Privacy Policy

Last updated: September 21, 2025

Introduction

At SocialSync ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our social media management platform and related services (collectively, the "Services").

Information We Collect

Personal Information

Social Media Account Information: When you connect your social media accounts (Facebook, YouTube, Twitter, Instagram, Telegram, etc.), we collect your profile information, account IDs, and usernames through OAuth authentication.

Authentication Tokens: We store encrypted OAuth access and refresh tokens to maintain authenticated sessions with social media platforms.

Account Data: User preferences, settings, connected platforms, and account configuration information.

Content and Usage Data

Posted Content: Text, images, videos, and media you schedule and publish through our platform.

Analytics Data: Post performance metrics, engagement statistics, and scheduling information from connected social media accounts.

Usage Patterns: Information about how you use our platform, including features accessed and posting schedules.

Technical Information

Device Information: Browser type, operating system, IP address, and device specifications.

Cookies and Storage: Authentication cookies, session tokens, and local storage for user preferences.

Data Storage and Third-Party Services

Social Media Platform Integration

We integrate with various social media platforms to enable posting and analytics. When you connect accounts:

• We store encrypted access tokens for each platform
• We may cache profile information and account metadata
• We access posting APIs to schedule and publish content on your behalf
• All data transmission is encrypted using HTTPS/TLS protocols

Media Storage

User-uploaded media (images, videos) is stored securely using Cloudinary CDN services. We store only the URLs and metadata, not the actual media files.

Database Storage

We use secure PostgreSQL databases to store:

• User account information and preferences
• Connected social media account details
• Scheduled post content and metadata
• Analytics and performance data
• Encrypted authentication tokens

Data Security

We implement industry-standard security measures:

• Encryption: All data transmission uses HTTPS/TLS protocols
• Token Security: Authentication tokens are encrypted using advanced cryptographic methods
• Access Controls: Strict authentication and authorization for all service components
• Secure Infrastructure: Cloud-hosted infrastructure with regular security updates
• Data Isolation: User data is properly isolated and accessible only to authorized systems

Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties, except in the following circumstances:

• With Your Consent: When you share content publicly or grant access to specific users
• Service Providers: With trusted third-party services (social media platforms, Cloudinary, hosting providers) necessary for service operation
• Legal Requirements: When required by law, court order, or to protect our rights and safety
• Business Transfers: In connection with a merger, acquisition, or sale of assets

Your Rights and Choices

• Access and Portability: Download and export all your data through account settings
• Correction: Update, edit, or correct your information and content
• Deletion: Delete individual posts, disconnect accounts, or close your account
• Data Control: You maintain control over your social media accounts and can revoke permissions
• Communication Preferences: Opt out of non-essential communications

Data Retention

We retain your information as necessary to provide services and comply with legal obligations:

• Account Data: Retained while active and for a reasonable period after deactivation
• Content: Posts and media retained until deleted or account closure
• Analytics: Performance data retained for service improvement and legal compliance
• Authentication Tokens: Regularly refreshed and securely deleted when expired

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or applicable laws. We will notify you of material changes by email or platform notification. Your continued use constitutes acceptance of the updated policy.

Contact Us

For questions about this Privacy Policy or our data practices:

• Email: u6520053@au.edu
• Additional Support: u6520177@au.edu, u6520189@au.edu
• Developer Contacts: savuthmeassavrin168@gmail.com, kaungsatlynn03@gmail.com
• Support: Contact form on our website