Post Daily ("Post Daily", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.
1 Information We Collect
Account Information
When you create an account, we collect:
Full name and email address
Company or organization name
Website URLs associated with your business
Password (stored using one-way cryptographic hashing)
API Keys and Integration Credentials
To connect with third-party services, you may provide:
API keys for AI services (Anthropic Claude, fal.ai)
OAuth tokens for social media platforms (Facebook, Instagram, X/Twitter, LinkedIn, TikTok)
Buffer API credentials for content scheduling
All API keys and OAuth tokens are encrypted at rest in our database using industry-standard encryption. We never display full API keys after they have been saved.
Content Data
We store content you create or that is generated on your behalf, including:
Marketing posts, headlines, and body text
Generated images and videos
Content calendars and scheduling data
Product knowledge base entries
Usage Data
We automatically collect:
Feature usage and agent run statistics
Content generation and publishing metrics
API call volumes per tenant
Login timestamps and IP addresses
Browser type and device information
2 How We Use Your Information
We use the information we collect to:
Provide, operate, and maintain the Post Daily platform
Generate marketing content using AI services on your behalf
Publish content to your connected social media accounts
Monitor platform performance and usage analytics per tenant
Improve our services, develop new features, and fix bugs
Enforce our Terms of Service and prevent abuse
Comply with legal obligations
We do not sell your personal information. We do not use your content to train AI models. Your marketing content belongs to you.
3 Data Sharing and Third Parties
We share data with the following categories of third-party service providers, strictly as necessary to deliver our services:
AI Content Generation
Anthropic (Claude AI) - Your product knowledge and content briefs are sent to Claude to generate marketing copy. Data is processed under Anthropic's API terms and is not used to train their models.
fal.ai - Text prompts are sent to generate images and videos. Generated media is returned to and stored on our servers.
Social Media Publishing
Buffer - Content and media are sent to Buffer for scheduling and publishing to your connected social channels.
Social media platforms (Facebook/Meta, Instagram, X/Twitter, LinkedIn, TikTok) - Content is published to these platforms via their APIs using your authorized OAuth connections.
Payments
Stripe - Payment card details are collected and processed entirely by Stripe. We do not store your full credit card number. Stripe's privacy policy applies to payment data.
Email Communications
Resend - Transactional emails (account notifications, billing alerts) are delivered through Resend's email infrastructure.
Infrastructure
Microsoft Azure - Our platform is hosted on Azure cloud infrastructure in United States data centers. Azure provides physical security, network security, and infrastructure reliability.
We may also disclose your information if required by law, regulation, subpoena, or court order, or if necessary to protect the rights, property, or safety of Post Daily, our users, or the public.
4 Data Storage and Security
We implement industry-standard security measures to protect your data:
Encryption in transit - All data transmitted between your browser and our servers is encrypted using TLS/HTTPS.
Encryption at rest - API keys and sensitive credentials are encrypted in our database using AES-256 encryption.
Password security - Passwords are hashed using bcrypt with per-user salts and are never stored in plain text.
Tenant isolation - All data is segregated by tenant. Each organization's data is logically isolated and inaccessible to other tenants.
Azure hosting - Our infrastructure is hosted on Microsoft Azure in US data centers with enterprise-grade physical and network security.
Access controls - Internal access to production data is restricted to authorized personnel and logged via audit trails.
While we take extensive measures to secure your data, no method of electronic storage or transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your information using commercially reasonable standards.
5 Cookies and Tracking
We use a minimal set of cookies and similar technologies:
Authentication tokens - Stored in your browser's local storage to keep you logged in. These are JSON Web Tokens (JWTs) and are essential for the platform to function.
Session preferences - We may store UI preferences (such as selected views or dismissed notices) in local storage.
We do not use third-party advertising cookies or cross-site tracking pixels. We do not participate in advertising networks or serve targeted ads.
6 Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Access - You can request a copy of all personal data we hold about you.
Export - You can export all your content, knowledge base entries, and account data at any time through the platform's built-in data export feature.
Correction - You can update your account information directly in the platform settings.
Deletion - You can request complete deletion of your account and all associated data. See our Data Deletion Policy for details.
Portability - You can receive your data in a structured, machine-readable format via our export feature.
Objection - You can object to certain types of data processing.
Restriction - You can request that we restrict processing of your data in certain circumstances.
Active accounts - All account data, content, and usage history are retained for as long as your account is active.
Cancelled subscriptions - Account data is retained for 90 days after cancellation to allow for reactivation, after which it is scheduled for deletion.
Deletion requests - Upon receiving a data deletion request, all personal data and content are permanently deleted within 30 days.
Audit logs - Security and audit logs may be retained for up to 12 months for compliance and security purposes.
Billing records - Transaction records may be retained as required by applicable tax and accounting laws.
8 Children's Privacy
Post Daily is a business-to-business (B2B) platform designed for professionals and organizations. Our services are not directed at individuals under the age of 13 (or the applicable age of consent in your jurisdiction).
We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at support@marketingcommandcenter.com.
9 International Data Transfers
Our servers are located in the United States. If you access our services from outside the United States, your data will be transferred to and processed in the United States.
For users in the European Economic Area (EEA), United Kingdom, or other regions with data transfer restrictions, we rely on the following mechanisms to lawfully transfer data:
Standard Contractual Clauses (SCCs) approved by the European Commission
Your explicit consent to the transfer when you create an account and accept these terms
The necessity of the transfer for the performance of our contract with you
10 GDPR Compliance GDPR
If you are located in the European Economic Area (EEA) or the United Kingdom, the General Data Protection Regulation (GDPR) provides you with additional rights and protections.
Legal Basis for Processing
We process your personal data under the following legal bases:
Contract performance - Processing necessary to provide you with the services you have subscribed to.
Legitimate interest - Processing necessary for our legitimate business interests, such as improving our platform, preventing fraud, and ensuring security.
Consent - Where you have given us explicit consent for specific processing activities (e.g., marketing communications).
Legal obligation - Processing necessary to comply with applicable laws and regulations.
Your GDPR Rights
In addition to the rights listed in Section 6, GDPR grants you the right to:
Withdraw consent at any time where processing is based on consent
Lodge a complaint with your local data protection authority
Request information about automated decision-making (we do not make solely automated decisions that produce legal effects concerning you)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information.
Categories of Information Collected
In the preceding 12 months, we have collected the following categories of personal information:
Identifiers (name, email address, IP address)
Commercial information (subscription plan, payment history)
Internet or network activity (usage data, feature interactions)
Professional or employment-related information (company name, job role)
Your CCPA Rights
Right to Know - You can request details about the categories and specific pieces of personal information we have collected.
Right to Delete - You can request deletion of your personal information, subject to certain exceptions.
Right to Non-Discrimination - We will not discriminate against you for exercising your CCPA rights.
Right to Opt-Out of Sale - We do not sell your personal information to third parties.
Do Not Sell My Personal Information
Post Daily does not sell, rent, or trade your personal information to third parties for monetary or other valuable consideration.
To exercise your CCPA rights, contact us at support@marketingcommandcenter.com. We will verify your identity and respond within 45 days.
12 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:
We will update the "Last updated" date at the top of this page
We will notify registered users via email for significant changes
We will post a notice on our platform dashboard
Your continued use of Post Daily after any changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this page periodically.
13 Contact Information
If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us: