Privacy Policy
This policy explains what PostSiete collects, why, who we share it with, and the choices you have. We keep data collection to what the service actually needs to work.
1. What we collect
- Account information — your name, email address, and a securely hashed password. We never store your password in readable form.
- Content you create — the ideas, briefs, brand profiles, and drafts you generate and save, plus any long-form content you paste in to repurpose.
- Connected-account credentials — if you connect a platform like X, the access tokens it issues, stored encrypted at rest and used only to perform actions you request.
- Billing information — your plan and subscription status. Card details are collected and stored by Stripe, not by us; we never see or store full card numbers.
- Limited technical data — your IP address at signup and on sensitive actions, used for rate-limiting, security, and referral-fraud prevention. We do not run third-party advertising or analytics trackers on our marketing pages.
2. How we use it
- To operate the service — generate drafts, save your library, schedule and publish content you request, and show analytics.
- To process subscriptions and referral rewards.
- To send transactional email you'd expect: password resets, a welcome message, and security alerts (for example, when your password changes). We don't sell your data or send marketing email you didn't ask for.
- To keep the service secure and prevent abuse.
- To comply with legal obligations.
3. AI processing
When you generate content, the relevant inputs (your idea, brand details, and settings) are sent to our AI providers to produce drafts, and image prompts are sent to our image provider to produce images. We send only what's needed to fulfill your request. These providers process the data to return a result to us; see the subprocessor list below for who they are.
4. Who we share it with (subprocessors)
We share data only with the service providers that help us run PostSiete, and only as needed. We don't sell personal data.
| Provider | Purpose | Data involved |
|---|---|---|
| Stripe | Payments & subscriptions | Email, plan, payment details (held by Stripe) |
| Anthropic | AI text generation | Your generation inputs |
| OpenAI-compatible image provider | AI image generation | Your image prompts |
| Resend | Transactional email delivery | Your email address & message content |
| Render | Application hosting & storage | All service data, at rest on their infrastructure |
5. How long we keep it
We keep your account and content while your account is active. If you delete your account or ask us to delete your data, we remove your personal data within a reasonable period, except where we must retain limited records (for example, billing history) to meet legal or accounting obligations. Encrypted connected-account tokens are removed when you disconnect the account.
6. How we protect it
- Passwords are hashed with scrypt and a per-user salt; we can't read them.
- Connected-account credentials are encrypted at rest with AES-256-GCM.
- Sessions use signed, http-only cookies; changing your password signs out all other sessions.
- Access to each account's data is scoped to that account.
No system is perfectly secure, but we work to protect your information and limit what we collect in the first place.
7. Your choices and rights
- Access or update your account details from your settings at any time.
- Disconnect any connected platform, which deletes its stored credentials.
- Cancel your subscription anytime from Manage billing.
- Request a copy or deletion of your personal data by emailing us.
Depending on where you live (for example, the EU/UK or California), you may have additional rights such as access, correction, deletion, and portability. We honor valid requests as required by applicable law.
8. Children
PostSiete is not directed to children under 18, and we do not knowingly collect their personal data. If you believe a minor has provided us data, contact us and we'll delete it.
9. Changes to this policy
We may update this policy as the service evolves. If changes are material, we'll notify you by email or in-app. The "last updated" date above always reflects the current version.
10. Contact
Questions or requests about your privacy? Email hello@postsiete.com.