Privacy Policy

1. Introduction

SocialAudit ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our social media auditing service.

2. Information We Collect

2.1 Information You Provide

• Account information (name, email address) when you authenticate through Facebook
• Payment information when purchasing credits (processed securely through Stripe)
• Communication data when you contact us for support

2.2 Facebook Data

With your explicit consent via Facebook OAuth, we temporarily access:

• Your Facebook posts, photos, and videos
• Basic profile information (name, profile picture)
• Content metadata (dates, privacy settings, engagement metrics)

2.3 Automatically Collected Information

• Usage data (pages visited, features used, time spent)
• Device information (IP address, browser type, operating system)
• Log data (access times, error logs, performance metrics)

3. How We Use Your Information

We use collected information to:

• Provide and improve our social media auditing services
• Analyze your Facebook content for reputation risks using AI
• Generate personalized audit reports and recommendations
• Process payments and manage your account
• Send service notifications and important updates
• Provide customer support and respond to inquiries
• Ensure security and prevent fraud
• Comply with legal obligations

4. Data Processing and Storage

4.1 Facebook Content Processing

• Your Facebook content is processed temporarily to generate audit results
• We use AI services to analyze content for potential reputation risks
• Content is not stored permanently on our servers after analysis
• Only audit results and risk assessments are retained

4.2 Data Retention

• Account data: Retained while your account is active and for up to 2 years after deletion
• Audit results: Retained for up to 1 year or until you delete them
• Payment data: Retained as required by law and payment processor policies
• Log data: Retained for up to 90 days for security and performance purposes

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information only in these circumstances:

5.1 Service Providers

• AI analysis services (for content evaluation)
• Payment processors (Stripe for credit purchases)
• Cloud hosting providers (for secure data storage)
• Email service providers (for notifications)

5.2 Legal Requirements

We may disclose information when required by law, court order, or government regulation, or to protect our rights and safety.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.

6. Facebook Integration

• We use Facebook's official API and OAuth system
• You can revoke our access through your Facebook settings at any time
• We comply with Facebook's Platform Policies and Terms
• Your Facebook data is not shared with third parties
• We do not post to your Facebook account or access private messages

7. Data Security

We implement industry-standard security measures:

• SSL/TLS encryption for data transmission
• Secure cloud infrastructure with access controls
• Regular security audits and monitoring
• Employee access restrictions and training
• Secure payment processing through certified providers

8. Your Rights and Choices

8.1 Access and Control

• View and download your audit data through your dashboard
• Delete your account and associated data
• Request correction of inaccurate information
• Opt out of marketing communications

8.2 Facebook Permissions

• Revoke Facebook access through Facebook settings
• Control which content types to analyze
• Delete imported content from our system

9. International Data Transfers

Your information may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses
• Adequacy decisions by regulatory authorities
• Certification schemes and codes of conduct

10. Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us.

11. Cookies and Tracking

We use cookies and similar technologies to:

• Maintain your session and preferences
• Analyze service usage and performance
• Provide security features
• Remember your settings and preferences

You can control cookies through your browser settings, though some features may not function properly without them.

12. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of material changes through:

• Email notification to your registered address
• Prominent notice on our website
• In-app notifications when you next log in

13. Contact Information

For privacy-related inquiries, data access requests, or to exercise your rights, please contact us using the information above. We will respond to your request within 30 days.

14. Regional Privacy Rights

14.1 European Users (GDPR)

If you are located in the European Economic Area, you have additional rights under GDPR:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

14.2 California Users (CCPA)

California residents have rights under the California Consumer Privacy Act:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale of personal information
• Right to non-discrimination for exercising privacy rights