This Privacy Policy ("Policy") explains how SMDM.site ("SMDM," "we," "us," or "our") collects, uses, stores, shares, and protects your personal data when you access or use our AI-powered social media management platform (the "Services"). The Services include content planning, automation, publishing, analytics, team collaboration, and other features available on SMDM.site.
By using the Services, you consent to the data practices described in this Policy. If you do not agree to this Policy, please do not use the Services. We may update this Policy from time to time—see Section 10 for details on how we notify you of changes.
We collect data directly from you, from third-party social media platforms you connect to the Services, and through your use of the Services. All data collection is limited to what is necessary to provide and improve the Services.
- Account Information: When creating an account, you provide data such as your name, email address, password, and (if applicable) business name or organization details.
- Payment Information: If you subscribe to a paid plan, we collect payment details (e.g., credit card number, billing address) through our third-party payment processors (Stripe, PayPal, AMEX, Mastercard, Visa). We do not store full payment card data—this is securely managed by our payment partners.
- Team Collaboration Data: If you invite team members, you may provide their names, email addresses, and role assignments (e.g., editor, approver) to facilitate access and collaboration.
When you connect your social media accounts (e.g., Facebook, Instagram, TikTok, X/Twitter, LinkedIn) to the Services, we access data from these third-party platforms in accordance with their terms of service and your permissions. This may include:
- Public Profile Data: Your social media username, profile photo, bio, and other publicly visible information.
- Content Data: Posts, images, videos, captions, and other content you create or publish through the Services (see Section 2.2 for ownership details).
- Analytics Data: Engagement metrics (e.g., likes, comments, shares, views), audience demographics, and post performance data (to generate the Services’ analytics reports).
- Account Metadata: Information about your social media account status (e.g., active/inactive) and connection details (to ensure seamless publishing).
We automatically collect data about how you interact with the Services to improve functionality and user experience. This includes:
- Technical Data: Device type, operating system, browser version, IP address, and access times.
- Usage Activity: Features you use (e.g., AI content generator, batch scheduling), frequency of use, posts scheduled/published, and interactions with the dashboard (e.g., calendar views, report exports).
- Tracking Data: If you use our short link generator, we collect click data (e.g., number of clicks, geographic location of users, device type) to help you measure campaign performance. This data does not include personally identifiable information (PII) unless you choose to include it in the link.
When you use our AI tools (e.g., content generator, writing assistant), we may collect the inputs you provide (e.g., brand guidelines, topic keywords) and the AI-generated outputs to train and improve our AI models. This data is anonymized and aggregated to protect your privacy—we do not associate it with your personal account without your consent.
We use your data solely to provide, maintain, and improve the Services, as well as to ensure compliance with legal obligations. Specific uses include:
- Facilitate account creation and access to the Services.
- Schedule, publish, and manage content across your connected social media accounts.
- Generate analytics reports and insights about your social media performance.
- Enable team collaboration (e.g., sharing content drafts, assigning roles, tracking approvals).
- Process payments for paid subscriptions (via third-party payment processors).
- Analyze usage patterns to identify areas for improvement (e.g., optimizing the dashboard, enhancing AI features).
- Personalize your experience (e.g., suggesting relevant AI templates, tailoring analytics reports to your goals).
- Train and refine our AI models to generate more accurate, brand-aligned content.
- Send account-related notifications (e.g., password resets, subscription renewals, service updates).
- Respond to your questions, feedback, or support requests.
- Share information about new features, promotions, or updates (you can opt out of marketing communications at any time—see Section 7).
- Detect and prevent fraudulent activity, unauthorized access, or misuse of the Services.
- Enforce our Terms and Conditions and comply with applicable laws (e.g., data protection regulations, copyright laws).
- Resolve disputes and protect the rights, property, or safety of SMDM, our users, and third parties.
We may aggregate and anonymize your data (removing all identifying information) to create statistical or market research reports. This anonymized data is not linked to your personal account and may be shared with third parties (e.g., partners, investors) for business purposes.
We do not sell your personal data to third parties for marketing purposes. We only share your data in the following limited circumstances:
We engage trusted third-party providers to help deliver the Services. These providers are contractually obligated to protect your data and only use it to perform specific tasks on our behalf. Examples include:
- Payment Processors: Stripe, PayPal, and other payment partners (to process subscription payments securely).
- Cloud Storage and Hosting Providers: Services like AWS or Google Cloud (to store your data and host the platform).
- Analytics Tools: Tools to monitor Service performance and user behavior (e.g., Google Analytics, which is configured to respect "Do Not Track" signals).
- Social Media Platforms: When you publish content or access analytics, we share data with the relevant social media platforms (e.g., TikTok, Facebook) in accordance with their terms of service and your permissions.
We may share your data if required by law, court order, or regulatory request. We may also share data to protect our rights, property, or safety, or the rights, property, or safety of our users or third parties.
If SMDM is acquired, merged, or sells all or part of its assets, your data may be transferred to the acquiring entity as part of the business transaction. We will notify you of any such transfer and ensure the new entity complies with this Policy.
We may share your data with third parties if you explicitly consent to the sharing (e.g., sharing analytics reports with your business partners).
Your data is stored on secure servers hosted by our cloud storage providers (e.g., AWS, Google Cloud) in jurisdictions that comply with global data protection standards (e.g., GDPR, CCPA). We may store data in multiple locations to ensure redundancy and availability.
We retain your data for as long as your account is active or as needed to provide the Services. After you terminate your account, we retain your data for a reasonable period to:
- Comply with legal obligations (e.g., tax, audit requirements).
- Resolve disputes or enforce our Terms and Conditions.
- Prevent fraud or future misuse.
Anonymized or aggregated data may be retained indefinitely for research or improvement purposes.
We implement industry-standard security measures to protect your data from unauthorized access, loss, or misuse. These include:
- Encryption of data in transit (via HTTPS) and at rest (using AES-256 encryption).
- Multi-factor authentication (MFA) for account access (optional for users, required for admin accounts).
- Regular security audits, vulnerability scans, and penetration testing.
- Access controls that limit data access to authorized personnel only.
While we strive to protect your data, no online service is 100% secure. We cannot guarantee absolute security, and you acknowledge that you use the Services at your own risk.
Depending on your jurisdiction (e.g., EU/EEA for GDPR, California for CCPA), you have certain rights regarding your personal data. We make it easy to exercise these rights through your account settings or by contacting our support team.
- Access: Request a copy of the personal data we hold about you.
- Correction: Update or correct inaccurate or incomplete data.
- Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to legal or contractual obligations.
- Restriction of Processing: Request that we limit how we use your data (e.g., if the data is inaccurate).
- Data Portability: Request a copy of your data in a structured, machine-readable format (to transfer to another service provider).
- Objection: Object to the processing of your data for marketing or other non-essential purposes.
- Withdraw Consent: Withdraw any consent you previously gave (e.g., for AI model training) without affecting the legality of processing based on consent before withdrawal.
To exercise any of these rights, please contact us at [Insert Contact Email]. We will respond to your request within 30 days (or within the timeframe required by applicable law). We may ask for additional information to verify your identity before processing your request.
The Services may contain links to third-party websites or integrate with third-party social media platforms (e.g., TikTok, Facebook). This Policy does not apply to the data practices of these third parties. We recommend reviewing the privacy policies of any third-party sites or platforms you access through the Services.
We are not responsible for the privacy practices or content of third parties, and your use of these third-party services is at your own risk.
We may send you marketing communications (e.g., emails about new features, promotions, or industry insights) if you opt in during account creation or later consent. You can opt out of marketing communications at any time by:
- Clicking the "Unsubscribe" link in the footer of any marketing email.
- Updating your communication preferences in your account settings.
Opting out of marketing communications will not affect account-related notifications (e.g., subscription renewals, security alerts).
The Services are not intended for use by children under the age of 13 (or the minimum age required by applicable law). We do not knowingly collect personal data from children. If we learn that we have collected data from a child without parental consent, we will delete the data immediately. If you believe a child has used the Services, please contact us at [Insert Contact Email].
If you use the Services from outside the jurisdiction where your data is stored, your data may be transferred to and processed in countries with different data protection laws. We ensure that such transfers comply with applicable law by:
- Using cloud storage providers that are certified under the EU-U.S. Data Privacy Framework (DPF) or UK Extension to the DPF.
- Implementing standard contractual clauses (SCCs) approved by the European Commission for transfers to non-EEA countries.
By using the Services, you consent to the international transfer of your data as described in this Policy.
We may update this Policy from time to time to reflect changes in our data practices, legal requirements, or the Services. When we make material changes, we will:
- Post the updated Policy on the Services with a new "Last Updated" date.
- Notify you via email (sent to your account email address) or through a pop-up notification in the Services (for significant changes).
Your continued use of the Services after the effective date of the updated Policy constitutes your acceptance of the changes. We recommend reviewing this Policy periodically to stay informed about how we protect your data.
By using SMDM.site, you acknowledge that you have read, understood, and agreed to this Privacy Policy.
