Privacy Policy

Last updated: March 29, 2026

1. Information We Collect

When you use Postrr, we collect:

• Account information: Email address and password when you register
• TikTok profile data: Display name, avatar, and username obtained through TikTok's official OAuth 2.0 flow when you connect your account
• TikTok OAuth tokens: Access and refresh tokens stored securely to post on your behalf
• Content you upload: Videos and images you choose to publish via our platform
• Post metadata: Captions, privacy settings, posting status, and timestamps
• AI-generated content: Caption variations generated by our AI tools at your request

2. How We Use Your Information

• To authenticate you and provide access to the platform
• To publish content to TikTok on your behalf, only when you explicitly confirm a post
• To generate AI-optimized caption suggestions at your request
• To display your post history and status within the app
• To maintain your TikTok connection by refreshing access tokens

We do not sell, rent, or share your personal data with third parties for advertising or marketing purposes.

3. TikTok Integration

Postrr uses TikTok's official Content Posting API and Login Kit. By connecting your TikTok account, you authorize us to:

• Read your basic profile information (display name, avatar, username)
• Query your creator settings (privacy options, interaction preferences)
• Publish video and photo content to your TikTok account upon your explicit request and confirmation

You can revoke this access at any time through your TikTok app settings (Settings → Security → Manage app permissions) or by disconnecting your account within Postrr.

4. Data Storage and Security

Your data is stored in secure, encrypted databases hosted by Supabase (SOC 2 Type II compliant). OAuth tokens are encrypted at rest. All data transmission uses TLS encryption. We follow industry-standard security practices to protect your information.

5. Data Retention and Deletion

We retain your data for as long as your account is active. Upon account deletion:

• All personal data, OAuth tokens, and post records are permanently deleted within 30 days
• Uploaded media files are deleted from our storage
• Content already published to TikTok is not affected (managed through TikTok directly)

You may request deletion at any time by emailing support@postrr.live.

6. Your Rights (GDPR / CCPA)

Depending on your jurisdiction, you have the right to:

• Access — request a copy of all personal data we hold about you
• Rectification — correct inaccurate personal data
• Erasure — request deletion of your personal data
• Portability — receive your data in a machine-readable format
• Objection — object to processing of your personal data
• Non-discrimination — exercise your privacy rights without discriminatory treatment

To exercise any of these rights, contact support@postrr.live. We will respond within 30 days.

7. Third-Party Services

Postrr integrates with the following third-party services:

• TikTok (content publishing) — governed by TikTok's Privacy Policy
• Anthropic (AI caption generation) — captions you submit for AI rewriting are processed by Anthropic's API; no personal data is shared
• Supabase (database and authentication) — governed by Supabase's Privacy Policy

8. Cookies

We use essential cookies only for authentication and session management. We do not use tracking cookies or analytics cookies.

9. Children's Privacy

Postrr is not intended for users under the age of 18. We do not knowingly collect data from minors.

10. Changes to This Policy

We may update this policy. Material changes will be communicated via email or in-app notification. Continued use after changes constitutes acceptance.

11. Contact

For privacy questions or data requests:
Email: support@postrr.live