SocialSgnlSocialSgnl

Privacy Policy

Last Updated: March 31, 2026

1. Introduction

Welcome to SocialSgnl ("we," "our," or "us"). We operate the SocialSgnl platform ("Service"), a social media management tool that helps businesses monitor and engage with their communities on Facebook Groups. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

By using our Service, you consent to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Data We Collect

We collect the following categories of personal data:

2.1 Account Data

  • Identity Data: Your name, email address, and profile picture as provided through Google Sign-In.
  • Authentication Data: Account credentials managed through our authentication provider (Supabase Auth).

2.2 Brand & Business Data

  • Brand Profiles: Brand name, mission, tagline, industry, target audience, logo, website URL, key selling points, and tone guidelines that you provide.
  • Custom AI Instructions: Any custom instructions you configure for AI comment generation.

2.3 Facebook Data

  • Facebook Session Cookies: When you connect a Facebook account, you provide your Facebook session cookies. These may be provided manually (by pasting exported cookies) or via our browser extension ("SocialSgnl Cookie Connector"), which reads your Facebook cookies directly from your browser when you explicitly click "Connect." In both cases, cookies are transmitted over HTTPS and stored encrypted in our database vault. We use these cookies solely to access Facebook Groups on your behalf for post monitoring and engagement.
  • Facebook Group Data: Group names, URLs, and membership information for groups you add to the platform.
  • Post Data: Content, author information, and engagement metrics from posts in your monitored Facebook Groups.
  • Comment Data: AI-generated comments, approval status, confidence scores, and posting results.

2.4 Technical & Usage Data

  • Technical Data: IP address, browser type and version, time zone, operating system, and device information.
  • Usage Data: How you interact with our Service, including features used, activity logs, and system metrics.
  • Subscription Data: Your subscription tier, usage quotas, and billing period information.

2.5 Payment Data

Payment processing is handled by third-party payment processors. We do not store your full credit card number, CVV, or other sensitive payment credentials on our servers. Our payment processors may collect your name, billing address, and payment method details in accordance with their own privacy policies.

3. How We Use Your Data

We use your personal data for the following purposes:

  • Providing the Service: To operate the platform, including monitoring Facebook Group posts, generating suggested comments, managing moderation queues, and scheduling content on your behalf.
  • AI Processing: Your brand data (name, mission, tone guidelines, selling points) and Facebook post content are sent to third-party AI services to generate contextual comments. No personal account credentials or Facebook session cookies are sent to AI providers.
  • Account Management: To create and manage your account, authenticate your identity, and provide customer support.
  • Billing: To process subscriptions, enforce usage quotas, and manage payments through our payment processors.
  • Service Improvement: To monitor performance, analyze usage patterns, diagnose technical issues, and improve our Service.
  • Communication: To send you service-related notices, updates, and support messages.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

4. AI Processing & Content Generation

Our Service uses third-party artificial intelligence services to analyze Facebook posts and generate comments. Specifically:

  • Post content and your brand profile data are sent to AI providers for analysis and comment generation.
  • AI assigns relevance scores, confidence scores, and tone classifications to generated comments.
  • If you enable streamlined approval, comments meeting your configured confidence threshold may be published on your behalf without additional manual review.
  • You can disable streamlined approval at any time and manually review all comments before they are published.

We do not use AI to make decisions that produce legal effects or similarly significant effects on you. AI processing is limited to content generation and analysis for social media engagement.

5. Third-Party Services

We share data with the following categories of third-party service providers:

  • Cloud Infrastructure: Our application is hosted on cloud infrastructure providers that store and process your data on our behalf.
  • Database & Authentication: We use Supabase for database hosting, user authentication, and secure storage of encrypted credentials.
  • AI Services: Third-party AI providers process post content and brand data to generate comments. These providers process data according to their own privacy policies and data processing agreements.
  • Payment Processors: Third-party payment processors handle all billing and payment transactions.

We do not sell your personal data to third parties. We only share data as necessary to provide the Service or as required by law.

6. Facebook Cookie Security

We take the security of your Facebook session cookies very seriously:

  • Cookies are encrypted before storage and kept in a secure database vault.
  • Access to stored cookies is strictly limited to Service processes that perform actions on your behalf.
  • Cookies have a tracked expiration date and must be periodically refreshed by you.
  • You can disconnect your Facebook account and remove stored cookies at any time through the platform.

Please note that providing your Facebook session cookies carries inherent risk. We strongly recommend using a dedicated Facebook account. We are not responsible for any actions taken on your Facebook account outside of the Service's intended functionality.

7. Cookies & Tracking Technologies

We use cookies and similar technologies on our website for authentication, session management, and to remember your preferences. You can instruct your browser to refuse cookies, but this may prevent you from using certain features of the Service.

8. Data Retention

  • Account Data: Retained for as long as your account is active. Upon account deletion, your personal data will be deleted within 30 days, except where retention is required by law.
  • Brand & Facebook Data: Retained for as long as the associated brand profile exists in your account. Deleted when you remove the brand or delete your account.
  • Post & Comment Data: Retained for as long as your account is active to provide analytics and history. Deleted upon account deletion.
  • System Logs: Retained for up to 90 days for troubleshooting and then automatically purged.
  • Payment Records: Retained as required by applicable tax and accounting laws.

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal data, including encryption at rest and in transit, secure credential storage via database vaults, access controls, and regular security reviews. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

10. International Data Transfers

Our Service is available worldwide. Your data may be transferred to and processed in countries other than your country of residence, including countries that may not provide the same level of data protection. By using the Service, you consent to such transfers. Where required by law, we implement appropriate safeguards such as standard contractual clauses to protect your data during international transfers.

11. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Restriction: Request that we restrict processing of your data in certain circumstances.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing of your data based on legitimate interests.
  • Withdraw Consent: Where processing is based on consent, withdraw that consent at any time.

To exercise any of these rights, please contact us at privacy@socialsgnl.com. We will respond to your request within 30 days.

11.1 Rights for European Economic Area (EEA) Residents

If you are in the EEA, our legal bases for processing your data under the GDPR are: (a) performance of our contract with you (providing the Service), (b) our legitimate interests (improving the Service, preventing fraud), and (c) your consent (where applicable). You also have the right to lodge a complaint with your local data protection authority.

11.2 Rights for California Residents

Under the California Consumer Privacy Act (CCPA), California residents have the right to: know what personal information is collected, request deletion of personal information, opt out of the sale of personal information (we do not sell personal information), and not be discriminated against for exercising these rights.

12. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us.

13. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users via email and, where required by law, the relevant supervisory authorities within 72 hours of becoming aware of the breach. The notification will include the nature of the breach, likely consequences, and measures taken to address it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. For significant changes, we will provide additional notice via email or an in-app notification. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

15. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have a privacy concern, please contact us at:

Email: privacy@socialsgnl.com