Privacy Policy
Last updated: June 4, 2026
What we collect
- Account data: name, email address, and (if you sign up with Google) your Google profile basics.
- Content you submit: the briefs you write, the drafts we generate from them, image prompts, and uploaded media.
- Integration metadata: identifiers for the social accounts you've connected through Postiz. We don't store your third-party passwords.
- Usage data: standard server logs (IP, user agent, timestamps) for security and debugging.
How we use this information
- To provide the Service — generate drafts, publish posts.
- To send transactional emails (verification, password reset).
- To investigate abuse and protect users.
Third parties we share with
- Anthropic and Google AI — the content of your briefs is sent to one of these providers (your choice via
GENERATE_PROVIDER) to generate drafts. Neither provider trains models on API content as of writing. - OpenAI — image prompts are sent if you use AI image generation.
- Postiz — drafts and uploaded images are sent to Postiz to publish to your connected social accounts.
- Supabase — hosts your account, sessions, and integration metadata.
Cookies
We use first-party cookies strictly for authentication (session refresh). No third-party analytics or advertising cookies.
Data retention
Account and post history are kept until you delete your account. Server logs roll off after 30 days.
Your rights
You can access, correct, or delete your data via account settings, or email info@onepost.my.
Changes
We may update this Policy. Material changes will be announced via email or in-app notice.
Contact
Privacy questions? Email info@onepost.my.