SocialHub - Social Media Management for Retail

1. Data Controller

SocialHub ("we," "us," or "our") is the data controller responsible for your personal data. We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Contact Information:

SocialHub Data Protection Officer

Email: privacy@socialhub.app

2. Data We Collect

We collect the following categories of personal data when you use SocialHub:

2.1 Account Information

Store name and business information
Email address
Phone number (optional)
Password (encrypted)

2.2 Social Media Account Data

Connected social media account identifiers (Facebook, Instagram, LinkedIn)
OAuth tokens for posting on your behalf
Social media page/profile names and IDs
Analytics data from connected platforms (engagement, reach, impressions)

2.3 Content Data

Social media posts you create and schedule
Images you upload to the platform
AI-generated content suggestions and prompts
Calendar and scheduling preferences

2.4 Usage and Technical Data

IP address and device information
Browser type and settings
Usage patterns and feature interactions
Error logs and performance data

2.5 Payment Information

Billing address
Payment method details (processed by Stripe; we do not store full card numbers)
Transaction history and invoices

3. How We Use Your Data

We use your personal data for the following purposes:

Service Delivery: To provide our social media management features, including AI-powered content generation, post scheduling, and analytics
Account Management: To create and manage your account, authenticate access, and provide customer support
Social Media Integration: To connect with and post to your social media accounts on your behalf
Analytics: To provide performance insights and analytics dashboards for your social media presence
Billing: To process payments, manage subscriptions, and send invoices
Communication: To send service updates, security alerts, and marketing communications (with consent)
Improvement: To analyze usage patterns and improve our services and AI algorithms
Legal Compliance: To comply with legal obligations and protect our rights

4. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on the following legal grounds:

Contract Performance: Processing necessary to provide our services as outlined in our Terms of Service
Consent: For marketing communications and optional features; you may withdraw consent at any time
Legitimate Interests: For service improvement, fraud prevention, and security measures, balanced against your rights
Legal Obligation: To comply with tax, accounting, and other regulatory requirements

6. Data Retention

We retain your personal data for as long as necessary to provide our services and fulfill the purposes outlined in this policy:

Account Data: Retained while your account is active and for 30 days after deletion request
Content Data: Retained while your account is active; deleted upon account closure
Analytics Data: Aggregated data retained for up to 2 years for service improvement
Billing Records: Retained for 7 years as required by tax and accounting regulations
Security Logs: Retained for 12 months for security and fraud prevention

7. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

Right of Access: Request a copy of the personal data we hold about you
Right to Rectification: Request correction of inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Restrict Processing: Request limitation of how we use your data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests or for direct marketing
Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, contact us at privacy@socialhub.app. We will respond to your request within 30 days.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

Encryption of data in transit (TLS 1.3) and at rest
Secure password hashing using industry-standard algorithms
Regular security assessments and penetration testing
Access controls and authentication mechanisms
Employee training on data protection
Incident response procedures for data breaches

9. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions for countries with equivalent data protection
Data processing agreements with all service providers

10. Cookies and Tracking

We use cookies and similar technologies to:

Essential Cookies: Required for authentication and security
Functional Cookies: Remember your preferences and settings
Analytics Cookies: Understand how you use our service (with consent)

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may affect service functionality.

11. Children's Privacy

SocialHub is designed for business use and is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through in-app notifications at least 30 days before they take effect. Your continued use of SocialHub after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Data Protection Officer