Privacy Policy
Last Updated: October 7, 2025
Thank you for using AutoReach ("AutoReach", "we", "our", or "us"). This Privacy Policy explains what information we collect, how we use it, how we share it, and the choices you have. By using our platform, you agree to the practices described here.
1. Information We Collect
1.1 Account Information
Name, email, password (hashed), verification status, and settings.
1.2 Social Platform Data
When you connect Facebook / Instagram Pages or Accounts, we store tokens and limited metadata (page IDs, names, categories, linked Instagram business IDs) required to publish content and fetch analytics. We never store your Facebook/Instagram password.
1.3 Content & Media
Uploaded media (images / videos) is stored via third-party storage (e.g. Cloudinary). Captions, drafts, scheduled posts, publishing metadata, and AI-generated suggestions are retained for product functionality.
1.4 Analytics & Engagement Data
We retrieve performance metrics (impressions, reach, likes, comments, views, engagement ratios) made available through official platform APIs. We only request scopes necessary for the features you use.
1.5 AI Processing
Text you submit for AI rewriting or caption/hashtag generation is sent to our integrated AI provider for inference. We do not use your private content to train internal models beyond transient processing.
1.6 Technical Data
IP address, device/browser info, timestamps, request logs, and error diagnostics to secure and improve the service.
2. How We Use Information
- Authenticate users & secure access
- Generate, schedule, publish, and manage social content
- Provide analytics dashboards and performance insights
- Improve AI caption/hashtag quality (aggregate + anonymized trends)
- Send transactional email (verification, password reset)
- Detect abuse, fraud, or unauthorized access
3. Legal Bases (EEA / UK)
- Performance of Contract – delivering core platform features.
- Legitimate Interests – product improvement, security, usage analytics.
- Consent – email marketing (if ever applicable) or optional features.
4. Sharing & Disclosure
We do not sell personal data. We share data only with:
- Infrastructure & processing vendors (hosting, storage, AI inference, email delivery)
- Social platform APIs per your explicit connection and scopes
- Legal authorities if required to comply with law or protect rights
5. Data Retention
We retain data while your account remains active or as needed to provide services. You may request deletion (see Data Deletion section). Backups may persist for a limited period before irreversible purge.
6. Security
We employ encryption in transit (HTTPS), hashed passwords, token-based auth, scoped access tokens, least-privilege access controls, rate limiting, and monitoring. No system can guarantee 100% security; report issues promptly.
7. Your Rights
Depending on jurisdiction (GDPR / CCPA etc.) you may have rights to access, correct, delete, restrict, port, or object to processing. Contact us to exercise these.
8. Cookies & Local Storage
We currently rely on localStorage tokens for session handling and may use minimal cookies for OAuth state/security. Third parties (e.g. analytics) may use their own technologies if enabled in the future.
9. AI Generated Content Disclaimer
AI suggestions may be imperfect, outdated, or contain unintended biases. You are responsible for reviewing generated content before publishing. Do not input confidential or regulated data into AI features.
10. Third-Party Links
Links to external sites are not controlled by us. Review their policies independently.
11. Children
The service is not directed to individuals under 16 (or higher local age of digital consent). We do not knowingly collect such data; contact us for removal if discovered.
12. Changes
We may update this Privacy Policy. Material changes will be indicated via updated date or in-app notice. Continued use after changes = acceptance.
13. Contact
Questions or requests: privacy@autoreach.ai (replace with your actual contact if different).