01
Introduction
iPost AI ("iPost AI," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use the iPost AI platform — including our website at ipostai.com, our iOS and Android mobile application, and all related services (collectively, the "Service").
By creating an account or using the Service, you consent to the practices described here. If you do not agree, please do not use the Service.
Users in the European Union (EU) and United Kingdom (UK) have additional rights under the GDPR (Section 8). Users in California have additional rights under the CCPA (Section 9).
02
Who We Are / Data Controller
iPost AI is the data controller for all personal information collected through the Service.
Email: [email protected]
Support: [email protected]
Website: ipostai.com
For privacy-specific requests, email [email protected] with subject: Privacy Request. We respond within 30 days.
03
Information We Collect
iPost AI collects only what is necessary to deliver the Brand Soul Engine™ and social media content creation and scheduling features.
| Data Category | Purpose | Legal Basis (GDPR) | Retention | Shared With |
|---|---|---|---|---|
| Email address | Passwordless OTP login + transactional notifications | Contract performance | Until account deleted | Supabase Auth only |
| Business name & type | Brand Soul Engine™ personalization | Contract performance | Until account deleted | Anthropic Claude API (prompt context only) |
| Brand voice preferences (tone, differentiator, audience) | AI content generation | Contract performance | Until account deleted | Anthropic Claude API (prompt context only) |
| Photo uploads | Human Moments — image analysis for caption generation | Consent | Until you delete the moment | Cloudinary (CDN); Google Vision API (analysis only) |
| Voice notes (audio) | Human Moments — voice capture for post drafting | Consent | Deleted immediately after transcription | OpenAI Whisper (transcription only) |
| Voice note transcription | Post drafting from voice input | Consent | Until you delete the moment | Anthropic Claude API (prompt context only) |
| Customer DM text | Human Moments — testimonial post generation | Consent | Until you delete the moment | Anthropic Claude API (prompt context only) |
| Generated post drafts | Post history, editing, scheduling | Contract performance | Until account deleted | None — your private data only |
| Schedule queue data | Post scheduling to connected social accounts | Contract performance | Until post publishes or is deleted | Meta / LinkedIn / X / TikTok APIs (on publish only) |
| Social OAuth tokens | Publishing and scheduling approved posts | Consent | Until you disconnect; revoked on account deletion | Meta / LinkedIn / X / TikTok APIs |
| Usage analytics | Product improvement, onboarding optimization | Legitimate interest | 12 months | PostHog (anonymized event data) |
| Crash & error logs | Bug fixing, service reliability | Legitimate interest | 90 days | Sentry (PII stripped before transmission) |
| Payment information | Subscription billing and AI Credit Pack purchases | Contract performance | Per Stripe's retention policy | Stripe (tokenized — we never store card numbers) |
| Device fingerprint | Fraud prevention, free trial abuse detection | Legitimate interest | 12 months | None |
| IP address | Rate limiting (Upstash Redis), security logging | Legitimate interest | 30 days | None |
We do not sell your personal information. We do not share your Brand Soul Profile or generated content with advertisers. We do not use your content to train AI models without your explicit consent.
04
How We Use Your Information
- To provide the Service — Operate your account, run the Brand Soul Engine™ (Claude Haiku for Brand Soul Profile generation; Claude Sonnet for post generation and Voice Match scoring), and publish or schedule your approved posts to connected social accounts.
- To personalize your experience — Build and refine your Brand Soul Profile (tone fingerprint, vocabulary profile, content pillar weights, Voice Match Score™ baseline), injected as RAG context on every generation call.
- To communicate with you — Send OTP login codes, billing confirmations, usage alerts, and support responses from [email protected] and [email protected].
- To process payments — Manage subscriptions and AI Credit Pack purchases through Stripe's web-based checkout.
- To improve the Service — Analyze anonymized event data via PostHog and monitor errors via Sentry to fix bugs and prioritize features.
- For safety and security — Prevent abuse, prompt injection, and API cost exploitation via Upstash Redis rate limiting and a 20-pattern server-side injection guard.
- To comply with legal obligations — Fulfill GDPR, CCPA, COPPA, and Meta Platform Policy requirements, including data access and deletion requests.
06
Data Security
- Encryption in transit: TLS 1.3 enforced on all connections — Vercel and Supabase enforce this by default.
- Encryption at rest: AES-256 for all Supabase-stored data.
- OAuth token protection: Social OAuth tokens are encrypted at the database level using pgcrypto and decrypted only inside server-side Vercel Edge Functions — never transmitted to your device.
- Row Level Security (RLS): All user data tables have RLS enabled with strict owner-only policies. No user can access another user's data.
- Short-lived sessions: JWTs expire after 1 hour with automatic rotation via refresh token cycling. Stored in Expo SecureStore (iOS Keychain / Android Keystore) — never in AsyncStorage.
- No PII in logs: Only hashed user identifiers appear in logs. Email, brand name, and post content are stripped before any log storage.
- Rate limiting: Upstash Redis enforces per-user burst caps and daily plan-tier limits on all AI endpoints.
- Input validation: All AI endpoints use Zod schema validation plus a 20-pattern prompt injection guard.
- Security headers: All API responses include X-Content-Type-Options: nosniff, X-Frame-Options: DENY, Referrer-Policy: strict-origin.
- CI/CD security: npm audit runs on every pull request; Snyk dependency scanning runs weekly via GitHub Actions.
In the event of a data breach, we will notify affected users within 72 hours of discovery as required by GDPR.
07
Data Retention
| Data | Retention Period |
|---|---|
| Account data (email, Brand Soul Profile, posts, schedule queue) | Until account deletion, then hard-deleted within 30 days |
| Photo moments | Until you delete the moment in the app |
| Voice note audio | Deleted immediately after transcription completes |
| Voice note transcriptions | Until you delete the moment |
| Usage analytics (PostHog) | 12 months |
| Error and crash logs (Sentry) | 90 days |
| IP addresses | 30 days |
| Payment records | Per Stripe's data retention policy |
| Social OAuth tokens | Until account disconnected; revoked immediately on account deletion |
On account deletion: login is blocked immediately (soft delete) → all connected OAuth tokens are revoked → all data is permanently hard-deleted within 30 days via an automated scheduled job.
08
Your Rights — GDPR (EU / UK Users)
If you are in the European Union or United Kingdom, you have the following rights under the GDPR and UK GDPR:
Request all personal data we hold. Delivered within 30 days as a secure JSON download. Email [email protected] with subject "Data Access Request."
Request permanent deletion via Settings → Account → Delete Account, or email us. Hard deletion completes within 30 days.
Edit your Brand Soul Profile and personal details directly in the app at any time — changes take effect immediately.
Receive all your data as machine-readable JSON including your Brand Soul Profile and full post history.
Opt out of usage analytics at any time in Settings → Privacy. Core Service functionality is unaffected.
Disconnect any social account from Settings → Connected Accounts — immediately revokes access and deletes the stored OAuth token.
Contact your national supervisory authority (e.g., the ICO in the UK) if you believe we've violated your rights.
09
Your Rights — CCPA (California Users)
- Right to Know: Request the categories and specific pieces of personal information we collect and disclose.
- Right to Delete: Request deletion of your personal information, subject to legal exceptions.
- Right to Opt Out of Sale: We do not sell personal information. No action required.
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
Submit CCPA requests to [email protected] with subject "CCPA Request."
11
Children's Privacy
The Service is not directed at children under 13. During onboarding, users must confirm they are at least 13 years of age. This confirmation is logged with a timestamp and IP address as required by COPPA. Users aged 13–17 may use the Service only with verifiable parental or guardian consent.
If we discover a child under 13 has created an account, we will delete all associated data immediately.
12
International Data Transfers
iPost AI's infrastructure is hosted in the United States (Supabase and Vercel). If you access the Service from the EU or UK, your data will be transferred to and processed in the United States. We rely on Standard Contractual Clauses (SCCs) with sub-processors (Anthropic, Supabase, Google Cloud, Sentry) to ensure adequate protection for EU/UK users.
13
Third-Party Platform Integrations
When you connect Instagram, Facebook, LinkedIn, X, or TikTok, iPost AI requests only the permissions needed to publish and schedule your approved posts. We do not access your followers' personal information or your private messages beyond DM text you explicitly paste into the app as a Human Moment.
Use of connected platforms is also subject to their own terms of service and privacy policies. iPost AI is not affiliated with or endorsed by Meta, LinkedIn, X Corp, Google, or TikTok.
14
How to Delete Your Data
If you connected your Facebook or Instagram account to iPost AI and want to delete all data associated with your account, you have three options:
Option 1 — Delete from within the iPost AI app
- Open the iPost AI app.
- Go to the Profile tab (bottom right).
- Tap Connected Accounts.
- Tap Disconnect next to Instagram or Facebook to remove that connection and delete all associated tokens.
- To delete your entire account and all data, scroll to the bottom of Profile and tap Delete Account.
- Confirm the deletion. Your account will be deactivated immediately and all data permanently deleted within 30 days.
Option 2 — Request deletion by email
Send an email to [email protected] with the subject line "Data Deletion Request" and include:
- The email address associated with your iPost AI account.
- Which data you want deleted (specific social connection, or full account).
We will process your request and confirm deletion within 30 days.
Option 3 — Delete via Facebook
You can also request removal of iPost AI's access directly from Facebook:
- Go to your Facebook Settings & Privacy → Settings.
- Click Apps and Websites.
- Find iPost AI and click Remove.
- Facebook will notify us to delete all data associated with your Facebook and Instagram connection.
What gets deleted
When you request data deletion, we permanently remove:
- Your social account connection tokens (Instagram / Facebook OAuth tokens).
- Metadata for posts published through iPost AI — note that posts already published on Instagram or Facebook remain on those platforms.
- Analytics data derived from your social accounts.
- Your Brand Soul Profile and all generated content (if full account deletion is requested).
Deletion status
After deletion is processed, you can verify the status using the confirmation code provided in our deletion confirmation email:
https://social-content-app-umber.vercel.app/api/deletion-status?id={confirmation_code}
15
Changes to This Policy
We will notify you of material changes by email or in-app notification at least 14 days before they take effect. The "Last Updated" date at the top of this page reflects the most recent revision. Continued use of the Se