Legal Reference

Privacy Policy

Last Updated

December 11, 2025

"We value your sovereignty. This document outlines exactly how we handle your data, the third parties we trust, and how you retain control over your digital footprint across all connected platforms."

Section 01

Information We Collect

We collect information to provide our editorial and publishing services. This includes data you provide directly and data collected automatically via your interactions with the platform.

Account & Identity

We collect your email address, display name, and authentication IDs (via Supabase). If you purchase a subscription, our payment processor (Stripe) collects billing details; we do not store raw credit card numbers.

Social Credentials

To publish on your behalf, we store OAuth access and refresh tokens for connected platforms. These are stored using AES-256-GCM encryption at rest and are never shared with third parties other than the platforms themselves.

Editorial Content

We process your prompts sent to AI providers and store the resulting drafts, media files, and scheduled posts to manage your content library.

Usage & Log Data

Our servers automatically record information ("Log Data") such as your IP address, browser type, referring domain, and pages visited. This helps us prevent abuse and improve platform stability.

Section 02

Platform Integrations

Our service acts as a bridge to third-party platforms. By connecting these accounts, you acknowledge that your data is processed according to their respective policies.

YouTube & Google API Services

We use YouTube API Services to upload videos and retrieve analytics. By using this integration, you agree to be bound by the YouTube Terms of Service. Your data is processed in accordance with the Google Privacy Policy.

Revoke Access: You can remove our access via the Google Security Settings page.

Meta (Facebook & Instagram)

We access your Page IDs, usernames, and insights via the Meta Graph API to schedule posts and report performance. Please refer to the Meta Privacy Policy. You can manage app permissions in your Facebook Business Integrations.

TikTok

We access your profile information and video metrics to enable publishing and analytics. Refer to the TikTok Privacy Policy.

LinkedIn & Pinterest

We utilize OAuth tokens to post content to your profile/boards. Data handling is subject to the LinkedIn Privacy Policy and Pinterest Privacy Policy.

Section 03

Cookies & Processors

We use cookies to maintain your session and improve the service. We do not sell your data. We only share data with specific "Processors" necessary to run the application:

Infrastructure
Supabase (Database & Auth), Vercel (Hosting), and Cloudflare R2 (Media Storage).
Analytics
PostHog. We use this to understand which features are popular. Data is aggregated and anonymized where possible.
Payments
Stripe. Payment data is provided directly to Stripe. We do not access or store full card numbers.

Section 04

Security & Retention

Data Retention

Active Accounts: We retain your content library and connection tokens as long as your account is active.

Deletion: Upon account deletion, all personal data is removed from our live databases within 30 days. Logs may be retained for up to 90 days for security auditing.

International Transfers

Our infrastructure is primarily located in the United States. By using our service, you acknowledge that your data may be transferred to and processed in the US, where data protection laws may differ from your local jurisdiction.

Section 05

Contact & Rights

You may request the deletion of your account and all associated data at any time via your account settings. For privacy-related questions or to exercise your rights (GDPR/CCPA/DPA), please contact our Data Protection Officer at: support@ezibreezy.app