1. Introduction

PopArticle ("we," "our," or "us") operates the PopArticle platform, an AI-powered content generation and management service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website, APIs, and related services (collectively, the "Service").

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not access or use the Service.

2. Information We Collect

2.1 Personal Information

When you register for an account, we may collect:

• Full name
• Email address
• Username
• Password (stored in hashed form)
• Profile image URL (if provided or obtained via OAuth)

2.2 OAuth and Social Login Data

When you authenticate via third-party OAuth providers (Google, GitHub, LinkedIn, Facebook), we receive and store:

• Your name and email from the OAuth provider
• Profile photo URL from the OAuth provider
• OAuth provider identifier
• OAuth access tokens (used solely to authenticate your identity)

2.3 Social Media Posting Credentials

If you choose to connect social media accounts for content distribution (e.g., Facebook, Twitter/X, LinkedIn, Instagram), we may collect and store:

• Social media access tokens and refresh tokens
• Social media page/account identifiers
• Platform-specific permissions you have granted

These credentials are stored securely and used exclusively to publish or schedule content on your behalf to the platforms you have authorized. You can revoke access at any time through your account settings or the respective social media platform.

2.4 Content Data

We store articles, comments, categories, and other content you create or generate using our Service. This includes AI-generated content produced on your behalf.

2.5 Usage and Log Data

We automatically collect information about how you interact with our Service, including IP addresses, browser type, device information, pages visited, and access times. This data helps us improve the Service and diagnose technical issues.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Authenticate your identity and manage your account
• Generate, schedule, and publish content on your behalf
• Post content to your connected social media accounts as authorized by you
• Send transactional emails (e.g., team invitations, account notifications)
• Support multi-tenant functionality (managing separate websites/organizations)
• Respond to your inquiries, support requests, and messages
• Monitor and analyze usage trends to improve user experience
• Detect, prevent, and address fraud, abuse, and security issues

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• With your consent: When you explicitly authorize us to share information, such as when connecting social media accounts for content posting.
• Within your tenant/organization: Team members within the same tenant may see shared articles, categories, and team information.
• Third-party service providers: We use trusted third-party services for hosting, analytics, email delivery, and AI content generation. These providers are contractually obligated to protect your data.
• Social media platforms: When you authorize us to post content to your social media accounts, the content and associated metadata are shared with those platforms per their own terms of service.
• Legal requirements: We may disclose your information if required by law, regulation, or legal process.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of passwords using industry-standard hashing algorithms
• JWT-based authentication with token expiration
• Secure storage of API keys and OAuth tokens
• HTTPS encryption for all data in transit
• Regular security audits and updates

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee its absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you the Service. You may request deletion of your account and associated data at any time by contacting us. Content you have published to external social media platforms is governed by those platforms' retention policies.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate personal data.
• Deletion: Request deletion of your personal data.
• Portability: Request your data in a portable format.
• Withdraw consent: Revoke previously granted consent for data processing activities, including social media account connections.

To exercise any of these rights, please contact us using the information provided below.

8. Cookies and Tracking

We use cookies to store authentication tokens (access tokens and refresh tokens) and user session data. These cookies are essential for the Service to function and are not used for advertising or tracking purposes. By using the Service, you consent to the use of these essential cookies.

9. Third-Party Services

Our Service integrates with third-party services, including AI content generation providers, OAuth authentication providers (Google, GitHub, LinkedIn, Facebook), and social media platforms. Each third-party service has its own privacy policy, and we encourage you to review them. We are not responsible for the privacy practices of third-party services.

10. Children's Privacy

The Service is not intended for use by individuals under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us so we can take appropriate action.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after any changes constitute your acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us via our Contact Page.