Privacy Policy.
Last updated: December 14, 2025
Introduction
Postaroo ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our social media scheduling and content management service.
We respect your privacy and are transparent about the data we collect and how we use it. This policy is designed to be clear and easy to understand, even if you're not a legal expert.
Information We Collect
Personal Information
When you create an account or use Postaroo, we collect:
- Name and email address
- Business or company name
- Billing and payment information (processed securely through our payment provider)
Facebook & Instagram Account Data
When you connect your Facebook Pages or Instagram Business accounts to Postaroo, we collect and store the following data to enable scheduling, publishing, and analytics:
- Facebook Page ID and name
- Instagram Business account ID and username
- Profile images and public details
- Encrypted access tokens for publishing
- Publishing permissions granted by you
- Post content you compose in Postaroo (captions, images, videos)
- Post-level metrics (reach, impressions, saves, shares, engagement)
- Account-level insights (follower counts, audience demographics, online activity windows) — only when you open the analytics section of Postaroo
We use the instagram_manage_insights and pages_read_engagement permissions solely to display these metrics inside your Postaroo dashboard. We do not share them with third parties or use them for advertising.
Usage & Technical Data
We automatically collect certain technical information when you use Postaroo:
- IP address and browser type
- Pages visited within the app
- Timestamps and interaction logs
- Device info and operating system
How We Use Your Information
We use the information we collect for the following purposes:
- Scheduling and publishing to Facebook and Instagram
- AI content generation based on your input
- Managing connected social accounts
- Improving product experience
- Customer support and communication
- Processing payments and billing
- Sending important updates about your account, service changes, or new features
Facebook & Instagram Platform Data
Postaroo connects to Facebook and Instagram via Meta's official APIs. This integration allows us to schedule and publish content on your behalf.
Data is used only to perform actions you explicitly request. We do not access or use your Facebook or Instagram data for any purpose other than providing our scheduling and publishing service.
Postaroo complies with Meta Platform Terms and Developer Policies. We adhere to all requirements set by Meta to ensure your data is handled securely and responsibly.
Data Sharing & Disclosure
We do NOT sell your personal data. Your information is never sold to advertisers, data brokers, or third parties for marketing purposes.
We may share your information only in the following limited situations:
- With trusted service providers: We use third-party services for hosting, payment processing, and analytics. These providers are contractually required to protect your data.
- With Facebook and Instagram: When you publish content, your posts and related data are sent to these platforms according to your instructions.
- If legally required: We may disclose information if required by law, regulation, legal process, or government request.
Data Retention
We retain your data only as long as your account is active or as needed to provide our services to you.
When you disconnect a Facebook Page or Instagram account from Postaroo, we immediately revoke access tokens, remove scheduled posts, and permanently delete connection data.
If you delete your Postaroo account, all of your data will be permanently deleted within 30 days, except where we're required to retain certain records for legal or regulatory purposes.
Security
We take the security of your data seriously and implement industry-standard security measures:
- Encrypted transmission using HTTPS/TLS
- Secure storage with encryption at rest
- Limited internal access on need-to-know basis
- Regular security audits and monitoring
- Secure authentication with password hashing and session management
While we implement strong security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we continuously work to protect your information.
Your Rights
Depending on your location, you have certain rights regarding your personal information:
- Right to access: Request a copy of the personal data we hold about you
- Right to correction: Request that we correct inaccurate or incomplete data
- Right to deletion: Request that we delete your personal data (see above)
- Right to object: Object to certain types of data processing
- Right to data portability: Request your data in a machine-readable format
To exercise any of these rights, contact us at info@postaroo.io
Cookies and Tracking
We use cookies and similar technologies to improve your experience and analyze how our service is used. Essential cookies are required for authentication and core functionality, while analytics cookies help us understand usage patterns and improve the product.
You can control or disable cookies through your browser settings. Note that disabling certain cookies may affect the functionality of Postaroo.
Third-Party Services
Postaroo integrates with third-party services including Facebook and Instagram (via Meta APIs), payment processors for billing, and cloud hosting providers.
We are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies.
Children's Privacy
Postaroo does not knowingly collect personal information from children under the age of 13. In compliance with the Children's Online Privacy Protection Act (COPPA), if we become aware that we have collected personal data from a child under 13, we will delete that information promptly.
Postaroo is additionally intended for users aged 18 or older per our Terms of Service. Minors between 13 and 18 should only use the Service with the involvement of a parent or guardian.
If you believe a child has provided us with personal information, please contact us at info@postaroo.io and we will take immediate action to delete it.
GDPR & CCPA Rights
Depending on where you live, you may have additional rights under the European Union's General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA).
EU / EEA / UK users (GDPR)
Postaroo processes your personal data on one of the following lawful bases:
- Contract — to deliver the Postaroo service you signed up for.
- Consent — when you connect a Facebook Page or Instagram Business account, you explicitly consent to the OAuth scopes listed on Meta's permission screen.
- Legitimate interest — to secure our platform, prevent abuse, and improve our product.
- Legal obligation — to retain tax and billing records as required by law.
You have the right to access, correct, export, delete, or object to the processing of your personal data, and to lodge a complaint with your local data protection authority.
California residents (CCPA / CPRA)
California residents have the right to know what personal information we collect, request deletion, opt out of the "sale" or "sharing" of personal information (we do not sell or share personal information for cross-context behavioral advertising), and not be discriminated against for exercising these rights.
To exercise any GDPR or CCPA right, email info@postaroo.io. We respond within 30 days.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service features. When we make changes, we will update the "Last updated" date at the top of this page.
For significant changes, we will notify you via email or through the application. Your continued use of Postaroo after changes constitutes acceptance of the updated policy.