Social0Social0

Privacy Policy

Last updated: February 2026

1. Introduction

Social0 (“we,” “our,” or “us”) respects your privacy. This Privacy Policy explains what information we collect, how we use it, how we protect it, and your rights regarding your data when you use our social media management service.

2. Information we collect

We collect information you provide and information we obtain when you use the Service:

  • Account information: When you sign in (e.g. with Google), we receive and store the identifiers and profile data provided by that provider (such as name, email, profile picture) as needed to operate your account.
  • Connected account (OAuth) data: When you connect a social platform (LinkedIn, Instagram, YouTube, Pinterest, TikTok, X, Threads, Bluesky), we receive access tokens and related data from that platform. We request only the minimum scopes necessary to publish and manage content on your behalf. We do not receive or store your passwords for these platforms.
  • Content and usage: We store the content you create (posts, media references, scheduling data) and logs necessary to operate, secure, and improve the Service.

3. How we use your information

We use the information above to: provide the Service (e.g. publishing and scheduling posts); maintain and secure your account; store and refresh OAuth tokens so we can act on your behalf; improve the Service; and comply with law. We do not sell your personal information. We do not use your connected account data for advertising targeting or for purposes unrelated to providing the Service.

4. Data storage and security

OAuth tokens and other credentials are encrypted at rest using AES-256-GCM. We use per-account key derivation (HKDF) and do not expose tokens to your browser or to frontend code. Tokens are used only on the server to perform actions you request (e.g. posting to a platform). We follow industry practices to protect data in transit and at rest. If a platform supports PKCE or similar security measures, we use them where applicable.

5. Cookies and similar technologies

We use cookies and similar technologies for authentication, session management, and security (e.g. HTTP-only cookies for session and CSRF protection). We do not use cookies for third-party advertising. You can control cookies through your browser settings, though disabling them may affect your ability to use the Service.

6. Third-party services

We integrate with third-party authentication providers (e.g. Google) and with each social platform you connect. Those providers have their own privacy policies. When you connect a platform, we receive only the data that platform makes available via its API for the scopes you authorize. We use that data solely to provide the Service (e.g. posting, scheduling). We may use other third-party services (e.g. hosting, analytics) that process data on our behalf under contractual obligations consistent with this policy.

7. Google user data

Social0's use of data received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

When you connect your YouTube account, we request the following scopes:

  • youtube.upload — to upload and publish videos to your YouTube channel on your behalf.
  • youtube.readonly — to verify your channel details and check upload status.

We do not sell, share, transfer, or disclose your Google user data to any third parties. Google user data is used exclusively to provide the core scheduling and publishing features of Social0. It is never used for advertising, profiling, or any purpose unrelated to the Service. Data is stored encrypted and access is revoked upon disconnecting your account.

8. Data retention and deletion

We retain your data for as long as your account is active and as needed to provide the Service and comply with legal obligations. When you disconnect a social account, we stop using its tokens and remove or anonymize associated data in line with our retention practices. When you request account deletion, we will delete or anonymize your personal data and connected-account data within a reasonable period, except where we must retain data for legal, security, or legitimate operational reasons. You may contact us to request deletion or a copy of your data.

9. Your rights

Depending on your location, you may have the right to access, correct, delete, or port your personal data, or to object to or restrict certain processing. You can disconnect social accounts and request account deletion from the Service or by contacting us. We will respond to valid requests in accordance with applicable law.

10. Updates to this policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the “Last updated” date. For material changes we may provide additional notice (e.g. email or in-app). Continued use of the Service after the update constitutes acceptance of the revised policy.

11. Contact

For privacy-related questions or to exercise your rights, please contact us at privacy@social0.app.