# Privacy Policy **Last Updated: February 2026** ## Overview PostPilot ("the App") is built by Borst Photo ("we", "us", "our"). This policy explains how we collect, use, and protect your information when you use our AI-powered social media management application. We believe in transparency: we collect only what we need to provide the service, we never sell your data, and you can delete everything at any time. ## Information We Collect ### Account Information - **Email address** — used for authentication and account recovery - **Name** (optional) — displayed in your profile - **Password** — securely hashed; we never store or see your plaintext password ### Photos & Media - **Photos you upload** — stored on your device and temporarily on our cloud servers when publishing to social media - **Photo metadata** — file names, gallery assignments, upload timestamps, tags - **AI photo analysis** — scene descriptions, detected objects, mood, and colors generated when you request AI analysis - **Videos** — stored locally on your device; uploaded to our servers only when publishing Reels or Stories ### Facial Recognition & Biometric Data - **Face images** — when you use the facial recognition feature, we detect faces in your photos and store cropped face thumbnails on your device - **Face vectors** — mathematical representations of faces are sent to and stored in AWS Rekognition for face matching. These are not photographs — they are numerical data that cannot be reverse-engineered into images - **People profiles** — names, social media handles, and websites you associate with recognized faces **Important**: Facial recognition is entirely optional. You control when faces are scanned, who is identified, and can delete all face data at any time. We comply with BIPA (Illinois), CCPA (California), and GDPR requirements for biometric data. ### Social Media Account Data - **Facebook Page access tokens** — to publish content on your behalf - **Instagram Business Account IDs** — to publish content on your behalf - **Page/account names and IDs** — to display your connected accounts - **Post engagement metrics** — likes, comments, shares, and views fetched from Meta to show you analytics ### Content You Create - **Post captions** — text content you write or that AI generates for you - **Scheduling data** — when you want posts published - **AI preferences** — your writing style, tone, grammar level, and custom instructions - **Post rules** — your content rules and exclusion filters ### Dropbox Data (if connected) - **Dropbox access token** — to browse and download your photos - **File and folder names** — to display your Dropbox contents for import ### Device Permissions - **Camera** — to take photos for posts (only when you initiate) - **Photo Library** — to select existing photos and save content - **Face ID / Touch ID** — optional biometric lock for the app (processed entirely on-device by Apple; we never receive your biometric data) - **Notifications** — to alert you about low post counts ## How We Use Your Information - To authenticate you and secure your account - To store and organize your photos locally on your device - To generate AI-powered captions and hashtags using your preferences - To publish posts, stories, and reels to Facebook and Instagram on your behalf - To display engagement analytics for your published posts - To match faces across photos (only when you use this feature) - To import photos from your Dropbox (only when you initiate) ## Third-Party Services We share data with the following services only as necessary to provide the App's functionality: | Service | Data Shared | Purpose | |---------|-------------|---------| | **Supabase** | Account info, posts, social tokens | Cloud database, authentication, temporary image hosting for publishing | | **Meta (Facebook/Instagram)** | Post content, photos, videos, access tokens | Publishing posts, stories, reels; fetching engagement metrics | | **Anthropic (Claude AI)** | Post topics, writing preferences, photo images (for analysis) | AI content generation and photo analysis | | **AWS Rekognition** | Face image data | Face detection and matching across photos | | **Dropbox** | OAuth tokens, file download requests | Browsing and importing your Dropbox photos | | **OpenAI** (fallback only) | Post prompts | AI content generation if primary AI is unavailable | **We never sell, rent, or trade your personal information.** Data is shared with third parties only to provide the specific features you use. ## Data Storage & Security ### On Your Device - Photos are stored in the app's private document directory - Face thumbnails are stored locally on your device - A local SQLite database stores your settings, rules, people, and photo metadata - Dropbox tokens and biometric preferences are stored in iOS Keychain / Android Keystore (encrypted) ### In the Cloud - Account data and posts are stored in Supabase (encrypted in transit via TLS and at rest) - Photos are temporarily uploaded to Supabase Storage when publishing to Meta (and may be cleaned up after publishing) - Face vectors are stored in AWS Rekognition (encrypted at rest) ### Security Measures - All network communication uses HTTPS/TLS encryption - Passwords are hashed by Supabase Auth (never stored in plaintext) - Social media access tokens are validated before each use - Optional Face ID / Touch ID adds biometric security to app access ## Data Retention & Deletion ### Automatic - Temporary photo uploads for publishing may be retained in cloud storage - AI-generated content is not stored by Anthropic or OpenAI after processing ### Your Controls - **Delete photos** — remove individual photos or entire galleries from your device and our servers - **Delete faces** — remove face data from your device and AWS Rekognition - **Delete people** — remove person profiles and their associated face data - **Disconnect Dropbox** — revokes access and deletes stored tokens - **Delete Account** — permanently removes your account, profile, posts, and all associated data from our servers. Go to Settings > Delete Account in the app. When you delete your account: - Profile and authentication data are deleted immediately - Posts and scheduled content are deleted immediately - Face vectors are removed from AWS Rekognition - Local data on your device is cleared when you uninstall the app ## Children's Privacy PostPilot is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us at borstphoto@gmail.com and we will delete it. ## Your Rights ### California Residents (CCPA/CPRA) You have the right to: - **Know** what personal information we collect and how it's used - **Delete** your personal information - **Opt-out** of the sale of personal information (we do not sell your data) - **Non-discrimination** for exercising your privacy rights ### European Residents (GDPR) You have the right to: - **Access** your personal data - **Rectification** of inaccurate data - **Erasure** ("right to be forgotten") - **Data portability** - **Restrict** or **object** to processing - **Withdraw consent** at any time Our lawful basis for processing is: (a) performance of our contract with you (providing the service), (b) your consent (for facial recognition and optional features), and (c) legitimate interest (for service improvement and security). ### Illinois Residents (BIPA) Before collecting biometric data (face vectors), we: - Inform you of the collection and its purpose - Obtain your consent before scanning faces - Provide a means to delete all biometric data - Do not sell, lease, or trade biometric data - Store biometric data with reasonable security measures - Destroy biometric data when the purpose is fulfilled or within 3 years of your last interaction with the App, whichever comes first ## Do Not Track We do not track users across third-party websites. The App does not include any analytics or advertising SDKs. We do not respond to Do Not Track signals because we do not engage in tracking. ## Changes to This Policy We may update this policy from time to time. Changes will be reflected in the "Last Updated" date above. We will notify you of material changes through the App. Continued use after changes constitutes acceptance. ## Contact If you have questions about this privacy policy or want to exercise your rights: - **Email**: borstphoto@gmail.com - **Website**: https://www.borstphoto.com For privacy-specific requests, include "Privacy Request" in your subject line. We will respond within 30 days (or 45 days for complex requests, with notice).