Your data, handled with care

We collect only what we need to deliver postvix:

• Account data — name, email, password hash (never the plain password), and authentication metadata.
• Product content — drafts, scheduled posts, niche/tone preferences, and post history you create inside the workspace.
• LinkedIn integration— an OAuth token from LinkedIn's official sign-in. We never see or store your LinkedIn password.
• Billing — handled by Stripe. We store only what Stripe returns (customer ID, subscription status) — never your card numbers.
• Usage telemetry — essential logs (IP, request path, status) for security and debugging. We do not run third-party ad trackers.

• Operate, secure, and improve the service you signed up for.
• Personalize AI drafts using your niche, goal, and tone.
• Send transactional email (confirmations, receipts, security).
• Send product email only if you opted in — you can unsubscribe at any time.
• Comply with applicable law and respond to lawful requests.

When you connect LinkedIn, you authorize postvixvia LinkedIn's official OAuth flow. We request the minimum scopes needed to draft and publish posts on your behalf.

• We never request or store your LinkedIn password.
• You can disconnect at any time from Settings or directly in LinkedIn's app permissions.
• Tokens are encrypted at rest; revoking access in LinkedIn immediately invalidates them in our system.

We do not sell your data. We share information only with vetted sub-processors who help us deliver the service:

• Stripe — payment processing.
• AI providers — generation requests for the AI writing features (no LinkedIn tokens sent).
• Cloud hosting — EU/US regions, encrypted at rest and in transit.
• Email delivery — transactional mail provider.

• TLS 1.3 in transit; AES-256 at rest.
• Passwords hashed with industry-standard algorithms — never stored in plain text.
• Role-based access controls and audit logging for sensitive operations.
• Reasonable safeguards proportional to the data we hold. No system is 100% secure, so we ask you to use a strong, unique password.

Whether you are in the UK, EU, USA, or elsewhere, you have meaningful control over your data:

• Access, export, or delete your account data at any time.
• Correct inaccurate information from Settings.
• Object to or restrict processing for specific purposes (e.g. product email).
• Lodge a complaint with your local data-protection authority.

To exercise these rights, email privacy@postvix.com.

• Account & product data is kept while your account is active.
• On deletion, content is removed within 30 days from production systems.
• Billing records may be retained longer to meet tax and accounting obligations.

We use only the cookies needed to keep you signed in and to keep the product working. We do not use third-party advertising cookies. You can control cookies in your browser at any time.

We may update this Privacy Policy as the product evolves. Material changes will be highlighted on this page, and where appropriate, sent to you by email.

Questions or requests? Email privacy@postvix.com or visit the Help Center.