1. About PostSiva
PostSiva ("we," "our," or "us") is a comprehensive social media management platform that enables businesses, content creators, and marketing professionals to manage multiple social media accounts from a unified dashboard. Our service allows users to schedule content, analyze performance, and streamline their social media workflows across platforms including TikTok, Instagram, Facebook, Twitter, LinkedIn, YouTube, and others.
2. Information We Collect
2.1 Account Information
- Email address and contact information
- Profile information (name, company, job title)
- Account credentials and authentication data
- Billing information and payment details
- Subscription and usage preferences
2.3 Usage and Technical Data
- Platform usage statistics and feature utilization
- Device information and browser details
- IP addresses and location data
- Log files and error reports
- Performance and diagnostic information
3. How We Use Your Information
We process your information for the following purposes:
- Provide social media management and scheduling services
- Publish content to your connected social media accounts
- Generate analytics reports and performance insights
- Facilitate team collaboration and workflow management
- Process payments, manage subscriptions, and provide customer support
- Analyze usage patterns to enhance features and user experience
- Send service updates, security alerts, and marketing communications (with consent)
- Meet regulatory requirements and protect against fraud
4. Social Media Platform Integration
- We request only the minimum permissions necessary for our services
- OAuth tokens are encrypted and stored securely
- We respect the privacy settings and terms of each connected platform
- You can disconnect accounts at any time through your dashboard
- We do not access private messages or personal data beyond our scope
- Content posting is performed only with your explicit authorization
5. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information. We may share data only in these circumstances:
- Connected Platforms: With social media platforms to publish your content
- Service Providers: With trusted third parties who assist in service delivery (payment processors, hosting providers)
- Legal Requirements: When required by law, court order, or to protect our rights
- Business Transfers: In connection with mergers, acquisitions, or asset sales (with notice)
- Consent: With your explicit permission for specific purposes
6. Data Security
- Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Role-based access with multi-factor authentication
- Infrastructure: Secure cloud hosting with regular security audits
- Monitoring: 24/7 security monitoring and incident response
- Compliance: SOC 2 Type II and ISO 27001 certified practices
- Regular Updates: Continuous security patches and vulnerability assessments
7. Data Retention
- Active Accounts: Data retained while your account remains active
- Content Data: Stored for service functionality and analytics (up to 2 years)
- Analytics Data: Aggregated data retained for business insights (up to 5 years)
- Deleted Accounts: Personal data deleted within 30 days of account closure
- Legal Requirements: Some data may be retained longer for compliance purposes
8. Your Rights and Controls
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your personal data
- Portability: Export your data in a machine-readable format
- Restriction: Limit how we process your data
- Objection: Object to processing based on legitimate interests
- Withdrawal: Withdraw consent for specific processing activities
9. Third-Party Services
PostSiva integrates with various social media platforms and services:
- Social Platforms: TikTok, Instagram, Facebook, Twitter, LinkedIn, YouTube, Pinterest
- Payment Processors: Stripe, PayPal for secure payment processing
- Analytics Services: Google Analytics for usage insights
- Cloud Services: AWS, Cloudflare for hosting and content delivery
Each third-party service has its own privacy policy governing their data practices.
10. International Data Transfers
Your data may be processed in countries other than your residence. We ensure adequate protection through:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions for countries with equivalent data protection
- Binding Corporate Rules for intra-group transfers
- Your explicit consent where required
11. Children's Privacy
PostSiva is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will delete the information immediately.
13. Changes to This Policy
We may update this privacy policy to reflect changes in our practices or legal requirements. Material changes will be communicated through email notifications to registered users, prominent notices on our platform, and an updated effective date on this policy.
14. Contact Information
For privacy-related questions, requests, or concerns, please contact us:
- Privacy Officer: [email protected]
- General Support: [email protected]
- Data Protection Officer: [email protected]
- Legal Department: [email protected]
15. Google User Data Usage and YouTube API Integration
PostSiva integrates with Google APIs and YouTube Data API v3 to provide comprehensive YouTube management services. This section details how we access, use, and protect your Google user data in compliance with Google's API Services User Data Policy.
15.1 Google OAuth Scopes and Permissions
When you connect your Google/YouTube account to PostSiva, we request permissions including userinfo.email, userinfo.profile, openid, yt-analytics.readonly, youtube.readonly, youtube, youtube.force-ssl, and youtube.upload as needed for account identification, analytics, and content management.
15.2 How We Use Google and YouTube Data
- Display channel information, video metadata, and playlists in your dashboard
- Enable uploading, scheduling, editing, and organizing YouTube videos
- Provide analytics reports and performance insights
- Offer AI-powered suggestions for titles, descriptions, tags, and thumbnails
- Facilitate team collaboration on your YouTube presence with your permission
15.3 Data Security and Limited Use
- OAuth 2.0 authentication with AES-256 token encryption
- We never store your Google account passwords
- Google user data is used solely for providing and improving YouTube management services
- We do not sell, rent, or share Google user data with third parties for advertising
- We do not use Google user data for AI/ML model training without explicit consent
15.4 Data Retention and Deletion
- Analytics data cached for up to 30 days to improve dashboard performance
- Google user data deleted when you disconnect your Google account
- Complete removal of associated Google data within 30 days of account deletion
16. Use of LinkedIn Data
PostSiva uses LinkedIn APIs, including the LinkedIn Community Management API, to help users manage and publish content on LinkedIn in a secure and compliant manner.
16.1 Data We Access from LinkedIn
- LinkedIn Page or Profile ID
- Post content and metadata (text, media references, timestamps)
- Comments and reactions on posts
- Basic engagement metrics (likes, comments count)
- Page or profile name and public information required for publishing
We do NOT access private messages, passwords, or sensitive personal data.
16.2 How We Use LinkedIn Data
- Create, schedule, publish, and manage LinkedIn posts
- Display post performance and engagement insights
- Allow users to respond to comments and manage reactions
- Improve content workflow and productivity for users
We do not sell, rent, or share LinkedIn data with third parties.
16.3 User Control & Data Deletion
- Disconnect your LinkedIn account from PostSiva at any time
- Request deletion of stored LinkedIn-related data
- Control permissions directly from your LinkedIn account settings
17. Chrome Extension Data Usage
PostSiva offers a Chrome browser extension that enhances your LinkedIn experience. We access LinkedIn content only when you actively use the extension to perform actions such as reposting.
17.1 LinkedIn Data Access
- The extension accesses LinkedIn posts only when you explicitly initiate an action
- We do not collect or access LinkedIn data in the background
- No automatic scraping or passive data collection occurs
17.2 Backend Data Transfer
To provide core functionality, the extension sends necessary data to our backend services at https://backend.postsiva.com. All data transfers are encrypted using HTTPS/TLS protocols.
17.3 Data We Collect Through the Extension
- Content you choose to repost: text, images, videos, and links from LinkedIn posts you select
- Basic usage data: extension interactions, feature usage, and error logs
- Account-related data: authentication tokens and user ID if you sign in through the extension
- Browser information: browser version and extension version for compatibility
We do not collect browsing history outside of LinkedIn, passwords, private messages, or data from other websites.
17.4 User Control
- Uninstall the extension at any time through Chrome settings
- Disconnect your PostSiva account from the extension
- Request deletion of extension data by contacting [email protected]
2.2 Social Media Account Data