Privacy Policy

Information We Collect

• Account and profile information, such as your name, email address, company details, login method, and subscription status.
• Content and files you provide, including posts, drafts, carousels, images, PDFs, briefs, prompts, uploaded assets, and feedback.
• Integration data from services you connect, such as LinkedIn account or page identifiers, profile information, publishing destinations, analytics exports, and related metadata needed to operate the service.
• Usage, device, and technical data, such as IP address, browser type, pages visited, events, referral information, and cookie or local storage identifiers.
• Communications with us, including support requests, onboarding responses, and messages sent through our support tools.

How We Use Information

• Provide, maintain, secure, and improve Postiv AI.
• Authenticate users, manage organizations and seats, process payments, and provide customer support.
• Create, edit, schedule, publish, analyze, and manage LinkedIn content and related workflows requested by users.
• Generate AI-assisted outputs such as drafts, rewrites, design assistance, or reply suggestions based on user inputs and connected context.
• Measure product usage, attribution, conversions, fraud prevention, performance, and service reliability.
• Comply with legal obligations and enforce our terms and policies.

LinkedIn Data

If you connect LinkedIn, we process LinkedIn data to provide posting, scheduling, analytics, page management, engagement management, and related features you request.

• We may process your authenticated LinkedIn profile or page information, connected page and profile identifiers, publishing destinations, post identifiers, analytics metrics, and comment-thread context needed for the feature you use.
• For engagement features, we may temporarily process comment text and limited commenter information shown inside the product so you can review and respond to conversations.
• We use LinkedIn data only to provide permitted LinkedIn management, publishing, reporting, and engagement workflows inside Postiv AI.
• We do not sell LinkedIn-derived personal data and do not use it to build member databases, enrich CRM records, support sales prospecting, recruiting, ad targeting, or unrelated third-party marketing datasets.
• You can stop this processing by disconnecting your LinkedIn account or page integration.

AI-Assisted Features

We use third-party AI providers to generate or improve outputs based on the prompts, content, files, and context you choose to use with the product.

• This can include text you write, uploaded files, business context, and connected content needed to fulfill your request.
• For example, if you request an AI reply suggestion for a LinkedIn comment, we may send the relevant post text, comment text, selected tone, and related business context needed to generate the draft.
• AI providers process your data through their standard API services only. Your inputs and outputs are not used to train AI models under the applicable provider API terms.
• These features are intended to help you create or review content, and you remain responsible for reviewing outputs before publishing or relying on them.

Cookies and Tracking Technologies

We use cookies, pixels, SDKs, local storage, and similar technologies to operate the service and measure performance.

• Essential technologies help with authentication, security, fraud prevention, organization switching, and session continuity.
• Analytics and support technologies help us understand usage, troubleshoot issues, and assist customers.
• Marketing and attribution technologies may be used to understand campaign performance, referrals, affiliate attribution, and ad conversions.
• Depending on your location, these technologies may be controlled through your browser, device settings, or applicable consent tools.

How We Share Information

We do not sell your personal information. We may share information in the following situations:

• With service providers that help us host, secure, operate, and support Postiv AI.
• With integration partners you choose to connect, such as LinkedIn, Google, Microsoft, Stripe, or user-configured webhook destinations.
• With AI providers used to generate requested outputs, such as OpenAI, Anthropic, or Google.
• With analytics, support, email, attribution, and infrastructure providers such as Supabase, AWS, Vercel, PostHog, Intercom, Loops, Cloudflare Turnstile, Rewardful, and similar vendors acting on our behalf.
• With advertising and conversion measurement providers such as Google, Meta, and LinkedIn where we use their measurement or conversion tools.
• When required by law, regulation, legal process, or to protect rights, safety, and the integrity of the service.
• In connection with a merger, financing, acquisition, reorganization, sale of assets, or similar transaction.

Data Storage and Security

We use technical and organizational measures designed to protect personal information against unauthorized access, loss, misuse, or disclosure. No system is completely secure, and we cannot guarantee absolute security.

Our primary application data is hosted in EU infrastructure (AWS Frankfurt, Germany). Core service providers including our database, analytics, payment processing, and customer support tools also operate within EU data centers.

Where personal data is transferred outside the EU - for example, when processing API requests through AI providers such as OpenAI, Anthropic, or Google - we rely on appropriate safeguards including Standard Contractual Clauses or adequacy decisions recognized under GDPR. These AI providers process data through their API only; your data is not used for model training under their API terms.

Data Retention and Deletion

• We retain account, billing, operational, and user-created content for as long as needed to provide the service, maintain records, resolve disputes, enforce agreements, and meet legal obligations.
• For LinkedIn-related features, we apply shorter retention windows where required by platform rules. This includes short-lived caching for certain third-party LinkedIn member profile fields and social activity data.
• As of this policy, other LinkedIn members' profile-related cache data is generally limited to up to 24 hours, and certain LinkedIn social activity data, such as comment text and related metadata, is generally limited to up to 48 hours, after which it is deleted or stripped from cache records.
• Structural identifiers, status markers, and records needed to keep product workflows functioning or to maintain auditability may be retained longer where permitted.
• If you disconnect LinkedIn, we delete or clean up cached LinkedIn member data in accordance with the applicable platform requirements and our internal cleanup processes.

Your Rights and Choices

Depending on your location, you may have rights under applicable data protection laws, including the General Data Protection Regulation (GDPR). These rights may include the right to access, correct, delete, or export your personal information, the right to restrict or object to certain processing, and the right to lodge a complaint with a supervisory authority.

We process personal information on the following legal bases under GDPR: performance of a contract (to provide the service you signed up for), legitimate interest (to improve and secure the service, measure performance, and prevent fraud), consent (where you actively connect integrations or opt in to marketing), and legal obligation (where required by law).

• You can update certain profile and organization information inside the product.
• You can disconnect third-party integrations, including LinkedIn, from your account.
• You can request access, correction, export, or deletion of your personal information by contacting our privacy contact below.
• You can opt out of some marketing communications by using the unsubscribe link in those emails.
• You can control some cookies and tracking technologies through your browser or device settings.

Children's Privacy

Our service is not intended for children under 16, and we do not knowingly collect personal information from children under 16.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we may update the date below and provide notice through the service or by email where appropriate.

Company Information

Postiv AI is operated by The DB Group LLC.

Contact

For privacy-related questions or requests, contact us at hello@postiv.ai.