🇺🇸 EN
🇺🇸 English 🇻🇳 Tiếng Việt 🇩🇪 Deutsch 🇪🇸 Español 🇫🇷 Français 🇮🇩 Bahasa Indonesia 🇯🇵 日本語 🇰🇷 한국어 🇧🇷 Português 🇷🇺 Русский 🇹🇭 ไทย 🇨🇳 中文

Legal

Privacy Policy

Last updated: March 1, 2026

1. Introduction

PostClaw Inc. ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at postclaw.fun ("the Service").

This policy complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws. If you are located in the European Economic Area, you have additional rights described in Section 8.

2. Data We Collect

We collect information you provide directly, data generated by your use of the Service, and information from third-party integrations.

Information you provide

  • Account information: name, email address, password (hashed).
  • Profile data: company name, profile photo, timezone.
  • Payment information: processed by Stripe; we store only the last 4 digits and billing address.
  • Content you create: posts, captions, media, and workflow configurations.

Automatically collected data

  • Usage data: pages visited, features used, click patterns.
  • Device data: IP address, browser type, operating system.
  • Cookies and similar tracking technologies (see our Cookie Policy).

Third-party integrations

  • OAuth tokens for connected social media accounts (stored encrypted with AES-256-GCM).
  • Analytics data from social platforms you connect.

3. How We Use Your Data

We use collected data to:

  • Provide, operate, and improve the Service.
  • Process transactions and send related information such as purchase confirmations.
  • Send administrative communications (service updates, security alerts).
  • Send marketing communications where you have opted in.
  • Analyze usage patterns to improve user experience.
  • Comply with legal obligations and enforce our Terms of Service.

Our legal basis for processing under GDPR is: contract performance (account and subscription), legitimate interests (product improvement and security), legal obligation, and consent (marketing emails).

4. Data Sharing

We do not sell your personal data. We share data only in the following circumstances:

  • Service providers: Stripe (payments), AWS (infrastructure), Resend (email), and similar vendors who process data on our behalf under data processing agreements.
  • Social platforms: Content you publish is shared with the social media platforms you choose.
  • Legal requirements: We may disclose data if required by law, court order, or government request.
  • Business transfers: In the event of a merger or acquisition, your data may be transferred as a business asset.

5. Data Retention

We retain personal data for as long as necessary to provide the Service and comply with legal obligations:

  • Account data: retained for the duration of your account plus 90 days after deletion.
  • Published posts and analytics: retained for 24 months after publication.
  • Billing records: retained for 7 years as required by financial regulations.
  • Server logs: retained for 30 days.

6. Security

We implement industry-standard security measures including TLS encryption in transit, AES-256-GCM encryption at rest for sensitive credentials, regular security audits, and access controls. However, no method of transmission over the internet is 100% secure.

7. International Transfers

Your data may be transferred to and processed in countries outside your own, including the United States. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

8. Your Rights (GDPR & Others)

Depending on your location, you may have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your personal data ("right to be forgotten").
  • Portability: Receive your data in a structured, machine-readable format.
  • Restriction: Request that we limit processing of your data.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Withdraw consent for marketing at any time.

To exercise these rights, contact us at privacy@postclaw.fun. We will respond within 30 days.

9. Children's Privacy

The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

10. Contact

For privacy-related inquiries, contact our Data Protection Officer at privacy@postclaw.fun or through our contact page.