Privacy Policy
Effective May 1, 2026
1. Data we collect
We collect the data you give us to operate the service: account details (name, work email, profile photo), workspace data (drafts, scheduled posts, brand voice training content, approval comments, analytics), and limited operational telemetry to keep the product working (page-level events, error reports, performance metrics).
We do not sell your data. We do not use your content to train models that benefit anyone other than you.
2. How we use your data
- To provide and improve the Postify service.
- To train your private brand voice model (only on content you've explicitly added).
- To send essential service notifications (billing, security, downtime).
- To send product news to admins, with an unsubscribe link.
- To respond to support requests.
4. Your rights
You can access, export, correct, or delete your data at any time from inside Postify. Workspace admins can do the same for workspace data. EU users have additional GDPR rights detailed in our DPA. To exercise any right, email privacy@postify.to.
5. Retention
Active workspace data is kept for as long as your account is active. Cancelled workspaces are read-only for 90 days, then permanently deleted. Operational logs are kept for up to 90 days. Backup tapes roll over within 30 days.
6. Security
We're SOC 2 Type II audited. Customer data is encrypted at rest (AES-256) and in transit (TLS 1.3). For our full security posture, email security@postify.to.
8. Changes to this policy
We'll email workspace admins at least 30 days before any material change to this policy. The effective date at the top of the page is always the version in force.
9. Contact
Postify Ltd. (Company No. 517338851). Email privacy@postify.to or write to the registered address listed in the footer.