Postvoy
Start free trial

POSTVOY / PRIVACY POLICY

Privacy Policy

LAST UPDATED: MAY 2, 2026

Draft

This is a starter document for V1 launch. Have it reviewed by counsel before relying on it for compliance in your jurisdiction.

This Privacy Policy explains how Postvoy ("we," "us," or "our") collects, uses, shares, and protects information about you when you visit our website, join our waitlist, create an account, or use our services (the "Service"). If you do not agree with this policy, please do not use the Service.

1. Who we are

Postvoy is an AI-powered marketing manager for X (formerly Twitter). Our service helps users plan, post, reply, and grow their X presence through a strategy-led automation engine.

For the purposes of this policy, Postvoy is the data controller for the personal data we process. You can reach us at support@postvoy.com.

2. Information we collect

When you join the waitlist

We collect the email address you submit, along with the timestamp of your submission and basic technical metadata (IP address, user agent) for abuse prevention.

When you create an account

We collect your name, email address, and a securely hashed password. We do not store your password in plain text.

When you connect your X account

If you authorize Postvoy to access your X account via OAuth, we receive an access token (and, where applicable, a refresh token) scoped to the permissions you grant. We store these tokens securely and use them only to perform actions you have configured in your workspace.

We do not receive or store your X password.

Workspace configuration data

When you onboard, we collect the configuration details you provide: product description, audience, brand voice, banned phrases, target accounts, content rules, and any other operating preferences. This data is used by our AI systems to generate posts, replies, and DMs that match your strategy.

Usage data

We collect technical and usage information about your interactions with the Service, including pages visited, actions taken, device and browser information, and approximate location derived from IP address.

Cookies and similar technologies

We use essential session cookies required to operate the Service (for example, to keep you logged in). We may also use privacy-friendly analytics cookies to understand aggregate traffic patterns. We do not use third-party advertising cookies.

3. How we use your information

We use your information to:

  • Provide, maintain, and improve the Service
  • Send transactional emails (waitlist confirmation, account welcome, billing receipts, security notifications)
  • Operate the AI engine that drafts and sends content on your behalf, strictly within the rules and permissions you configure
  • Detect, prevent, and respond to fraud, abuse, security incidents, and policy violations
  • Comply with legal obligations and enforce our Terms of Service
  • Communicate with you about product updates and changes (you can opt out of non-transactional communications at any time)

5. How we share information

We do not sell your personal data. We share information only with the third parties needed to operate the Service, including:

  • Email delivery providers (e.g., Resend) — to send transactional emails
  • X (Twitter) — when you authorize Postvoy to act on your X account, we exchange data with the X API as required to perform the actions you configure
  • Cloud hosting and infrastructure providers — to operate our application and store data securely
  • Analytics providers — to understand aggregate usage of our website
  • Payment processors — to process subscriptions and charges (we do not store full payment card numbers)
  • Law enforcement or regulators — when required by law or to protect our rights or the safety of others

All third parties we work with are bound by data protection obligations consistent with this policy.

6. Data retention

We keep your information for as long as your account is active or as needed to provide the Service. After account deletion or waitlist withdrawal, we delete or anonymize personal data within a reasonable period, except where we are legally required to retain it (for example, for tax or compliance reasons).

7. Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Receive your data in a portable format
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with your local data protection authority

To exercise any of these rights, email us at support@postvoy.com. We will respond within the timeframe required by applicable law.

8. Security

We use industry-standard administrative, technical, and physical safeguards to protect your information, including encryption in transit (TLS), encryption at rest where appropriate, access controls, and regular security reviews. No system is perfectly secure, however, and we cannot guarantee absolute security.

9. Children

The Service is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. International transfers

If you access the Service from outside the country where our servers are located, your information may be transferred across borders. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) to protect international transfers of personal data.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top. Material changes will be communicated via email or a prominent notice within the Service.

12. Contact us

If you have questions about this Privacy Policy or our handling of your information, please email support@postvoy.com.