Privacy Policy

Last Updated: March 17, 2026
Effective Date: March 17, 2026

1. About PostSiva
2. Information We Collect
3. How We Use Your Information
4. Social Media Platform Integration
5. Data Sharing and Disclosure
6. Data Security
7. Data Retention
8. Your Rights and Controls
9. Third-Party Services
10. International Data Transfers
11. Children's Privacy
12. Cookies and Tracking Technologies
13. Changes to This Policy
14. Contact Information
15. Google User Data Usage
16. Use of LinkedIn Data
17. Chrome Extension Data Usage

1. About PostSiva

PostSiva ("we," "our," or "us") is a comprehensive social media management platform that enables businesses, content creators, and marketing professionals to manage multiple social media accounts from a unified dashboard. Our service allows users to schedule content, analyze performance, and streamline their social media workflows across platforms including TikTok, Instagram, Facebook, Twitter, LinkedIn, YouTube, and others.

2. Information We Collect

2.1 Account Information

Email address and contact information
Profile information (name, company, job title)
Account credentials and authentication data
Billing information and payment details
Subscription and usage preferences

2.2 Social Media Account Data

OAuth access tokens from connected social media platforms
Public profile information from connected accounts
Content data (posts, images, videos, captions)
Scheduling and publishing preferences
Analytics data and performance metrics
Audience insights and engagement statistics

2.3 Usage and Technical Data

Platform usage statistics and feature utilization
Device information and browser details
IP addresses and location data
Log files and error reports
Performance and diagnostic information

3. How We Use Your Information

We process your information for the following purposes:

            Core Service Delivery
            Provide social media management and scheduling services
Publish content to your connected social media accounts
Generate analytics reports and performance insights
Facilitate team collaboration and workflow management

        

Account Management: Process payments, manage subscriptions, and provide customer support
Platform Improvement: Analyze usage patterns to enhance features and user experience
Communication: Send service updates, security alerts, and marketing communications (with consent)
Legal Compliance: Meet regulatory requirements and protect against fraud

When you connect social media accounts to PostSiva:

We request only the minimum permissions necessary for our services
OAuth tokens are encrypted and stored securely
We respect the privacy settings and terms of each connected platform
You can disconnect accounts at any time through your dashboard
We do not access private messages or personal data beyond our scope
Content posting is performed only with your explicit authorization

We do not sell, rent, or trade your personal information. We may share data only in these circumstances:

Connected Platforms: With social media platforms to publish your content
Service Providers: With trusted third parties who assist in service delivery (payment processors, hosting providers)
Legal Requirements: When required by law, court order, or to protect our rights
Business Transfers: In connection with mergers, acquisitions, or asset sales (with notice)
Consent: With your explicit permission for specific purposes

6. Data Security

We implement comprehensive security measures to protect your information:

Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls: Role-based access with multi-factor authentication
Infrastructure: Secure cloud hosting with regular security audits
Monitoring: 24/7 security monitoring and incident response
Compliance: SOC 2 Type II and ISO 27001 certified practices
Regular Updates: Continuous security patches and vulnerability assessments

7. Data Retention

Active Accounts: Data retained while your account remains active
Content Data: Stored for service functionality and analytics (up to 2 years)
Analytics Data: Aggregated data retained for business insights (up to 5 years)
Deleted Accounts: Personal data deleted within 30 days of account closure
Legal Requirements: Some data may be retained longer for compliance purposes

8. Your Rights and Controls

You have the following rights regarding your personal data:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your personal data
Portability: Export your data in a machine-readable format
Restriction: Limit how we process your data
Objection: Object to processing based on legitimate interests
Withdrawal: Withdraw consent for specific processing activities

9. Third-Party Services

PostSiva integrates with various social media platforms and services:

Social Platforms: TikTok, Instagram, Facebook, Twitter, LinkedIn, YouTube, Pinterest
Payment Processors: Stripe, PayPal for secure payment processing
Analytics Services: Google Analytics for usage insights
Cloud Services: AWS, Cloudflare for hosting and content delivery

Each third-party service has its own privacy policy governing their data practices.

10. International Data Transfers

Your data may be processed in countries other than your residence. We ensure adequate protection through:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions for countries with equivalent data protection
Binding Corporate Rules for intra-group transfers
Your explicit consent where required

11. Children's Privacy

PostSiva is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will delete the information immediately.

12. Cookies and Tracking Technologies

We use cookies and similar technologies to:

Maintain user sessions and preferences
Analyze platform usage and performance
Provide personalized experiences
Ensure security and prevent fraud

You can control cookie preferences through your browser settings.

13. Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. Material changes will be communicated through:

Email notifications to registered users
Prominent notices on our platform
Updated effective date on this policy

14. Contact Information

For privacy-related questions, requests, or concerns, please contact us:

Privacy Officer [email protected]

General Support [email protected]

Data Protection Officer [email protected]

Legal Department [email protected]

Mailing Address:
PostSiva Privacy Team
[Your Business Address]
[City, State, ZIP Code]

15. Google User Data Usage and YouTube API Integration

PostSiva integrates with Google APIs and YouTube Data API v3 to provide comprehensive YouTube management services. This section details how we access, use, and protect your Google user data in compliance with Google's API Services User Data Policy.

15.1 Google OAuth Scopes and Permissions

When you connect your Google/YouTube account to PostSiva, we request the following specific permissions:

Basic Profile Scopes:

userinfo.email - Access your primary Google Account email address for account identification and communication
userinfo.profile - Access your basic profile information (name, profile picture) for account personalization
openid - Authenticate your identity securely through Google's OpenID Connect protocol

YouTube Analytics Scope:

yt-analytics.readonly - View YouTube Analytics reports for your content including views, watch time, engagement metrics, audience demographics, and revenue data to provide comprehensive performance insights within PostSiva dashboard

YouTube Management Scopes:

youtube.readonly - View your YouTube account information, channel details, playlists, and video metadata to display your content within PostSiva interface
youtube - Manage your YouTube account including creating, updating, and organizing playlists, managing channel settings, and updating video metadata (titles, descriptions, thumbnails)
youtube.force-ssl - Comprehensive management of your YouTube videos including editing titles, descriptions, thumbnails, privacy settings, and deleting videos when explicitly requested by you
youtube.upload - Upload new videos to your YouTube channel through PostSiva's scheduling and publishing features

15.2 Specific Data We Access and How We Use It

Profile and Authentication Data:

Email Address: Used for account linking, notifications, and customer support communication
Profile Information: Name and profile picture displayed in PostSiva interface for account identification
Authentication Tokens: Securely stored OAuth tokens to maintain authorized access to your YouTube account

YouTube Channel Data:

Channel Information: Channel name, description, subscriber count, and branding elements for dashboard display
Video Metadata: Titles, descriptions, tags, thumbnails, privacy settings, and publication dates for content management
Playlist Data: Playlist names, descriptions, and video organization for content structuring

YouTube Analytics Data:

Performance Metrics: Views, watch time, impressions, click-through rates, and engagement statistics
Audience Insights: Demographics, geographic data, and viewing patterns (aggregated and anonymized)
Revenue Data: Monetization metrics and earnings reports (if applicable to your channel)
Traffic Sources: Information about how viewers discover your content

15.3 How PostSiva Uses Your YouTube Data

Content Management: Enable uploading, scheduling, editing, and organizing your YouTube videos
Analytics Dashboard: Display comprehensive performance reports and insights within PostSiva interface
Content Optimization: Provide AI-powered suggestions for titles, descriptions, tags, and thumbnails
Scheduling: Automate video publishing at optimal times based on your audience engagement patterns
Bulk Operations: Facilitate efficient management of multiple videos and playlists
Performance Tracking: Monitor video performance and provide comparative analytics
Team Collaboration: Enable multiple team members to manage your YouTube presence (with your permission)

15.4 Data Security and Protection

OAuth 2.0 Authentication: Industry-standard secure authentication protocol
Token Encryption: All access tokens encrypted using AES-256 encryption
Secure Storage: Data stored in encrypted databases with restricted access
No Password Storage: We never store your Google account passwords
Permission-Based Access: All actions require explicit user authorization
Regular Security Audits: Continuous monitoring and security assessments

15.5 Data Retention and Deletion

Real-Time Processing: YouTube data processed in real-time for immediate service functionality
Analytics Caching: Performance data cached for up to 30 days to improve dashboard loading times
Account Disconnection: All Google user data immediately deleted when you disconnect your Google account
Account Deletion: Complete removal of all associated Google data within 30 days of PostSiva account deletion
Minimal Retention: We retain Google user data only as long as necessary for service provision

15.6 Limited Use and Compliance

PostSiva's use and transfer of information received from Google APIs strictly adheres to Google API Services User Data Policy, including the Limited Use requirements. We commit to:

Using Google user data solely for providing and improving our YouTube management services
Not selling, renting, or sharing Google user data with third parties for advertising or other commercial purposes
Not using Google user data for AI/ML model training without explicit consent
Requesting only the minimum scopes necessary for our service functionality
Providing transparent disclosure of all data usage practices

15.7 Your Rights and Controls

Account Management: You maintain full control over your Google data permissions:

View and manage connected applications at Google Account permissions page
Revoke PostSiva's access at any time through your Google Account settings
Disconnect your YouTube account directly from PostSiva dashboard
Request data deletion by contacting our privacy team
Access copies of your data processed by PostSiva

Additional Resources:

16. Use of LinkedIn Data

PostSiva uses LinkedIn APIs, including the LinkedIn Community Management API, to help users manage and publish content on LinkedIn in a secure and compliant manner.

We access LinkedIn data only after explicit user authorization and strictly for the purposes described below.

16.1 Data We Access from LinkedIn

When you connect your LinkedIn account to PostSiva, we may access the following data depending on permissions granted:

LinkedIn Page or Profile ID
Post content and metadata (text, media references, timestamps)
Comments and reactions on posts
Basic engagement metrics (likes, comments count)
Page or profile name and public information required for publishing

👉 We do NOT access private messages, passwords, or sensitive personal data.

16.2 How We Use LinkedIn Data

LinkedIn data is used only to:

Create, schedule, publish, and manage LinkedIn posts
Display post performance and engagement insights
Allow users to respond to comments and manage reactions
Improve content workflow and productivity for users

We do not sell, rent, or share LinkedIn data with third parties.

16.3 Data Storage & Retention

LinkedIn data is stored securely using industry-standard security practices
We retain data only as long as required to provide our services
Users can disconnect LinkedIn at any time, after which data access is revoked

16.4 User Control & Data Deletion

Users can:

Disconnect their LinkedIn account from PostSiva at any time
Request deletion of stored LinkedIn-related data
Control permissions directly from their LinkedIn account settings

Once access is revoked, PostSiva will no longer collect LinkedIn data.

16.5 Compliance with LinkedIn Policies

PostSiva complies with:

LinkedIn API Terms of Use
LinkedIn Developer Policies
Applicable data protection laws

17. Chrome Extension Data Usage

PostSiva offers a Chrome browser extension that enhances your LinkedIn experience. This section explains how the extension collects and uses data.

17.1 LinkedIn Data Access

We access LinkedIn content only when you actively use the extension to perform actions such as reposting.

The extension accesses LinkedIn posts, user interactions, and content only when you explicitly initiate an action (e.g., clicking the repost button)
We do not collect or access LinkedIn data in the background or without your direct interaction
No automatic scraping or passive data collection occurs
The extension only processes content you choose to interact with

17.2 Backend Data Transfer

To provide core functionality, the extension sends necessary data to our backend services at https://backend.postsiva.com.

This is required to process user-initiated actions such as:

Reposting LinkedIn content to other platforms
Scheduling posts for later publication
Synchronizing content across your connected accounts
Processing media and formatting content

All data transfers are encrypted using HTTPS/TLS protocols.

17.3 Data We Collect Through the Extension

We may collect and process the following data when you use the Chrome extension:

Content you choose to repost: Text, images, videos, and links from LinkedIn posts you explicitly select
Basic usage data: Extension interactions, feature usage, and error logs required for functionality and debugging
Account-related data: Authentication tokens and user ID if you sign in to PostSiva through the extension
Browser information: Browser version and extension version for compatibility purposes

We do not collect:

Browsing history outside of LinkedIn
Passwords or sensitive credentials
Private messages or personal conversations
Data from other websites or tabs

17.4 Data Sharing and Third Parties

We do not sell, rent, or share your personal data with third parties.

Data collected through the extension is:

Used exclusively to provide the extension's functionality
Securely processed through our backend services at backend.postsiva.com
Not shared with advertisers or data brokers
Not used for purposes unrelated to the extension's core features

17.5 Extension Permissions

The PostSiva Chrome extension requests the following permissions:

activeTab: To interact with LinkedIn pages when you use the extension
storage: To save your preferences and authentication state locally
Host permissions (linkedin.com): To access LinkedIn content only when you initiate actions

We request only the minimum permissions necessary for the extension to function.

17.6 Data Security

All communication between the extension and our backend is encrypted using TLS 1.3
Authentication tokens are stored securely using Chrome's encrypted storage API
No sensitive data is stored in plain text
Regular security audits ensure extension integrity

17.7 User Control

You have full control over the extension:

Uninstall the extension at any time through Chrome settings
Disconnect your PostSiva account from the extension
Request deletion of data collected through the extension by contacting [email protected]
Review and manage extension permissions in Chrome settings

Table of Contents