Privacy Policy

Last Updated: October 23, 2025

1. Introduction

PostAutoma ("we", "our", or "us"), a product by ZoneLabs.ie, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered content generation platform.

This policy applies to all users of PostAutoma, including visitors to our website and registered users of our service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password (encrypted)
  • Profile Information: Profile picture, bio, preferences
  • Payment Information: Processed securely through Stripe (we do not store credit card details)
  • Content: Prompts, generated content, saved posts, videos
  • Social Media Credentials: OAuth tokens for connected accounts (encrypted)

2.2 Automatically Collected Information

  • Usage Data: Features used, generation history, subscription tier
  • Device Information: Browser type, operating system, IP address
  • Log Data: Access times, pages viewed, actions taken
  • Cookies: Session management, preferences, analytics

2.3 Third-Party Information

  • OAuth Providers: Profile information from Google, GitHub, YouTube, Meta
  • Payment Processor: Transaction data from Stripe
  • AI Providers: API usage data from Claude, OpenAI, RunwayML, Google Gemini

3. How We Use Your Information

We use collected information for:

  • Service Provision: Creating your account, generating content, processing payments
  • Service Improvement: Analyzing usage patterns, improving AI models, fixing bugs
  • Communication: Sending service updates, security alerts, support responses
  • Security: Detecting fraud, preventing abuse, ensuring platform security
  • Compliance: Meeting legal obligations, enforcing terms of service
  • Marketing: Sending promotional emails (you can opt-out)
  • Analytics: Understanding user behavior, measuring performance

4. Legal Basis for Processing (GDPR)

For EU users, we process your data based on:

  • Consent: When you agree to our terms and privacy policy
  • Contract Performance: To provide the service you've subscribed to
  • Legitimate Interests: For service improvement, security, and analytics
  • Legal Obligations: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

5.1 Third-Party Service Providers

We share data with trusted partners who help us operate our service:

  • AI Providers: Anthropic (Claude), OpenAI, RunwayML, Google (Gemini) - for content generation
  • Payment Processing: Stripe - for subscription billing
  • Cloud Storage: Cloudflare R2 - for video and file storage
  • Database: MySQL hosting provider - for data storage
  • Monitoring: Sentry - for error tracking and performance monitoring
  • Email: Email service provider - for transactional emails

5.2 Social Media Platforms

When you use our scheduling features, we share content with social media platforms (YouTube, Instagram, Facebook, LinkedIn, TikTok) according to your instructions.

5.3 Legal Requirements

We may disclose your information if required by law or to:

  • Comply with legal processes or government requests
  • Enforce our Terms and Conditions
  • Protect our rights, property, or safety
  • Prevent fraud or illegal activities

6. Data Security

We implement industry-standard security measures:

  • Encryption: All data in transit uses HTTPS/TLS encryption
  • Password Protection: Passwords are hashed using bcrypt
  • OAuth Token Encryption: Social media tokens are encrypted at rest
  • Access Controls: Role-based access to sensitive data
  • Regular Audits: Security reviews and vulnerability assessments
  • Secure Infrastructure: Hosting on secure, monitored servers

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations (e.g., tax records for 7 years)
  • Resolve disputes and enforce agreements

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we're required to retain it by law.

8. Your Rights

8.1 General Rights

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Export: Download your generated content
  • Opt-Out: Unsubscribe from marketing emails

8.2 GDPR Rights (EU Users)

  • Right to be Forgotten: Request complete data deletion
  • Data Portability: Receive your data in a structured format
  • Restrict Processing: Limit how we use your data
  • Object to Processing: Object to certain data processing activities
  • Withdraw Consent: Revoke consent at any time
  • Lodge a Complaint: File a complaint with your local data protection authority

8.3 CCPA Rights (California Residents)

  • Know: What personal information we collect and how it's used
  • Delete: Request deletion of your personal information
  • Opt-Out: Opt-out of sale of personal information (we don't sell data)
  • Non-Discrimination: Equal service regardless of privacy choices

To exercise your rights, please visit our Data Deletion Instructions page or contact us at privacy@zonelabs.ie.

9. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Authentication, session management, security
  • Functional Cookies: User preferences, settings
  • Analytics Cookies: Usage statistics, performance monitoring
  • Marketing Cookies: Advertising (if applicable, with consent)

You can control cookies through your browser settings. However, disabling essential cookies may affect service functionality.

10. Children's Privacy

PostAutoma is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will delete it immediately.

11. International Data Transfers

Your data may be transferred to and processed in countries outside your residence. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses (SCCs) for EU data transfers
  • Privacy Shield frameworks (where applicable)
  • Adequacy decisions by competent authorities

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the new policy on this page with an updated "Last Updated" date
  • Sending an email notification to registered users
  • Displaying a prominent notice on our website

Continued use of the service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

  • Email: privacy@zonelabs.ie
  • Data Protection Officer: dpo@zonelabs.ie
  • Address: [Company Street Address], [City], Ireland

14. Additional Information for EU Users

Data Controller: ZoneLabs Ireland is the data controller for your personal information.

EU Representative: [If applicable, provide EU representative details]

Supervisory Authority: You have the right to lodge a complaint with your local data protection authority.