1. About PostSiva

PostSiva ("we," "our," or "us") is a comprehensive social media management platform that enables businesses, content creators, and marketing professionals to manage multiple social media accounts from a unified dashboard. Our service allows users to schedule content, analyze performance, and streamline their social media workflows across platforms including TikTok, Instagram, Facebook, Twitter, LinkedIn, YouTube, and others.

2. Information We Collect

2.1 Account Information

• Email address and contact information
• Profile information (name, company, job title)
• Account credentials and authentication data
• Billing information and payment details
• Subscription and usage preferences

2.2 Social Media Account Data

• OAuth access tokens from connected social media platforms
• Public profile information from connected accounts
• Content data (posts, images, videos, captions)
• Scheduling and publishing preferences
• Analytics data and performance metrics
• Audience insights and engagement statistics

2.3 Usage and Technical Data

• Platform usage statistics and feature utilization
• Device information and browser details
• IP addresses and location data
• Log files and error reports
• Performance and diagnostic information

3. How We Use Your Information

We process your information for the following purposes:

• Account Management: Process payments, manage subscriptions, and provide customer support
• Platform Improvement: Analyze usage patterns to enhance features and user experience
• Communication: Send service updates, security alerts, and marketing communications (with consent)
• Legal Compliance: Meet regulatory requirements and protect against fraud

4. Social Media Platform Integration

When you connect social media accounts to PostSiva:

• We request only the minimum permissions necessary for our services
• OAuth tokens are encrypted and stored securely
• We respect the privacy settings and terms of each connected platform
• You can disconnect accounts at any time through your dashboard
• We do not access private messages or personal data beyond our scope
• Content posting is performed only with your explicit authorization

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share data only in these circumstances:

• Connected Platforms: With social media platforms to publish your content
• Service Providers: With trusted third parties who assist in service delivery (payment processors, hosting providers)
• Legal Requirements: When required by law, court order, or to protect our rights
• Business Transfers: In connection with mergers, acquisitions, or asset sales (with notice)
• Consent: With your explicit permission for specific purposes

6. Data Security

We implement comprehensive security measures to protect your information:

• Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication
• Infrastructure: Secure cloud hosting with regular security audits
• Monitoring: 24/7 security monitoring and incident response
• Compliance: SOC 2 Type II and ISO 27001 certified practices
• Regular Updates: Continuous security patches and vulnerability assessments

7. Data Retention

• Active Accounts: Data retained while your account remains active
• Content Data: Stored for service functionality and analytics (up to 2 years)
• Analytics Data: Aggregated data retained for business insights (up to 5 years)
• Deleted Accounts: Personal data deleted within 30 days of account closure
• Legal Requirements: Some data may be retained longer for compliance purposes

8. Your Rights and Controls

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data
• Portability: Export your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to processing based on legitimate interests
• Withdrawal: Withdraw consent for specific processing activities

9. Third-Party Services

PostSiva integrates with various social media platforms and services:

• Social Platforms: TikTok, Instagram, Facebook, Twitter, LinkedIn, YouTube, Pinterest
• Payment Processors: Stripe, PayPal for secure payment processing
• Analytics Services: Google Analytics for usage insights
• Cloud Services: AWS, Cloudflare for hosting and content delivery

Each third-party service has its own privacy policy governing their data practices.

10. International Data Transfers

Your data may be processed in countries other than your residence. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions for countries with equivalent data protection
• Binding Corporate Rules for intra-group transfers
• Your explicit consent where required

11. Children's Privacy

PostSiva is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will delete the information immediately.

12. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain user sessions and preferences
• Analyze platform usage and performance
• Provide personalized experiences
• Ensure security and prevent fraud

You can control cookie preferences through your browser settings.

13. Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. Material changes will be communicated through:

• Email notifications to registered users
• Prominent notices on our platform
• Updated effective date on this policy