & Instagram) — to publish posts and retrieve insights via the Graph API
  • Anthropic (Claude AI) — to generate captions and brand profiles
  • Google (Gemini / Imagen) — to generate AI images for posts
  • Cloudinary — to store and serve uploaded media and generated images
  • Stripe — to process subscription payments

Each service has its own privacy policy. We only share the minimum data required for each service to function.

4. Data Security

Social media access tokens are encrypted at rest using AES-256 encryption. Passwords are hashed using bcrypt. All data is transmitted over HTTPS. We follow industry-standard practices to protect your information.

5. Data Retention

Your data is retained for as long as your account is active. When you disconnect a social media account, we delete the stored access tokens. When you delete your workspace, all associated data (posts, media, brand profiles, connections) is permanently removed.

6. Your Rights

You can:

  • Access and export your data at any time through the application
  • Disconnect social media accounts to revoke our access
  • Delete your workspace and all associated data
  • Contact us to request complete account deletion

7. Cookies

We use a JWT authentication token stored in localStorage for session management. We do not use tracking cookies or third-party analytics.

8. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by email or through the application.

9. Contact

If you have questions about this privacy policy or your data, contact us at the email address associated with your account.