1. Information We Collect

Account Information

When you create an account through Clerk authentication, we collect:

Email address
Name (if provided)
Authentication provider information (Google, GitHub, etc.)
Account creation and last login dates

Content Data

To provide our AI repurposing service, we process:

Blog content you submit for repurposing
Generated social media content (Twitter threads, LinkedIn posts, newsletters)
Tone and style preferences
Usage history and statistics

Technical Information

We automatically collect:

IP address and location data
Browser type and version
Device information
Usage patterns and feature interactions
Error logs and performance data

2. How We Use Your Information

We use your information to:

Provide and improve our AI content repurposing service
Process your content through OpenAI's GPT models for content generation
Manage your account and subscription
Process payments through Stripe
Send service updates and important notifications
Analyze usage patterns to improve our service
Provide customer support
Ensure service security and prevent abuse
Comply with legal obligations and enforce our terms

Automated Decision Making

Our service uses automated systems for:

Content Generation: AI automatically creates social media content based on your input
Spam Detection: Automated systems filter potentially inappropriate content
Usage Monitoring: Automated tracking of your subscription usage and limits

You have the right to request human review of any automated decisions that significantly affect you.

3. Third-Party Services

Authentication - Clerk

We use Clerk for secure user authentication. Clerk processes your authentication data according to theirprivacy policy.

AI Processing - OpenAI

Your content is processed through OpenAI's API to generate repurposed social media content. Here's how this works:

Data Processing: Your blog content is sent to OpenAI's servers for AI analysis and content generation
No Training Use: As of 2024, OpenAI does not use API data to train their models unless explicitly opted in
Temporary Processing: Your content is processed in real-time and not stored long-term by OpenAI
API-only Access: We only use OpenAI's API services, not their web interface or consumer products
Data Location: Processing occurs on OpenAI's servers, primarily in the United States

OpenAI's privacy policyand API data usage policiesgovern how they handle your data during processing.

Analytics - Microsoft Clarity

With your consent, we use Microsoft Clarity to understand user behavior through session recordings and heatmaps. Clarity helps us identify usability issues and improve our service design. Microsoft'sprivacy statementgoverns this data processing.

Payments - Stripe

Payment processing is handled by Stripe, which is PCI DSS compliant. We do not store your payment card information. Stripe's privacy policygoverns payment data handling.

Database - Neon

We use Neon PostgreSQL for secure data storage with encryption at rest and in transit.

4. Data Security

We implement industry-standard security measures including:

Encryption in transit (HTTPS/TLS)
Encryption at rest for database storage
Regular security audits and updates
Access controls and authentication
Secure API endpoints with rate limiting
Regular backups and disaster recovery procedures

Data Breach Notification

In the unlikely event of a data breach that may impact your personal information, we commit to:

Timely Notification: Notify affected users within 72 hours of discovering the breach
Detailed Information: Provide details about what data was compromised and potential impacts
Mitigation Steps: Explain what actions we're taking to address the breach
User Guidance: Provide recommendations for steps you should take to protect yourself
Regulatory Compliance: Notify relevant data protection authorities as required by law

5. Data Retention

We retain your data as follows:

Account Data: Until you delete your account
Content History: Stored for service functionality; you can delete individual items
Usage Analytics: Aggregated data may be retained longer for service improvement
Payment Records: Retained as required by law and tax regulations
Support Communications: Retained for up to 2 years

6. Your Rights

General Privacy Rights

You have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate personal data
Deletion: Request deletion of your personal data
Portability: Export your data in a machine-readable format
Restriction: Limit how we process your data
Objection: Object to certain types of processing

California Residents (CCPA Rights)

If you are a California resident, you have additional rights:

Right to Know: Request information about personal data collected, used, disclosed, or sold
Right to Delete: Request deletion of personal data we have collected
Right to Opt-Out: We do not "sell" personal data as defined by CCPA
Right to Non-Discrimination: We will not discriminate for exercising your privacy rights

Data Sharing Clarification

We share data with third parties (OpenAI, Clerk, Stripe, analytics providers) only for service provision purposes. This does not constitute a "sale" under CCPA or similar privacy laws, as we do not receive monetary compensation for sharing your personal information.

To exercise these rights, contact us through the support channels available in the application.

7. Cookies and Tracking

What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us provide a better user experience and analyze how our service is used.

Types of Cookies We Use

Essential Cookies (Always Active)

These cookies are necessary for our service to function:

Authentication cookies: Keep you logged in and secure
Session cookies: Remember your preferences during your visit
Security cookies: Protect against fraud and unauthorized access
Functional cookies: Enable core features like form submissions

Analytics Cookies (Optional)

With your consent, we use these for website improvement:

Google Analytics: Understand user behavior and improve our service
Microsoft Clarity: Session recordings and heatmaps for usability insights
Performance cookies: Monitor website speed and functionality
Usage tracking: Analyze feature adoption and user flows

Cookie Consent

When you first visit our site, you'll see a cookie consent banner. You can:

Accept: Allow all cookies including Google Analytics and Microsoft Clarity
Decline: Only use essential cookies required for functionality
Change later: Update your preferences anytime in this privacy policy

Managing Your Cookie Preferences

You can control cookies through:

Our cookie banner: Choose your preferences when prompted
Browser settings: Block or delete cookies (may affect functionality)
Do Not Track: We respect your browser's Do Not Track setting
Google Analytics opt-out: Use Google's opt-out browser add-on
Microsoft Clarity opt-out: Disable through our cookie preferences or browser settings

Cookie Retention

Different cookies have different lifespans:

Session cookies: Deleted when you close your browser
Authentication cookies: Expire after your login session ends
Analytics cookies: Retained for up to 2 years (Google Analytics default, Microsoft Clarity varies)
Preference cookies: Stored until you change your settings

8. Website Analytics

We use Google Analytics and Microsoft Clarity to understand how visitors interact with our website. These analytics tools collect:

Pages visited and time spent on each page
Browser type and version
Device type and screen resolution
Geographic location (country/city level)
Referral source (how you arrived at our site)
Anonymized IP addresses
User interactions and click patterns (Microsoft Clarity)
Session recordings and heatmaps (Microsoft Clarity)

This data helps us improve our service and user experience. Google Analytics data is retained for 26 months, while Microsoft Clarity retention varies by plan. You can learn more about their data practices:

Opt-out Options: You can opt out of analytics tracking by:

Declining analytics cookies through our cookie consent banner
Installing the Google Analytics Opt-out Browser Add-on
Using your browser's Do Not Track setting (respected by both services)
Disabling cookies in your browser settings

9. International Data Transfers

Your data may be processed and stored in various countries where our service providers operate, primarily in the United States. We ensure appropriate safeguards are in place for international data transfers through:

Standard Contractual Clauses: EU-approved contractual terms for data transfers outside the EEA
Privacy Shield Compliance: Working with providers that maintain appropriate privacy certifications
Data Processing Agreements: Contractual obligations with all third-party processors
Security Measures: Encryption and access controls for all international transfers

Primary data storage locations include:

Application data: United States (Neon PostgreSQL)
Authentication data: United States (Clerk)
Payment data: United States and European Union (Stripe)
AI processing: United States (OpenAI)

10. Children's Privacy

BlogSocializer is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we discover we have collected such information, we will delete it promptly.

11. Changes to This Policy

We may update this privacy policy periodically. We will notify you of significant changes via email or through our service. Your continued use of the service after changes indicates acceptance of the updated policy.

12. Contact Us

If you have questions about this privacy policy or our data practices, please contact us through the support channels available in the application.

13. Legal Basis for Processing (GDPR)

For users in the EU, our legal basis for processing your data includes:

Contract: To provide our service as agreed
Legitimate Interest: To improve our service and prevent fraud
Consent: For optional features and communications
Legal Obligation: To comply with applicable laws

Privacy Policy