SwipePostSign In

Privacy Policy

Last updated: March 3, 2026

1. Introduction

SwipePost ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and services (collectively, the "Service").

By using SwipePost, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this policy, please do not use our Service.

2. Information We Collect

Account Information: When you register, we collect your email address and password (hashed). We never store passwords in plain text.

Brand Profile: Information you provide about your business, including your business description, target audience, preferred platform, and tone of voice.

Connected Social Accounts: When you connect social media accounts (Instagram, X/Twitter, LinkedIn), we store OAuth access tokens and basic profile information (username, user ID) to enable features like analytics and publishing. We do not store your social media passwords.

Generated Content: Posts, images, and calendar entries you create using our AI tools.

Usage Data: We collect information about how you interact with the Service, including generation counts and feature usage, for the purpose of enforcing plan limits and improving the product.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Generate personalized social media content based on your brand profile
  • Display analytics and performance metrics for your connected social accounts
  • Publish and schedule posts to your connected social media accounts
  • Process payments and manage subscriptions
  • Send transactional emails (e.g., email verification, password resets)
  • Enforce our terms of service and usage limits

4. Third-Party Services

We integrate with the following third-party services:

  • Google AI (Gemini): Powers our AI content generation. Your brand profile and content instructions are sent to Google's API to generate posts and images. Google's privacy policy applies to this data processing.
  • Meta/Instagram API: Used to connect your Instagram account, fetch analytics data, and publish content. Subject to Meta's Data Policy.
  • X (Twitter) API: Used to connect your X account, fetch analytics data, and publish content. Subject to X's Privacy Policy.
  • LinkedIn API: Used to connect your LinkedIn account and publish content. Subject to LinkedIn's Privacy Policy.
  • Stripe: Handles payment processing for Pro subscriptions. We do not store your credit card information. Stripe's privacy policy governs payment data.
  • Resend: Sends transactional emails on our behalf (verification, password resets).

5. Data Storage and Security

Your data is stored securely on servers hosted by Vercel and Neon (PostgreSQL). We implement industry-standard security measures including:

  • Encrypted connections (HTTPS/TLS) for all data in transit
  • Hashed passwords using bcrypt
  • Secure OAuth 2.0 token storage
  • CSRF protection on authentication flows
  • HttpOnly, Secure cookies for session management

6. Data Retention

We retain your data for as long as your account is active. Generated posts that are discarded are automatically deleted after 30 days through our data retention process. You can delete your account and all associated data at any time by contacting us.

7. Your Rights

You have the right to:

  • Access your personal data stored in our system
  • Correct inaccurate information in your brand profile or account
  • Delete your account and all associated data
  • Disconnect any social media accounts at any time through your Settings page
  • Export your calendar and content data

8. Instagram / Meta Data Handling

When you connect your Instagram account, we access the following data through Meta's Business Login for Instagram:

  • Your Instagram username and user ID
  • Your recent media posts and their performance metrics (likes, comments, reach, views, saves, shares)
  • Follower count

This data is used solely to provide you with analytics insights and personalized content recommendations. We do not sell, share, or distribute your Instagram data to third parties.

You can revoke SwipePost's access to your Instagram account at any time by:

  • Disconnecting your account in SwipePost Settings
  • Removing SwipePost from your Instagram authorized apps

When you deauthorize SwipePost from Instagram, or request data deletion, we automatically remove all stored Instagram data (access tokens, user IDs, and cached analytics) from our systems.

9. Cookies

We use essential cookies only — specifically for authentication session management and OAuth state verification. We do not use advertising cookies or third-party tracking cookies.

10. Children's Privacy

SwipePost is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this page. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, data deletion requests, or any privacy concerns, please contact us at:

support@swipe-post.com

Data Deletion Request Status

If you submitted a data deletion request through Instagram, your request has been processed and all associated Instagram data has been removed from our systems. If you have questions about a specific deletion request, please contact us with your confirmation code.

← Back to SwipePost