Privacy Policy | PostPadi

Privacy Policy

Last updated: August 4, 2025

PostPadi (“PostPadi,” “we,” “us,” or “our”) is owned and operated by Giftly LLC. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our websites, apps, and services (collectively, the “Services”). If you have questions, contact us at info@postpadi.com.

INTRODUCTION

PostPadi is built to offer efficient social media management—enabling you to create platform-specific content, preview how it will look on each platform, and automatically schedule posts across multiple social networks from a single dashboard. You can manage comments and DMs, collaborate with teammates, and track performance, all in one place.

For a seamless user experience, our Services integrate with third-party platforms that may collect information used to identify you. These third-party apps include Facebook, X (Twitter), LinkedIn, TikTok, and Google (including YouTube API Services). Their respective privacy policies govern how those platforms process your information. PostPadi is independent of these social networks; please review their policies carefully.

Third-Party Privacy Policies

1) What PostPadi Does

PostPadi is an AI-powered social media management platform. You can ideate and draft posts, schedule and publish to supported networks, manage a unified DMs/comments inbox, collaborate, and analyze performance. Our mobile apps extend this functionality on the go.

2) Scope

This Policy applies to personal information we process about visitors, customers, prospects, and users of the Services—including data obtained via integrations with third-party platforms when you connect your accounts to PostPadi.

3) Roles: Controller vs. Processor

  • Controller: For account, billing, marketing, and product analytics data, PostPadi (Giftly LLC) acts as a data controller.
  • Processor: For social content, messages, media, and metadata you route through the Services, PostPadi acts as a data processor on your instructions. You remain the controller of that content in relation to the social networks you use.

4) What Information Do We Collect?

Personal Information You Disclose to Us

In short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide when you register, request information, participate in activities on the Services, make purchases, or contact us.

Personal Information Provided by You

The personal information we collect depends on your interactions and the features you use. It may include:

  • names; phone numbers; job titles; usernames; contact preferences;
  • passwords; contact or authentication data;
  • billing addresses; mailing addresses; email addresses;
  • debit/credit card numbers (via payment processors); transaction identifiers;
  • company names; company industry; language; timezone;
  • social profile information; specific locations (optional);
  • social media content and other user-generated content (posts, comments, pages, media);
  • messaging content (DMs/comments you manage through the inbox);
  • social media and messaging metadata; usage data and analytics.

Sensitive Information. We do not process sensitive information.

Payment Data

We may collect data necessary to process payments (e.g., payment instrument type and limited details), but full card data is stored by our processors. Payment processors: Stripe and Paystack.

Social Media Login Data

We may provide the option to register or sign in using your existing social account (e.g., Facebook, X, LinkedIn). If you choose this, we will receive information as described in “How Do We Handle Your Social Logins?” below.

Application Data (Mobile & Desktop Apps)

  • Geolocation Information: We may request location access (continuous or while in use) for certain features. You can change this in your device settings.
  • Mobile Device Access: We may request access to device features (e.g., storage) to support uploads or drafts. You can change permissions in your settings.
  • Mobile Device Data: Device ID, model, OS, app version, carrier/ISP, IP (or proxy), and diagnostics to maintain security and troubleshoot.
  • Push Notifications: With permission, we may send push notifications about your account or features. You may disable them in settings.

This information is primarily needed to maintain security and operations, for troubleshooting, and for internal analytics and reporting.

Information Automatically Collected

In short: Some information (like IP address and device characteristics) is automatically collected when you use the Services.

We automatically collect device and usage information—such as IP address, device type, OS, language, referring URLs, approximate location, timestamps, features used, and error diagnostics. We also use cookies and similar technologies.

  • Log and Usage Data: IP, browser type, settings, pages viewed, searches, timestamps, feature usage, device events (e.g., crash logs).
  • Device Data: Device/app identifiers, hardware model, OS, ISP or carrier, and system configuration.
  • Location Data: Approximate or precise location depending on device settings; you can disable location sharing in your device or browser.

5) How Do We Process Your Information?

In short: We process information to provide, improve, and administer the Services, communicate with you, secure the platform, and comply with law. We may also process information with your consent.

  • Facilitate account creation, authentication, and user management.
  • Deliver core features (publishing, scheduling, inbox, analytics, collaboration, AI assistance).
  • Respond to inquiries and provide support; send service and transactional messages.
  • Fulfill and manage orders, subscriptions, returns, and billing.
  • Enable user-to-user communications where applicable.
  • Request feedback and improve Services based on usage trends.
  • Send marketing and promotional communications (according to your preferences).
  • Deliver targeted content/ads (where permitted) and measure campaign effectiveness.
  • Protect the Services (fraud monitoring, abuse prevention, platform policy compliance).
  • Comply with legal obligations; protect vital interests and safety.
  • Improve our website and applications.

6) Legal Bases for Processing (EEA/UK)

Where GDPR/UK GDPR applies, we process under one or more bases: contract necessity, legitimate interests (e.g., security, service improvement), consent (where required), and legal obligations.

7) Cookies & Tracking

We use cookies and similar technologies for authentication, security, preferences, analytics, and product improvement. You can manage cookies via your browser/system settings; some features may not function if certain cookies are disabled.

8) Social Platform Integrations

  • General: PostPadi never publishes to your connected social accounts unless you or your authorized users schedule or trigger the action. You can revoke access anytime from the platform or within PostPadi.
  • YouTube/Google: Our use of YouTube API Services adheres to Google policies. Review Google’s Privacy Policy at policies.google.com/privacy and revoke PostPadi’s access at myaccount.google.com/permissions. We access only the scopes you grant and use data solely to provide enabled features.

9) How Do We Handle Your Social Logins?

If you choose to register or log in with a social account, we receive certain profile information from that provider (per your settings), such as your name, email address, profile picture, and tokens/permissions. We use this information to authenticate you and operate the features you enable. You can disconnect social logins at any time via the third-party platform or within PostPadi.

10) Sharing & Disclosures

  • Service Providers/Subprocessors: hosting, storage, analytics, support, notifications, security, and AI vendors—bound by contracts and confidentiality.
  • Platform Providers: when you connect a platform (e.g., Meta, X, LinkedIn, TikTok, YouTube), data flows as required to deliver the integration and is governed by those platforms’ terms.
  • Business Transfers: in connection with a merger, acquisition, or similar event.
  • Legal: to comply with law, enforce terms, or protect rights, safety, and security.

11) AI Features

When you use AI features, your prompts and generated content may be processed by PostPadi systems and vetted AI providers to deliver the feature. We do not permit AI providers to use your data to train their models beyond what is necessary to provide the Service to PostPadi, unless you separately consent. You can disable AI features in settings where available.

12) Data Retention

We retain personal information as long as necessary to provide the Services and for legitimate business or legal purposes (e.g., security, auditing, tax). We delete or anonymize data when no longer required.

13) Security

We implement technical and organizational measures appropriate to the risk, including encryption in transit, access controls, audit logging, and vulnerability management. No security controls are perfect; please use strong passwords, MFA, and manage access on connected platforms prudently.

14) International Transfers

We may process and store information in the United States and other countries. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for transfers from the EEA/UK.

15) Your Rights & Choices

  • EEA/UK: access, rectification, erasure, restriction, portability, and objection (including to direct marketing). Withdraw consent at any time where applicable.
  • CCPA/CPRA (California): right to know, delete, correct, and opt-out of “sale”/“sharing” of personal information. We do not sell personal information as defined by CPRA. Exercise rights via info@postpadi.com.
  • Marketing Opt-Outs: unsubscribe links in emails; notification controls in apps; cookie controls in browsers.

16) Children’s Privacy

The Services are not directed to children under 13 (or under 16 in some jurisdictions). We do not knowingly collect personal information from children. If you believe a child provided personal information, contact us to delete it.

17) Data Subject/Consumer Requests

To exercise privacy rights, contact info@postpadi.com. We may verify your request and respond as required by applicable law. Authorized agent requests must include proof of authorization.

18) Third-Party Links

Our Services may include links to third-party sites or services. Their privacy practices are governed by their own policies.

19) Changes to this Policy

We may update this Policy from time to time. Material changes will be notified via the Services or by email. Your continued use after the effective date constitutes acceptance.

20) Contact Us

Giftly LLC (d/b/a PostPadi)
Email: info@postpadi.com