1. Introduction
Octapost ("we", "our", or "us") operates a social media management platform that helps businesses and creators publish, schedule, and manage content across multiple social media platforms. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our application and services.
2. Information We Collect
2.1 Information you provide
- Account registration data (name, email address, password)
- Organization details (company name, website, industry)
- Social media content you create, upload, or schedule through our platform
- Communications with us (support requests, feedback)
2.2 Information from social media platforms
When you connect a social media account (Facebook, Instagram, X, LinkedIn, TikTok), we receive:
- OAuth access tokens and refresh tokens (encrypted at rest using AES-256-GCM)
- Platform user ID, username, and display name
- Profile avatar URL
- Granted permission scopes
We do not store your social media passwords. We use industry-standard OAuth 2.0 authorization flows exclusively.
2.3 Automatically collected information
- Device information (browser type, operating system)
- Log data (IP address, access times, pages viewed)
- Cookies and similar technologies for session management
3. How We Use Your Information
- To provide, maintain, and improve our services
- To publish and schedule content on your behalf to connected social media platforms
- To manage your connected social media accounts and refresh authentication tokens
- To provide AI-powered content suggestions and analytics
- To communicate with you about service updates and support
- To detect, prevent, and address technical or security issues
4. Data Sharing
We do not sell your personal information. We may share data with:
- Social media platforms — to publish content and manage accounts on your behalf, only as authorized by you
- Service providers — third-party services that help us operate (hosting, analytics, AI providers), bound by data protection agreements
- Legal requirements — when required by law, regulation, or legal process
5. Data Security
We implement appropriate technical and organizational measures to protect your data:
- OAuth tokens are encrypted at rest using AES-256-GCM encryption
- All data in transit is encrypted using TLS/HTTPS
- Access controls and authentication for all API endpoints
- Regular token refresh cycles to minimize exposure of credentials
- CSRF protection on OAuth authorization flows
6. Data Retention
We retain your data for as long as your account is active or as needed to provide you services. When you delete your account or disconnect a social media account, associated tokens and account data are permanently deleted. Published content data is retained for analytics purposes but can be deleted upon request.
7. Your Rights & Data Deletion
You have the right to:
- Access your personal data we hold
- Correct inaccurate data
- Delete your data and account
- Disconnect any connected social media account at any time
- Export your data in a portable format
- Object to processing of your data
To request data deletion, you can use the delete account option in your account settings, or contact us at privacy@octapost.app. You can also submit a data deletion request through our data deletion endpoint.
8. Third-Party Platforms
Our service integrates with third-party social media platforms. Your use of those platforms is governed by their respective privacy policies. We encourage you to review:
9. Children’s Privacy
Our service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such information, we will take steps to delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the effective date. Your continued use of our service after changes constitutes acceptance of the updated policy.
11. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
privacy@octapost.app