How PostFlow handles your data

Effective date: April 19, 2026. This policy explains what data PostFlow collects and how it is used for account access and connected social publishing workflows.

1. Information we collect

Account details such as username, email, and hashed password.
Authentication metadata such as login tokens and session timing.
Connected social account metadata, including LinkedIn, X (Twitter), and TikTok identifiers and token details required for API publishing.
Post content and publish request details you submit through PostFlow.

2. How we use your information

Authenticate users and protect account access.
Connect and maintain authorized social integrations.
Submit publishing requests to connected third-party platforms.
Support core platform features, security checks, and diagnostics.

3. OAuth and third-party platforms

When you connect LinkedIn, X (Twitter), or TikTok, OAuth authorization is handled through those providers. Their privacy practices and developer platform terms apply to data they process. PostFlow only requests and uses access needed to provide the connection and publishing features you enable.

4. Data storage and protection

PostFlow stores user and integration data in backend infrastructure and applies access controls to limit unauthorized access. No internet-based storage system is perfectly secure, but we use reasonable safeguards for the platform size and architecture.

5. Data sharing

We do not sell your personal data. Data is shared only when necessary to provide service functionality, such as sending API requests to connected social platforms on your instruction.

6. Your controls and rights

You can disconnect social accounts and stop using connected features at any time. You may also request account removal and associated data deletion through platform support channels.

7. Changes to this policy

We may update this privacy policy to reflect product or legal changes. Updated versions are posted on this page with a revised effective date.