1Introduction

Welcome to SocialAssist, a Social Media Management Tool developed and operated by IFTS IT Solution Pvt. Ltd. ("we", "our", or "us"), headquartered in Lucknow, India.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you access or use SocialAssist. By using our platform, you agree to the practices described in this policy. If you do not agree, please discontinue use of the service.

2Information We Collect

We collect the following categories of data to provide and improve our services:

a) User Account & Profile Information

• Full name, email address, phone number
• Profile photo and username
• Business name, industry, and role designation
• Account login credentials (stored in encrypted form)

b) Social Media Tokens & OAuth Data

• OAuth access tokens and refresh tokens from connected platforms (Facebook, Instagram, Twitter/X, LinkedIn, etc.)
• Platform-specific user IDs and page/account identifiers
• Permissions and scopes granted by you during authorization

c) Messages & Content Data

• Posts, captions, hashtags, and media scheduled or published via SocialAssist
• Inbox messages and comments fetched for management purposes
• Content drafts, templates, and campaign data created within the platform
• Analytics data associated with published content

d) Payment & Billing Information

• Subscription plan details and billing cycle information
• Invoice history and transaction records
• Payment method details (processed securely via third-party payment gateways; we do not store raw card numbers)
• GST/Tax identification numbers (for Indian businesses)

e) Technical & Usage Data

• IP address, browser type, device information, and OS
• Log data, including pages visited, features used, and timestamps
• Cookies and session data for authentication and analytics

3How We Use Your Information

We use your data for the following purposes:

• To create and manage your SocialAssist account
• To connect and manage your linked social media accounts
• To schedule, publish, and analyze social media content on your behalf
• To process payments and issue invoices/receipts
• To send service notifications, billing reminders, and feature updates
• To provide customer support and resolve disputes
• To improve platform performance, detect bugs, and prevent abuse
• To comply with applicable laws and regulatory requirements in India

4Data Sharing & Third Parties

We may share your information only in the following limited circumstances:

• Social Media Platforms: Data is exchanged with connected platforms (Meta, LinkedIn, etc.) solely to execute your requested actions.
• Payment Processors: Billing data is shared with PCI-DSS compliant payment gateways (e.g., Razorpay, Stripe) for transaction processing.
• Infrastructure Providers: We use cloud hosting and database services (e.g., Hostinger, AWS) under strict data processing agreements.
• Legal Obligations: We may disclose information if required by Indian law, court order, or government authority.
• Business Transfers: In the event of a merger or acquisition, your data may be transferred to the successor entity with prior notice.

5Data Retention

We retain your data for as long as your account is active. Upon account deletion:

• Account and profile data is deleted within 30 days
• OAuth tokens are immediately revoked and removed
• Scheduled/published content logs are retained for 90 days for audit purposes
• Billing and invoice records are retained for 7 years as required under Indian tax laws (GST Act)

6Data Security

We implement industry-standard security measures to protect your data:

• AES-256 encryption for data at rest; TLS 1.2+ for data in transit
• OAuth 2.0 for all social media integrations (no password storage)
• Role-based access control (RBAC) for internal data access
• Regular security audits and vulnerability assessments
• Encrypted session storage for authenticated users

Despite our efforts, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but commit to prompt notification in case of a data breach.

7Your Rights

As a user, you have the following rights under applicable data protection laws (including India's DPDP Act, 2023):

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request erasure of your personal data (subject to legal retention requirements)
• Portability: Request your data in a machine-readable format
• Revoke Consent: Disconnect any social media account or revoke OAuth permissions at any time
• Opt-Out: Unsubscribe from non-essential communications at any time

To exercise any of these rights, contact us at the details provided below.

8Cookies & Tracking

SocialAssist uses cookies and similar technologies to:

• Maintain authenticated sessions
• Remember user preferences and settings
• Analyze platform usage and performance

You can control cookie settings through your browser. Disabling essential cookies may affect platform functionality.

9Children's Privacy

SocialAssist is not intended for individuals under the age of 18 years. We do not knowingly collect personal data from minors. If we become aware that a minor has provided us with personal data, we will delete it promptly.

10Changes to This Policy

We reserve the right to update this Privacy Policy at any time. Material changes will be communicated via email or an in-app notification at least 7 days before they take effect. Continued use of the platform after the effective date constitutes acceptance of the revised policy.