Social Intern | Privacy Policy

2. Information We Collect

We collect information that you provide to us directly and information automatically collected through your use of our service.

Personal Information: This includes information that can be used to identify you personally, such as your name, email address, and phone number, which you provide when you sign up for our service or communicate with us.
Business Information: Information related to your business, including business name, social media profiles, and content preferences.
Generated Content: Content that is created by our AI on your behalf, including text and images.
Usage Information: Information about how you use our service, including interaction with Website and the content generated by our AI.

3. Brand Analysis Data Collection

Our service includes comprehensive brand analysis capabilities to create personalized social media content that aligns with your business identity and target audience. This section explains how we collect, analyze, and use your brand information.

Methods of Brand Data Collection:

We collect brand information through two primary methods, which may be used individually or in combination:

Automated Website Analysis: When you provide your business website URL, we automatically visit, scan, and analyze your website to extract brand information including business description, services offered, brand voice, visual style, target audience indicators, and competitive positioning.
Manual Data Entry: You may directly provide brand information through our platform, including business details, brand voice preferences, target audience descriptions, competitive analysis, and content style guidelines.
Hybrid Approach: We may combine automated analysis with your manual input, where our system generates initial brand analysis from your website and you review, edit, and refine this information to ensure accuracy.

Types of Brand Data We Collect and Analyze:

Business Information: Company name, industry type, business description, products or services offered, business location, and contact information.
Brand Voice and Messaging: Tone of communication, brand personality, key messaging themes, value propositions, and communication style preferences.
Target Audience Data: Demographics, psychographics, customer personas, audience interests, pain points, and behavioral patterns of your ideal customers.
Competitive Analysis: Information about your competitors, market positioning, competitive advantages, industry trends, and differentiation factors.
Visual Brand Elements: Color schemes, logo usage, imagery style, design preferences, and visual brand guidelines extracted from your website or provided materials.
Content Themes: Preferred content topics, industry-specific themes, seasonal considerations, and content categories that align with your business goals.
Social Media Presence: Existing social media profiles, posting patterns, engagement styles, and platform-specific preferences.

Website Analysis Process:

When you provide a website URL for analysis, our automated system:

Visits the website using automated crawling technology
Analyzes publicly available content including text, images, and structure
Extracts brand messaging, tone, and style information
Identifies target audience indicators and business focus areas
Analyzes competitive positioning and market context
Generates brand analysis reports based on this data

How We Use Brand Analysis Data:

Content Generation: To create AI-generated social media content that matches your brand voice, style, and messaging preferences.
Audience Targeting: To ensure generated content resonates with your specific target audience and addresses their interests and needs.
Campaign Development: To develop social media campaigns and content pillars that align with your business objectives and brand positioning.
Content Personalization: To customize content recommendations, posting schedules, and platform strategies based on your brand characteristics.
Performance Optimization: To analyze how well generated content performs relative to your brand goals and adjust strategies accordingly.

Brand Data Storage and Retention:

All brand analysis data is stored securely and retained for the duration of your account plus any applicable legal retention periods. This includes:

Original website analysis results and extracted data
Manually provided brand information and user edits
Generated brand profiles and analysis reports
Historical changes and updates to brand information
Performance data related to brand-aligned content

User Responsibility and Data Accuracy:

As outlined in our Terms of Service, you are responsible for:

Reviewing and verifying the accuracy of all automated brand analysis results
Providing accurate and complete brand information when manually entering data
Updating brand information when your business, messaging, or target audience changes
Confirming that brand analysis results align with your actual business objectives and brand guidelines

Third-Party Website Analysis:

Your Control Over Brand Data:

Review and Edit: You can review, modify, or correct any brand analysis results at any time through your account dashboard.
Data Updates: You can update your brand information, request re-analysis of the website, or provide new brand guidelines as your business evolves.
Deletion Requests: You can request deletion of specific brand analysis data or your entire brand profile by contacting us at privacy@socialintern.com.
Analysis Opt-Out: You can choose to provide all brand information manually without automated website analysis.

4. How We Use Your Information

We use your information to:

Provide, operate, and maintain our service
Improve, personalize, and expand our service
Understand and analyze how you use our service
Develop new products, services, features, and functionality
Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to Website, and for marketing and promotional purposes
Send you emails and messages through the messaging apps you've connected with our service

Content Storage and Retention:

We store all AI-generated content and published social media posts indefinitely for the following purposes:

Service Improvement: To analyze content performance and effectiveness, helping us improve our AI algorithms and content generation capabilities.
User Reference: To provide you with a complete history of your generated and published content for your records and reference.
Content Analytics: To track engagement metrics and performance data for content published through our service, enabling better content recommendations.
Quality Assurance: To monitor content quality and ensure our AI-generated content meets appropriate standards and guidelines.
Compliance and Support: To assist with customer support inquiries and comply with legal requirements or platform policies when necessary.
Research and Development: To conduct research on content trends, user preferences, and platform performance to enhance our service offerings.

This stored content includes both the AI-generated content created for you and copies of the final posts that were successfully published to your social media accounts. We maintain this content to ensure continuity of service and to provide you with comprehensive analytics and historical data about your social media presence.

5. Content Approval Communications

Our service delivers AI-generated social media content to you through various communication channels for your review and approval. This section explains how we communicate with you, what information is included in these communications, and how you can control your communication preferences.

Available Communication Methods:

We currently offer two primary communication methods for content delivery:

Email: Content delivery via email to your registered email address, including formatted content previews and action links.
Slack Integration: Direct delivery to your connected Slack workspace or channel, allowing for seamless workflow integration and team collaboration.

Communication Schedule and Frequency:

Default Schedule: We establish a default communication schedule based on your content generation preferences and posting frequency requirements.
Customizable Frequency: You can modify your communication schedule through your account dashboard to receive content at your preferred times and frequency.
Variable Daily Messages: Depending on your schedule settings and content generation needs, you may receive multiple messages per day, one message per day, or no messages on certain days.
Real-Time Delivery: Content approval messages are sent as soon as new content is generated and ready for your review, based on your specified schedule.

Content of Communication Messages:

Each content approval communication includes the following information:

Generated Content Preview: A preview of the AI-generated social media post, including text, hashtags, and any associated media descriptions.
Action Links: Secure, personalized links that allow you to:
- Approve and publish the content directly
- Edit or modify the content before publishing
- View alternative content options or variations
- Reject the content and request new options

Email Communication Details:

Sender Information: All emails are sent from official Social Intern email addresses with clear identification.
Email Format: Messages are formatted for both HTML and plain text viewing, ensuring compatibility across email clients.
Security: All action links in emails are secured with unique tokens and have limited validity periods for security purposes.
Delivery Tracking: We may track email delivery status and open rates to ensure reliable communication and improve service quality.

Slack Integration Details:

Workspace Connection: You can connect your Slack workspace through OAuth authentication, granting us permission to send messages to specified channels.
Channel Selection: You control which Slack channels receive content approval messages, allowing for team-based workflows.
Message Format: Slack messages include interactive elements when possible, such as buttons for quick approval actions.
Team Collaboration: Multiple team members can view and interact with content approval messages in shared channels.
Slack Data Handling: We only send messages to your Slack workspace and do not read or store messages from your Slack channels.

Third-Party Messaging Platform Integration:

When you connect third-party messaging platforms like Slack:

Data Shared: We share only the content approval information necessary for the communication, including generated content and action links.
Platform Policies: Your use of third-party messaging platforms is subject to their respective terms of service and privacy policies.
Access Control: You can revoke our access to messaging platforms at any time through your account settings or the platform's app management.
Data Retention: We do not store copies of messages sent to third-party platforms beyond delivery confirmation.

Communication Preferences and Controls:

Schedule Management: Modify your communication schedule, including frequency, timing, and preferred delivery methods through your account dashboard.
Channel Selection: Choose between email and Slack for receiving content approval communications.
Temporary Pausing: Temporarily pause content delivery communications during vacations or busy periods.
Emergency Communications: Important service notifications and security alerts may be sent regardless of your communication preferences.

Communication Data Storage:

Delivery Logs: We maintain logs of communication delivery status for troubleshooting and service improvement purposes.
Interaction Tracking: We track user interactions with communication links (clicks, approvals, edits) to improve content relevance and user experience.
Preference History: Your communication preferences and schedule changes are stored to maintain service continuity.
Content History: Copies of sent communications may be retained for customer support and service improvement purposes.

Communication Security and Privacy:

Secure Links: All action links in communications are secured with unique, time-limited tokens to prevent unauthorized access.
Encryption: Communications are transmitted using industry-standard encryption protocols.
Access Logging: We log access to content approval links for security monitoring and fraud prevention.
Privacy Protection: Content approval communications are sent only to verified email addresses or authorized messaging platforms.

Troubleshooting and Support:

If you experience issues with content approval communications:

Check your spam/junk folders for email communications
Verify your email address and Slack connection settings in your account dashboard
Ensure your communication schedule is properly configured
Contact our support team at support@socialintern.com for assistance

6. Sharing Your Information

We may share your information with third parties in the following situations:

With your consent.
For the performance of a contract, such as engaging with third-party service providers to deliver our service.
To comply with legal obligations.
To protect and defend our rights and property.
In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

In addition, we partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with Website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

7. Third-Party AI Services Integration

Our social media content generation service relies on integration with various third-party artificial intelligence providers to deliver high-quality, personalized content. This section explains how we work with these AI services, what data is shared, and how your information is protected.

AI Service Providers We Work With:

We integrate with multiple leading AI providers to ensure the best possible content generation experience. These providers may include:

OpenAI - For text and image generation capabilities
Anthropic - For advanced language processing and content creation
Google/Alphabet - For various AI and machine learning services
DeepSeek - For specialized content analysis and generation
OpenRouter - For AI model routing and optimization
Replicate - For image and video generation services
Perplexity - For research and information gathering
xAI - For advanced AI processing capabilities
DeepInfra - For AI infrastructure and model hosting
Fireworks - For high-performance AI model inference

Note: The specific providers we use may change over time as we continuously evaluate and integrate the best available AI technologies to serve our users.

What Data Is Shared with AI Providers:

Content Generation Prompts: We share the prompts and instructions necessary for generating your social media content, which may include your brand voice preferences, content themes, and campaign objectives.
Business Context Information: General business description, category, industry type, and target audience information needed to create relevant content (e.g., "restaurant," "fitness," "technology startup").
Content Preferences: Your specified content style, tone, and format preferences to ensure generated content matches your brand voice.
Previous Content Performance Data: Anonymized performance metrics to help AI providers understand what types of content work best for your industry or content style.

What Data Is NOT Shared with AI Providers:

Personal Identifiable Information: Your name, email address, phone number, or any other personally identifiable information is never shared with AI providers.
Account Credentials: Login information, passwords, API keys, or any authentication data is never shared.
Financial Information: Payment details, billing information, or any financial data is never shared with AI providers.
Proprietary Business Secrets: Confidential business strategies, customer lists, financial data, or other sensitive proprietary information is not shared unless explicitly provided by you for content generation purposes.
Private Communications: Support tickets, private messages, or internal communications are never shared with AI providers.

AI Provider Data Handling Practices:

We carefully select AI providers based on their commitment to data privacy and security. Our AI partners generally:

Process data only for the specific purpose of generating content for your request
Do not store or retain your data beyond the time necessary to complete the content generation
Do not use your data to train their models without explicit consent
Implement enterprise-grade security measures to protect data in transit and processing
Comply with major privacy regulations such as GDPR, CCPA, and other applicable data protection laws

AI Provider Privacy Policies:

For detailed information about how each AI provider handles data, please review their respective privacy policies:

OpenAI: https://openai.com/privacy/
Anthropic: https://www.anthropic.com/privacy
Google: https://policies.google.com/privacy
Replicate: https://replicate.com/privacy
Perplexity: https://www.perplexity.ai/privacy

Note: Privacy policy links for other providers may be added as they become available. We recommend checking with each provider directly for their most current privacy policies.

Your Control Over AI Provider Data Sharing:

Data Minimization Requests: You can request that we minimize the amount of business context shared with AI providers, though this may impact content quality and relevance.
Provider Transparency: You may request information about which specific AI providers were used to generate your content.

Monitoring and Compliance:

We continuously monitor our AI provider relationships to ensure compliance with privacy standards and regularly review their data handling practices. If any AI provider changes their data handling practices in a way that affects your privacy, we will evaluate the relationship and notify you of any material changes.

8. Social Media Platform Integration

Our service is designed to create and publish content directly to your social media accounts across multiple platforms. This section explains how we integrate with social media platforms, what data is shared, and how you can control these connections.

Supported Social Media Platforms:

We currently support integration with the following social media platforms:

Facebook - For posting to personal profiles, business pages, and Facebook groups
Instagram - For posting photos, videos, stories, and reels
Twitter (X) - For posting tweets, threads, and media content
LinkedIn - For posting to personal profiles and company pages
TikTok - For posting short-form video content
YouTube - For posting videos, shorts, and community posts

Note: Platform availability may vary based on API access, platform policies, and technical capabilities. We continuously work to expand and maintain platform integrations.

How Social Media Integration Works:

To publish content to your social media accounts, you must explicitly authorize our service to connect with each platform through their official APIs (Application Programming Interfaces). This authorization process:

Uses OAuth 2.0 or similar secure authentication protocols
Requires your explicit consent for each platform connection
Grants only the minimum permissions necessary for content publishing
Can be revoked by you at any time through your social media account settings

What Data Is Shared with Social Media Platforms:

Content for Publishing: The text, images, videos, and other media content that you approve for publication to your social media accounts.
Publishing Metadata: Information necessary for proper content formatting, such as post timing, hashtags, mentions, and platform-specific formatting requirements.
Account Verification Data: Basic account information needed to verify your identity and ensure content is posted to the correct accounts.
Scheduling Information: Date and time preferences for when content should be published to each platform.

What Data Is NOT Shared with Social Media Platforms:

Personal Information: Your email address, phone number, or other personal details from your Social Intern account are not shared with social media platforms.
Account Credentials: Your Social Intern login information, passwords, or other authentication data is never shared.
Business Information: Confidential business data, financial information, or proprietary strategies beyond what's necessary for content creation.
Other Platform Data: Information from one social media platform is not shared with other platforms without your explicit consent.

API Access and Permissions:

For each social media platform, we request only the minimum permissions necessary to provide our service:

Publishing Permissions: The ability to create and publish posts, images, and videos to your accounts.
Account Information: Basic account details to verify identity and ensure proper content delivery.
Media Upload: Permission to upload images, videos, and other media files to your social media accounts.
Scheduling Access: The ability to schedule content for future publication according to your preferences.
Analytics: The ability to read basic engagement metrics (likes, shares, comments) for content published through our service.

We do NOT request permissions for:

Reading your private messages or direct messages
Accessing your followers' or friends' information
Modifying your account settings or profile information
Deleting your existing content
Accessing financial or payment information

Platform-Specific Privacy Policies:

Each social media platform has its own privacy policy and data handling practices. We recommend reviewing these policies to understand how your data is handled by each platform:

Facebook: https://www.facebook.com/privacy/policy/
Instagram: https://help.instagram.com/519522125107875
Twitter (X): https://twitter.com/privacy
LinkedIn: https://www.linkedin.com/legal/privacy-policy
TikTok: https://www.tiktok.com/legal/privacy-policy
YouTube: https://policies.google.com/privacy

Your Control Over Social Media Connections:

Connection Management: You can connect or disconnect social media accounts at any time through your Social Intern account settings.
Platform-Specific Controls: You can revoke our access to any social media platform directly through that platform's app settings or privacy controls.
Selective Publishing: You can choose which platforms to publish content to for each individual post or campaign.
Content Approval: All content must be explicitly approved by you before it is published to any social media platform.
Scheduling Control: You have full control over when and how often content is published to each platform.

Platform Policy Compliance:

We monitor and comply with each social media platform's terms of service, API usage policies, and content guidelines. However, you remain responsible for ensuring that your content complies with each platform's community guidelines and terms of service. Platform policy violations may result in restrictions or suspension of your social media accounts, which is outside of our control.

Service Interruptions:

Social media platform integrations may be temporarily unavailable due to:

Platform API changes or maintenance
Platform policy updates that affect third-party applications
Technical issues with platform services
Changes in platform authentication requirements

We will work to restore functionality as quickly as possible.

9. Security of Your Information

At Social Intern, we prioritize the security of your personal and business information. We understand the importance of protecting your data from unauthorized access, alteration, disclosure, or destruction. To this end, we employ a comprehensive array of security measures designed to safeguard your information throughout its lifecycle with us.

Our Security Practices Include:

Encryption: We use strong encryption protocols to protect data during transmission over the internet and while stored on our servers. This helps to ensure that your sensitive information, such as personal details and communication preferences, is securely encoded.
Access Control: Access to your personal information is strictly limited to authorized personnel who have a legitimate business need to access it. We enforce strict access controls and regularly review permissions to ensure that only authorized individuals can access your data.
Regular Security Assessments: Our systems undergo regular security assessments to identify and remediate potential security threats. By proactively seeking out vulnerabilities, we aim to fortify our defenses against unauthorized access or breaches.
Data Anonymization and Minimization: Where possible, we anonymize and minimize the data we collect and store, ensuring that we only retain what is necessary to provide you with our services. This reduces the risk associated with data storage and processing.
Training and Awareness: We regularly train our employees on best practices for data security and privacy protection. This includes educating our team on recognizing phishing attempts and other common cyber threats, ensuring they are equipped to protect your information.

While we strive to use commercially acceptable means to protect your personal information, it's important to recognize that no method of electronic storage or transmission over the internet is 100% secure. As such, we cannot guarantee the absolute security of your data. However, we are committed to adhering to the best practices in data security and to continuously improving our security measures in response to evolving threats.

We encourage our users to also take steps in protecting their information, such as using strong, unique passwords for their accounts and being cautious of phishing scams and other online threats.

10. AI Training Data Usage

As part of our commitment to improving our AI-powered social media content generation service, we may use certain data to enhance our algorithms and service quality. This section explains how we handle data for AI training purposes and your rights regarding this usage.

What Data May Be Used for AI Training:

Anonymized User Interactions: We may use anonymized, non-personally identifiable data from your interactions with our service, including how you engage with generated content, approval patterns, and general usage metrics.
Content Performance Data: Aggregated and anonymized data about how AI-generated content performs across our platform, such as engagement patterns and content effectiveness metrics.
System Usage Patterns: Anonymous data about how users navigate and utilize our platform features to improve user experience and AI recommendations.

What Data Is NOT Used for AI Training:

Personal Information: We do not use your name, email address, phone number, or other personally identifiable information for AI training purposes.
Proprietary Business Information: Your business-specific content, brand voice, proprietary strategies, customer data, or any confidential business information is never used for AI training without your explicit written consent.
Private Communications: Any private messages, support communications, or confidential exchanges between you and our team are not used for training purposes.
Account Credentials: Login information, passwords, API keys, or any security-related data is never used for AI training.

Data Anonymization Process:

Before any data is considered for AI training purposes, we implement a comprehensive anonymization process that removes all personally identifiable information and business-specific details. This process includes:

Removal of all direct identifiers (names, email addresses, business names, etc.)
Aggregation of data to prevent individual identification
Generalization of specific business details to broad industry categories
Time-based anonymization to prevent temporal identification patterns

Your Rights Regarding AI Training Data:

Right to Opt-Out: You may request to opt-out of having your anonymized interaction data used for AI training purposes by contacting us at privacy@socialintern.com with the subject line "AI Training Opt-Out Request."
Right to Information: You may request information about what types of anonymized data derived from your account usage may be included in our AI training datasets.
Right to Explicit Consent: For any use of your data beyond the anonymized interactions described above, we will always seek your explicit written consent before proceeding.

Third-Party AI Services:

Our service integrates with various third-party AI providers (such as OpenAI, Anthropic, Google, and others) to generate content. These providers have their own data usage policies. We ensure that:

We only share the minimum necessary data required for content generation
We do not share your personal information with these providers
We select providers who offer appropriate data protection guarantees
We regularly review and update our provider agreements to ensure compliance with privacy standards

Data Retention for AI Training:

Anonymized data used for AI training purposes may be retained indefinitely as it cannot be traced back to individual users or businesses. However, if you opt-out of AI training data usage, we will ensure that no new anonymized data derived from your account is added to our training datasets from the date of your opt-out request.

11. Your Rights

At Social Intern, we recognize and respect your rights over your personal information. The rights available to you may vary depending on your jurisdiction (such as the European Union, California, etc.), but generally include the following:

Right to Access: You have the right to request access to the personal information we hold about you. This includes the right to be informed of the nature of the personal information stored, its source, and how it is being used.
Right to Correction: If you believe that any information we hold about you is incorrect or incomplete, you have the right to request a correction. We are committed to ensuring the accuracy of your personal information.
Right to Deletion: You may have the right to request the deletion of your personal information from our records, subject to certain exceptions. For example, we may need to retain certain information for legal or operational reasons.
Right to Restrict Processing: In certain circumstances, you have the right to request that we restrict the processing of your personal information. This might apply if you contest the accuracy of the data or if you have objected to processing and we are considering your objection.
Right to Withdraw Consent: If we are processing your personal information based on your consent, you have the right to withdraw that consent at any time. However, this will not affect the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us at privacy@socialintern.com. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we cannot comply with a request, we will explain why.

We will update this section as necessary to reflect changes in applicable laws and regulations that may affect your rights over your personal information. We encourage you to review this section periodically to stay informed about how you can exercise your rights.

12. California Consumer Privacy Rights (CCPA)

This section applies solely to California residents and supplements the information contained elsewhere in this Privacy Policy. This section uses certain terms that have the meaning given to them in the California Consumer Privacy Act of 2018 ("CCPA").

Categories of Personal Information We Collect:

Under the CCPA, we may collect the following categories of personal information about California consumers:

Identifiers: Name, email address, phone number, IP address, and other similar identifiers.
Commercial Information: Purchase history, service usage patterns, subscription details, and records of products or services purchased or considered.
Internet or Electronic Network Activity: Website interactions, app usage, browsing history, search history, and information regarding your interaction with our website, application, or advertisements.
Professional or Employment-Related Information: Business details, industry type, job title, company information, and other professional information you provide.
Inferences: Inferences drawn from personal information to create profiles reflecting your content preferences, engagement patterns, brand characteristics, and other preferences or characteristics.

Your CCPA Rights:

As a California resident, you have the following rights under the CCPA:

Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected your personal information, our business or commercial purpose for collecting your personal information, and the categories of third parties with whom we share your personal information.
Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions under the CCPA (such as information needed to complete transactions, detect security incidents, or comply with legal obligations).
Right to Opt-Out: You have the right to opt-out of the sale of your personal information. We do not sell personal information and have not sold personal information in the past 12 months.
Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising any of your CCPA rights. We will not deny you goods or services, charge different prices, or provide different quality of service based on your exercise of CCPA rights.

Exercising Your CCPA Rights:

To exercise your CCPA rights, please contact us using the following information:

Email: support@socialintern.com
Subject Line: "CCPA Rights Request"
Include in your request: Your full name, email address associated with your account, and specific details about the right you wish to exercise

Identity Verification:

We will verify your identity before processing your CCPA request to protect your personal information from unauthorized access. Our verification process may include:

Requesting additional identifying information to match against our records
Asking you to confirm details about your account or service usage
Requiring you to respond from the email address associated with your account
For deletion requests, we may require additional verification steps to ensure the request is legitimate

Authorized Agents:

You may designate an authorized agent to make a CCPA request on your behalf. To do so, you must:

Provide written authorization signed by you designating the agent to act on your behalf
Provide proof of the agent's identity
We may also require you to verify your own identity directly with us
If you have provided the agent with power of attorney pursuant to California Probate Code sections 4000 to 4465, we may not require additional documentation

Response Timeframe:

We will respond to verifiable consumer requests within 45 days of receipt. If we require more time (up to 90 days total), we will inform you of the reason and extension period in writing within the initial 45-day period. Any disclosures we provide will only cover the 12-month period preceding our receipt of your request.

Personal Information Disclosure for Business Purposes:

We may disclose personal information to service providers, contractors, and other third parties for business purposes as described throughout this Privacy Policy. These business purposes include:

Providing our social media content generation services
Processing payments and managing accounts
Providing customer support and technical assistance
Improving and developing our services
Ensuring security and preventing fraud
Complying with legal obligations

We do not sell personal information as defined by the CCPA, and we have not sold personal information in the past 12 months.

CCPA Definitions:

For purposes of this section, "personal information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer or household, as defined by the CCPA.

13. Email Communication Compliance

This section explains our email communication practices, your preferences and controls, and our compliance with the CAN-SPAM Act and other applicable email regulations. This information supplements our Content Approval Communications section with specific details about email data handling and compliance.

Types of Email Communications:

By creating an account and using our service, you consent to receive email communications from Social Intern, including:

Content Delivery Emails: Daily (or several times daily) emails containing AI-generated social media posts for your review and approval, delivered according to your specified schedule.
Service Notifications: Account updates, service announcements, feature releases, and important changes to our platform or policies.
Marketing and Promotional Communications: Optional emails about new features, services, offers, industry insights, and promotional content (you can opt-out of these).
Technical Support Communications: Customer service responses, troubleshooting assistance, and support-related correspondence.
Legal and Policy Notices: Important legal notifications, privacy policy updates, terms of service changes, and compliance-related communications.

Transactional vs. Marketing Emails:

Transactional Emails: Content delivery emails, service notifications, technical support, and legal notices are transactional in nature and necessary for service delivery. You may modify your content delivery schedule through your account settings but cannot opt-out of these emails while maintaining an active account.
Marketing Emails: Promotional communications are optional and you can opt-out at any time without affecting your core service functionality.

Email Preferences and Opt-Out Options:

You can manage your email preferences and opt-out of marketing communications through the following methods:

Unsubscribe Links: Click the "unsubscribe" link included in any marketing email to immediately opt-out of promotional communications.
Account Settings: Manage your email preferences, including content delivery schedules, through your account dashboard.
Direct Contact: Contact us at support@socialintern.com to modify your email preferences or opt-out of specific communication types.
Preference Center: Access detailed email preference controls through links provided in our emails.

CAN-SPAM Compliance:

All emails from Social Intern comply with the CAN-SPAM Act and include the following requirements:

Clear Sender Identification: All emails clearly identify Social Intern as the sender with our official business name and contact information.
Truthful Subject Lines: Email subject lines accurately reflect the content and purpose of the email without misleading or deceptive language.
Unsubscribe Mechanism: Marketing emails contain a clear and conspicuous unsubscribe mechanism that is easy to find and use.
Prompt Unsubscribe Processing: We honor unsubscribe requests within 10 business days and do not charge fees for processing opt-out requests.

Third-Party Email Service Providers:

We may use third-party email service providers to deliver emails on our behalf. These providers are:

Contractually Obligated: Required to comply with CAN-SPAM requirements and maintain the security of your email information.
Data Processing Agreements: Bound by data processing agreements that limit their use of your email data to authorized purposes only.
Security Standards: Required to implement appropriate technical and organizational measures to protect your email data.
Privacy Compliance: Obligated to comply with applicable privacy laws and regulations regarding email communications.

Email Data Handling:

Email Addresses: We collect and store your email address for account creation, service delivery, and communication purposes.
Email Preferences: We maintain records of your email preferences, opt-out choices, and communication settings.
Delivery Tracking: We may track email delivery status, open rates, and click-through rates to improve service quality and ensure reliable communication.
Interaction Data: We collect data about your interactions with email content (such as link clicks and content approvals) to improve user experience.

Email Security and Privacy:

Encryption: Emails are transmitted using industry-standard encryption protocols to protect data in transit.
Access Controls: Access to email systems and data is restricted to authorized personnel only.
Security Limitations: While we implement reasonable security measures, email is not a completely secure medium. Users should not include sensitive personal or financial information in email communications with us.
Spam Protection: We implement measures to prevent our emails from being marked as spam and to protect against email-based security threats.

Email Delivery and Technical Issues:

Delivery Responsibility: Social Intern is not responsible for email delivery failures due to spam filters, email server issues, incorrect email addresses, or other technical problems beyond our control.
User Responsibilities: Users are responsible for ensuring their email systems can receive our communications, maintaining current email addresses, and checking spam/junk folders.
Email Updates: Users must promptly update their email address in their account settings when it changes to ensure continued service delivery.
Delivery Support: If you experience email delivery issues, contact our support team for assistance with troubleshooting and resolution.

14. Cookie Policy

This section explains how we use cookies and similar tracking technologies on our website and service. We use cookies to enhance your user experience, analyze website performance, and improve our services.

What Are Cookies:

Cookies are small text files that are stored on your device (computer, tablet, or mobile) when you visit our website. They help us recognize your device and remember information about your visit, such as your preferred settings and how you use our website.

Types of Cookies We Use:

We use several categories of cookies on our website:

Essential/Functional Cookies: These cookies are necessary for the website to function properly. They enable core functionality such as security, network management, and accessibility. You cannot opt-out of these cookies without affecting how our website functions.
Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. They help us improve our website performance and user experience.
Marketing/Advertising Cookies: These cookies are used to track visitors across websites to display relevant and engaging advertisements. They may be set by us or by third-party providers whose services we use.
Preference Cookies: These cookies remember your choices and preferences (such as language or region) to provide a more personalized experience.

Specific Cookie Technologies We Use:

Microsoft Clarity: We use Microsoft Clarity to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay. This helps us improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. For more information, visit the Microsoft Privacy Statement.
PostHog: We use PostHog for product analytics, user behavior tracking, and feature usage analysis. PostHog helps us understand how users interact with our service to improve functionality and user experience. For more information, visit the PostHog Privacy Policy.
Google Analytics: We may use Google Analytics to analyze website traffic, user behavior, and marketing campaign effectiveness. This helps us understand our audience and improve our website and services. For more information, visit the Google Privacy Policy.
Marketing Attribution Tools: We may use various analytics and attribution tools to track where users came from, measure marketing campaign effectiveness, and optimize our advertising efforts. These may include tools from Google, Facebook, LinkedIn, and other advertising platforms.
CAPTCHA Services: We may use CAPTCHA services (such as Google reCAPTCHA) to protect our website from spam and abuse. These services may set cookies to distinguish between human users and automated bots, helping us maintain security and prevent fraudulent activity. For more information about Google reCAPTCHA, visit the Google Privacy Policy.

Cookie Duration:

Session Cookies: These are temporary cookies that are deleted when you close your browser. They help us track your activity during a single browsing session.
Persistent Cookies: These cookies remain on your device for a set period (ranging from days to years) or until you delete them. They help us recognize you when you return to our website.

First-Party vs. Third-Party Cookies:

First-Party Cookies: These are set directly by our website and can only be read by our website. We use these for essential website functionality and to improve your user experience.
Third-Party Cookies: These are set by external services we use, such as analytics providers, advertising networks, or social media platforms. These cookies may track your activity across multiple websites.

How We Use Cookie Data:

Website Functionality: To ensure our website works properly and provide essential features like user authentication and security.
Performance Analysis: To understand how users interact with our website and identify areas for improvement.
User Experience: To remember your preferences and provide a more personalized experience.
Marketing Optimization: To measure the effectiveness of our marketing campaigns and improve our advertising efforts.
Security: To detect and prevent fraudulent activity and protect against security threats.

Your Cookie Choices:

Browser Settings: Most web browsers allow you to control cookies through their settings. You can typically block cookies, delete existing cookies, or set your browser to notify you when cookies are being sent.
Cookie Consent Management: We may provide cookie consent tools that allow you to manage your cookie preferences directly on our website.
Opt-Out Links: For specific analytics services, you can opt-out using the following links:
- Google Analytics: Google Analytics Opt-out
- Microsoft Clarity: Managed through browser settings or our cookie preferences
- PostHog: Use browser settings to block cookies

Impact of Disabling Cookies:

Please note that disabling certain cookies may impact your experience on our website:

Essential cookies: Disabling these may prevent core website functionality from working properly
Analytics cookies: Disabling these will not affect your browsing experience but will limit our ability to improve our website
Marketing cookies: Disabling these may result in less relevant advertising but will not affect website functionality
Preference cookies: Disabling these may require you to reset your preferences each time you visit

Cookie Updates:

We may update our use of cookies from time to time to improve our services or comply with legal requirements. We will update this Cookie Policy accordingly and notify you of any significant changes through our website or other communication channels.

Contact Us About Cookies:

If you have questions about our use of cookies or would like to exercise your rights regarding cookies, please contact us at privacy@socialintern.com with the subject line "Cookie Policy Inquiry."

15. Payment Information

This section explains how we handle payment information when you subscribe to our services or make purchases through our platform. We prioritize the security of your financial information and use industry-leading payment processors to ensure your data is protected.

Payment Processing:

We use Stripe, a leading payment processing platform, to handle all payment transactions. When you make a payment through our service:

Direct Processing: Your payment information is transmitted directly to Stripe's secure servers and is not stored on our systems.
Secure Transmission: All payment data is encrypted during transmission using industry-standard SSL/TLS encryption protocols.
PCI Compliance: Stripe is PCI DSS Level 1 compliant, the highest level of certification available in the payments industry.
Tokenization: Stripe uses tokenization to replace sensitive payment data with non-sensitive tokens, adding an extra layer of security.

What Payment Information We Do NOT Store:

Social Intern does not store any sensitive payment information on our servers, including:

Credit card numbers
Debit card numbers
Card verification codes (CVV/CVC)
Bank account numbers
Banking routing numbers
Payment method PINs or passwords

What Payment-Related Information We Do Store:

We may store limited, non-sensitive payment-related information necessary for account management and service delivery:

Transaction Records: Basic transaction information such as payment amounts, dates, and transaction IDs for billing and support purposes.
Billing Information: Your billing address and contact information associated with your payment method.
Subscription Status: Information about your subscription plan, billing cycle, and payment status.
Payment Method Type: General information about the type of payment method used (e.g., "Visa ending in 1234") without storing the full card number.
Invoice Data: Billing invoices and receipts for your records and tax purposes.

Stripe's Data Handling:

Since all sensitive payment data is handled by Stripe, their privacy and security practices apply to your payment information:

Data Storage: Stripe securely stores your payment information in their PCI-compliant data centers.
Data Usage: Stripe uses your payment information solely for processing transactions and fraud prevention.
Data Retention: Stripe retains payment data according to their retention policies and legal requirements.
Privacy Policy: Stripe's handling of your payment data is governed by their privacy policy, which you can review at https://stripe.com/privacy.

Payment Security Measures:

Fraud Detection: Stripe employs advanced machine learning algorithms to detect and prevent fraudulent transactions.
3D Secure: Support for 3D Secure authentication for additional security on eligible transactions.
Real-time Monitoring: Continuous monitoring of transactions for suspicious activity.
Secure APIs: All communication between our platform and Stripe uses secure, encrypted API connections.

Billing and Subscription Management:

Automatic Billing: For subscription services, we use Stripe's secure recurring billing system to process automatic payments.
Payment Updates: You can update your payment information through your account dashboard, which securely communicates with Stripe.
Billing Notifications: We may send you email notifications about upcoming charges, failed payments, or billing updates.
Refunds: Refunds are processed through Stripe and typically appear on your original payment method within 5-10 business days.

Payment Disputes and Chargebacks:

Dispute Resolution: Payment disputes are handled through Stripe's dispute resolution process in accordance with card network rules.
Documentation: We may provide transaction documentation to Stripe to help resolve disputes or chargebacks.
Communication: We will communicate with you regarding any payment disputes through your registered email address.

International Payments:

For international customers, Stripe handles currency conversion and international payment processing in compliance with local regulations and banking requirements in your jurisdiction.

Your Payment Data Rights:

Access: You can access your payment history and billing information through your account dashboard.
Updates: You can update your billing information and payment methods at any time through your account settings.
Deletion: Upon account closure, we will delete non-essential payment-related data, though some transaction records may be retained for legal and tax compliance purposes.
Stripe Rights: For rights regarding payment data stored by Stripe, please refer to Stripe's privacy policy and contact Stripe directly.

Payment Support:

If you have questions about payments, billing, or need assistance with payment-related issues, please contact our support team at support@socialintern.com with the subject line "Payment Support."

16. Data Retention Policies

This section outlines our comprehensive data retention schedule, specifying how long different types of data are kept, the criteria for determining retention periods, and our deletion procedures. Our retention policies are designed to balance business needs, legal requirements, and your privacy rights.

General Retention Principles:

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. When determining retention periods, we consider:

The nature and sensitivity of the data
Legal and regulatory requirements
Business and operational needs
User expectations and preferences
Security and technical considerations

Account Information Retention:

Active Accounts: Personal information (name, email, phone number) is retained for the duration of your active account plus 180 days after account closure to allow for account reactivation requests.
Account Credentials: Login credentials and authentication data are retained for the duration of your active account and deleted within 180 days of account termination.
Profile Information: Business details, preferences, and account settings are retained for the duration of your active account plus 180 days after termination for potential account recovery.
Inactive Accounts: Accounts inactive for more than 2 years may be automatically deleted after 30 days written notice to the registered email address.

Brand Analysis Data Retention:

Website Analysis Results: Automated brand analysis data is retained for the duration of your account plus 1 year after termination for service improvement purposes.
Manual Brand Information: User-provided brand details, voice preferences, and guidelines are retained for the duration of your account plus 6 months after termination.
Brand Performance Data: Analytics and performance metrics related to brand-aligned content are retained for 3 years after account termination for research and development purposes.
Historical Brand Changes: Records of brand information updates and modifications are retained for 2 years after account termination for audit and compliance purposes.

Content and Communication Retention:

AI-Generated Content: All AI-generated social media posts and variations are retained indefinitely for service improvement, research, and development purposes.
Published Content Copies: Copies of content successfully published to social media platforms are retained for 5 years after account termination for performance analysis and legal compliance.
User Feedback and Edits: Content modifications, rejections, and approval patterns are retained for 3 years after account termination for AI training and service enhancement.

Payment and Billing Data Retention:

Transaction Records: Payment history, transaction IDs, and billing amounts are retained for 7 years after the transaction date for tax compliance and financial auditing requirements.
Billing Information: Billing addresses and contact information are retained for 3 years after account termination for tax and legal compliance purposes.
Subscription Data: Subscription history, plan changes, and billing cycles are retained for 5 years after account termination for business analytics and compliance.
Invoice and Receipt Data: Billing invoices and payment receipts are retained for 7 years after issuance for tax and accounting compliance.

Technical and Usage Data Retention:

Log Files: Server logs, access logs, and error logs are retained for 2 years for security monitoring and technical troubleshooting.
Analytics Data: Website usage analytics, user behavior data, and performance metrics are retained for 2 years for service improvement and business intelligence.
Cookie Data: Cookie information and tracking data are retained according to the specific cookie's expiration period, typically ranging from session-based to 2 years.
API Usage Data: Records of API calls, integrations, and third-party service interactions are retained for 2 years for technical support and service optimization.

Communication and Support Data Retention:

Customer Support Records: Support tickets, chat logs, and correspondence are retained for 3 years after resolution for quality assurance and training purposes.
Email Communications: Marketing emails, service notifications, and transactional emails are retained for 2 years for compliance and communication tracking.
Communication Preferences: Email preferences, opt-out records, and communication settings are retained for 5 years to ensure compliance with anti-spam regulations.

Legal and Compliance Data Retention:

Legal Requests: Data subject to legal holds, court orders, or regulatory investigations is retained until the legal matter is resolved and any appeal periods have expired.
Compliance Records: Records required for regulatory compliance (CCPA, GDPR, etc.) are retained for the minimum period required by applicable law, typically 3-7 years.
Audit Trails: Security audit logs, access records, and compliance monitoring data are retained for 2 years for regulatory and security purposes.

Account Termination and Data Deletion:

When you terminate your account or we terminate your account in accordance with our Terms of Service:

Immediate Actions: Your access to the service is immediately disabled, and your account is marked for deletion.
30-Day Grace Period: For user-initiated terminations, we maintain a 180-day grace period during which you can request account reactivation by logging in or contacting support.
Progressive Deletion: After the grace period, data is deleted according to the retention schedules outlined above, starting with the most sensitive personal information.
Secure Deletion: All data deletion follows secure deletion practices to ensure data cannot be recovered or reconstructed.

Data Deletion Procedures:

Automated Deletion: We use automated systems to delete data according to predetermined schedules and retention policies.
Manual Review: Certain data categories undergo manual review before deletion to ensure compliance with legal requirements and business needs.
Backup Deletion: Data is also removed from backup systems and archives according to our backup retention policies.
Verification Process: Deletion processes are logged and verified to ensure complete and secure data removal.

Exceptions to Standard Retention:

Legal Holds: Data subject to litigation, regulatory investigation, or legal preservation requirements may be retained beyond standard periods.
Security Incidents: Data related to security breaches or fraud investigations may be retained longer for security and legal purposes.
Regulatory Requirements: Certain data may be retained longer to comply with specific industry regulations or legal requirements.
User Requests: Users may request longer retention periods for specific data categories for their business needs.

Your Rights Regarding Data Retention:

Right to Deletion: You may request deletion of your personal data before the standard retention period expires, subject to legal and business requirements.
Right to Information: You may request information about how long your specific data will be retained and the criteria used for determining retention periods.
Right to Object: You may object to certain data retention practices, and we will review your request in accordance with applicable privacy laws.
Data Portability: Before deletion, you may request a copy of your data in a portable format for your records.

Updates to Retention Policies:

We may update our data retention policies from time to time to reflect changes in legal requirements, business needs, or industry best practices. Material changes to retention periods will be communicated through our website and, where required, through direct notification to affected users.

Contact Us About Data Retention:

If you have questions about our data retention policies, wish to request early deletion of your data, or need information about specific retention periods, please contact us at privacy@socialintern.com with the subject line "Data Retention Inquiry."

17. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top.

18. Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@socialintern.com.

Privacy Policy Content

1. Introduction