SocialUplink™ Privacy Policy

Version 1.0.0 | Effective Date: March 15, 2026

Introduction

SocialUplink™ ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services. Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please do not use the Service.

Data Collection

We collect information in the following ways:

Account Information: When you create an account, we collect your email address, display name, and authentication credentials.

Content You Create: When you use SocialUplink to create posts, we temporarily process your text, photos, and media to tailor content for each platform and publish it.

Connected Account Information: When you connect social media platforms, we store encrypted OAuth tokens and platform usernames necessary to publish on your behalf.

Usage Data: We collect basic usage statistics such as the number of posts published per month, features used, and error logs to improve the Service.

Device Information: We may collect device type, operating system version, and app version for troubleshooting and compatibility purposes.

Zero-Retention Policy (Free Tier)

SocialUplink operates on a zero-retention model for Free tier users. This is a core architectural principle, not just a feature:

  • Your content (text, photos, media) is processed in memory, tailored by AI, and published to your platforms.
  • After successful publishing, your content is purged from our servers within 24 hours.
  • We never store your raw content or AI-generated tailored content beyond the publishing window.
  • Only lightweight delivery receipts (platform, post type, status, timestamp, published URL) are retained in your Activity Log.
  • Drafts are stored locally on your device only and never synced to our servers.
  • If all publish attempts fail, a temporary backup is created for 72 hours to allow draft recovery, then automatically purged.

Content Vault (Pro Tier)

Pro tier subscribers may optionally enable the Content Vault, which persists content for additional features:

  • Content stored in the Vault is encrypted at rest using industry-standard encryption provided by our infrastructure partners.
  • Vault data includes published content, drafts, templates, and analytics history.
  • You can disable the Vault at any time from Settings, which triggers deletion of all stored content within 24 hours.
  • Vault data is used only to provide you with calendar views, analytics, draft management, and content templates.
  • Vault data is never shared with third parties or used for any purpose other than providing you with the Vault features.

AI Usage and Your Data

SocialUplink uses Claude AI (by Anthropic) to tailor your content for each platform:

  • Your content is sent to the AI service solely for the purpose of generating platform-specific versions of your posts.
  • We never use your content to train AI models. Your data is not used for model training, fine-tuning, or any machine learning purpose.
  • AI processing is ephemeral: prompts and responses are not logged or stored beyond the immediate request-response cycle.
  • AI-tailored content follows the same zero-retention or Vault storage policy as your original content.
  • You can review and edit all AI-generated content before it is published.

OAuth and Token Handling

When you connect social media platforms to SocialUplink:

  • OAuth flows are handled entirely on our backend servers. API secrets and OAuth tokens are never stored in the app binary on your device.
  • Access tokens and refresh tokens are encrypted at rest in our database using infrastructure-level encryption.
  • Tokens are used only to publish content you have explicitly approved.
  • You can revoke access at any time by disconnecting the platform from the Accounts tab, which immediately deletes the stored tokens.
  • We only request the minimum permissions necessary to post content on your behalf.

Third-Party Platform Data Sharing

When you publish content through SocialUplink, your content is sent to the platforms you have connected (e.g., Facebook, Instagram, X, WordPress, Bluesky, LinkedIn, Threads). Each platform has its own privacy policy and terms of service that govern how they handle your content after publishing.

We do not sell, rent, or share your personal information or content with any third party for marketing, advertising, or data brokerage purposes. We do not participate in data sharing arrangements with social media platforms beyond the publishing actions you explicitly initiate.

Analytics and Usage Data

  • We collect anonymized feature usage statistics (e.g., which platforms are most popular, average posts per user).
  • We collect error rates and performance metrics.
  • We do not track individual user behavior across sessions beyond what is necessary for the Service to function.
  • Analytics data is aggregated and cannot be used to identify individual users.
  • Pro users with Content Vault enabled may access their own engagement analytics (likes, comments, shares) fetched from connected platforms.

Cookies and Web Tracking

The SocialUplink mobile app does not use cookies. If you access SocialUplink via a web browser:

  • We use only essential cookies necessary for authentication and session management.
  • We do not use advertising cookies, tracking pixels, or third-party analytics scripts.
  • We do not participate in cross-site tracking or retargeting.
  • No personal data is shared with advertising networks.

Children's Privacy (COPPA Compliance)

SocialUplink is not intended for children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@truthcenteredtech.com and we will promptly delete such information.

Your Rights Under GDPR (European Users)

If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of Access: You may request a copy of the personal data we hold about you.
  • Right to Rectification: You may request correction of inaccurate personal data.
  • Right to Erasure: You may request deletion of your personal data.
  • Right to Restrict Processing: You may request that we limit how we use your data.
  • Right to Data Portability: You may request your data in a structured, machine-readable format.
  • Right to Object: You may object to our processing of your personal data.
  • Right to Withdraw Consent: You may withdraw your consent at any time.

To exercise these rights, contact us at privacy@truthcenteredtech.com. We will respond within 30 days.

Our legal basis for processing your data is: (a) performance of a contract (providing the Service); (b) your consent (where applicable); and (c) our legitimate interests (improving and securing the Service).

Your Rights Under CCPA (California Users)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following rights:

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You may request deletion of your personal information.
  • Right to Opt-Out: You have the right to opt out of the sale of your personal information. Note: we do not sell your personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise these rights, contact us at privacy@truthcenteredtech.com or use the data deletion feature in Settings.

In the preceding 12 months, we have collected: identifiers (email, display name), internet activity information (usage statistics), and commercial information (subscription tier).

Data Deletion Requests

You may request deletion of your account and all associated data at any time:

  • Contact us at privacy@truthcenteredtech.com with your account email.
  • We will process deletion requests within 30 days.
  • Upon deletion: your profile, settings, connected accounts, encrypted tokens, Content Vault data (if any), and activity logs will be permanently removed.
  • Content already published to third-party platforms is not affected by account deletion. You must manage published content directly through each platform.
  • We may retain anonymized, aggregated data that cannot identify you for statistical purposes.

International Data Transfers

SocialUplink processes data using servers located in the United States and other countries where our infrastructure providers operate. If you are located outside the United States, your data may be transferred to and processed in the United States or other jurisdictions.

We ensure appropriate safeguards for international transfers through: (a) Standard Contractual Clauses approved by the European Commission; (b) compliance with applicable data protection frameworks; and (c) contractual obligations with our infrastructure providers (Supabase, Anthropic) that require them to protect your data.

By using SocialUplink, you consent to the transfer of your information to the United States and other countries as described in this policy.

Data Security

We implement industry-standard security measures to protect your data:

  • All data in transit is encrypted using TLS 1.2 or higher.
  • OAuth tokens and API keys are encrypted at rest using infrastructure-level encryption.
  • Database access is controlled through Row Level Security (RLS) policies.
  • We conduct regular security reviews of our infrastructure.
  • Despite our efforts, no method of electronic storage is 100% secure, and we cannot guarantee absolute security.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the app and updating the version number and effective date. Your continued use of the Service after such changes constitutes acceptance of the updated policy.

Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: privacy@truthcenteredtech.com
Legal Inquiries: legal@truthcenteredtech.com
Data Protection Officer: privacy@truthcenteredtech.com