← Back to Home

Privacy Policy

Last updated: January 2025

1. Information We Collect

We collect the following types of information:

  • Account Information: Email address for authentication
  • Usage Data: Number of generations, platform choices, timestamps
  • Payment Information: Processed securely by Stripe; we do not store payment details

2. Information We Do NOT Collect

  • We do not permanently store the text you select or generate
  • We do not track your browsing history
  • We do not sell your personal information

3. How We Use Your Information

We use collected information to:

  • Provide and improve the Service
  • Enforce usage quotas
  • Process payments and manage subscriptions
  • Send important service updates

4. Data Storage and Security

Your data is stored securely using PostgreSQL database (via Supabase) with industry-standard encryption. We implement strict security measures including JWT-based authentication and secure password hashing to ensure you can only access your own data.

5. Third-Party Services

We use the following third-party services:

  • Supabase: Secure PostgreSQL database hosting
  • Stripe: Payment processing (PCI-DSS compliant)
  • OpenAI: AI content generation (GPT-4o, GPT-5-mini)
  • Vercel: Hosting and infrastructure
  • Google OAuth: Optional authentication method

Each service has its own privacy policy governing their handling of your data.

6. Chrome Extension Permissions

Our extension requests minimal permissions:

  • contextMenus: To show the right-click menu option
  • activeTab: To read selected text on the current page only when you invoke the extension
  • storage: To save your generation history locally in your browser
  • identity: To enable Google sign-in (optional)

7. Your Rights (GDPR Compliance)

Under GDPR and other privacy laws, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion of your account and data
  • Right to Data Portability: Export your data in a machine-readable format
  • Right to Restrict Processing: Limit how we use your data
  • Right to Object: Opt out of marketing communications
  • Right to Withdraw Consent: Revoke consent at any time

To exercise any of these rights, please contact us at privacy@click2post.io

8. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Contract Performance: To provide the Service you signed up for
  • Legitimate Interest: To improve and secure our Service
  • Consent: For marketing communications (where applicable)
  • Legal Obligation: To comply with applicable laws

9. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) with our service providers to protect your data in accordance with GDPR requirements.

10. Data Retention

We retain your account data for as long as your account is active. Upon account deletion, we remove your personal data within 30 days, except where required by law (e.g., tax records, fraud prevention). Usage logs are anonymized after 90 days.

11. Cookies and Tracking

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party analytics. You can manage cookie preferences in your browser settings.

12. Children's Privacy

Our Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service at least 30 days before they take effect. Continued use after changes constitutes acceptance.

14. Supervisory Authority

If you are located in the EEA and believe we have not addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.

15. Contact

For privacy-related questions or to exercise your rights, contact us at privacy@click2post.io

Data Protection Officer: privacy@click2post.io
Mailing Address: Click2Post, [Your Business Address]