Privacy Policy

1. Overview

Postify is a personal social media management tool for managing Instagram, Threads, Facebook, and LinkedIn accounts from a single interface. This privacy policy explains what data we collect, how we use it, and your rights.

2. Data We Collect

When you connect your social media accounts, we store:

• OAuth access tokens (encrypted at rest using Fernet/AES-256)
• Your platform username and user ID (public identifiers)
• Posts you create through Postify (content + scheduled times)
• Comments on your posts (for the unified comment inbox feature)

3. How We Use Your Data

• Publish posts to connected platforms on your behalf
• Retrieve comments on your posts for unified management
• Auto-reply to comments based on rules you define
• Refresh OAuth tokens before they expire

4. Data Storage & Security

• Access tokens are encrypted using symmetric encryption (Fernet / AES-128-CBC)
• Data is stored in Supabase (PostgreSQL) with row-level security enabled
• HTTPS is used for all communication in production
• We do not share your data with third parties

5. Data Deletion

You can disconnect any platform at any time from the Settings page. This removes your OAuth tokens and revokes our access. To request full account deletion and removal of all data, contact the developer.

6. Third-Party Services

Postify integrates with the following platforms via their official APIs:

• Meta Platforms (Instagram, Threads, Facebook) — Meta Privacy Policy
• LinkedIn — LinkedIn Privacy Policy
• Supabase (data storage) — Supabase Privacy Policy

7. Scope of This Policy

Postify is currently a personal-use tool in development mode. It is not offered as a public service. Only authorized testers can access the platform.

8. Contact

For privacy-related questions, please contact the developer at the email registered with the Meta Developer Account.