Socialiser

Privacy Policy

Last updated: 25 May 2026 · Effective immediately

This Privacy Policy explains how Socialiser App Ltd ("Socialiser", "we", "us", or "our"), a company registered in England and Wales, collects, uses, and protects your information when you use our mobile application and website (collectively, the "Service").

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you are based outside the UK, your data may be processed in the UK — we apply UK GDPR standards regardless.

What we collect
How we use your data
AI processing (Anthropic Claude, OpenAI Whisper)
Social media + sales platform integrations
Who we share data with
How long we keep it
Your rights
Security
Cookies + analytics
Children
Changes to this policy
Contact us

1. What we collect

We collect only what we need to run the Service:

Account data

Email address, password (hashed, never stored in plain text)
Business name, industry, location, contact details you provide
Subscription tier and billing status (via Apple App Store, Google Play, or RevenueCat — we never store your card details directly)

Content you create

Posts, captions, hashtags, media uploads (images, video)
Brand kit details: colours, fonts, tone, signature elements, reference images
Campaign plans, scheduled posts, automation rules

Connected accounts

OAuth tokens for the social platforms you connect (Instagram, Facebook, TikTok, Google Business, etc.) — stored encrypted; we never see your passwords
Tokens for sales platforms (Stripe, Square, Uber Eats, Shopify, etc.) when you opt in to revenue attribution

Usage data

App version, device type, OS version, crash reports (no personally identifiable content)
Feature usage analytics — aggregated, used to improve the product

2. How we use your data

We use your data to:

Provide the Service: publish your posts, schedule them, generate AI content matched to your brand
Personalise AI output: your brand kit is sent to our AI providers (Anthropic, OpenAI) as context for every generation
Process payments via the App Store, Google Play, or RevenueCat
Send transactional emails (receipts, password resets, important account notices)
Improve the Service via aggregate, anonymised usage analytics
Comply with legal obligations (tax, fraud prevention, court orders)

We will never sell your data, your brand kit, your content, or your audience information to third parties.

3. AI processing (Anthropic Claude, OpenAI Whisper)

Socialiser uses AI from Anthropic (the Claude API) to generate captions, hashtags, model recommendations, ad campaigns, growth opportunities, and performance insights. We also use OpenAI Whisper for optional voice-to-text features.

When you use an AI feature, we send the following to the AI provider:

The text of your prompt
Your brand context (business name, tone, colours, visual style, signature elements, recent posts, learned preferences, past winners)
For voice input: the audio file you recorded (Whisper only)
For image extraction (Brand Auto-Extract): the photos you upload

Anthropic and OpenAI process this data under their own privacy policies — both contractually agree not to train their models on your data via their API. We do not store the raw API responses beyond the necessary cache to display them to you. The "Smart Memory" and "Past Winners" features store anonymised summaries of accepted AI outputs locally on your device and in our database — they are never shared between users.

4. Social media + sales platform integrations

When you connect Instagram, Facebook, TikTok, Google Business Profile, Pinterest, LinkedIn, X, Threads, Snapchat, Stripe, Square, Uber Eats, Deliveroo, Shopify or other platforms, we use the official APIs provided by those platforms. We request the minimum permissions needed to post on your behalf, read engagement data, and pull sales attribution.

We never post without your explicit approval. Autonomous Growth Agent automations (welcome DMs, comment funnels) operate within the rate limits of each platform's official API and stop the moment you toggle them off.

You can revoke our access to any connected platform at any time — either inside Socialiser (Settings → Connected accounts) or in the platform's own settings.

We share data only with:

Cloudflare (hosting, DNS, AI proxy) — UK GDPR compliant, ISO 27001 certified
Supabase (database, auth, file storage) — EU region available, SOC 2 Type 2 certified
Anthropic (Claude AI) — for AI generation; do not train on your data
OpenAI (Whisper voice) — only when you use voice input
RevenueCat / Apple / Google — for subscription billing
Resend (transactional email) — for password resets, receipts
The social media + sales platforms you choose to connect
Legal / regulatory authorities when legally required

6. How long we keep it

Account data: while your account is active, plus 30 days after closure
Content (posts, captions, media): for as long as you keep it in the app; you can delete any item at any time
Generated AI outputs: rolling last 30 per user for the Visual Consistency Engine; older ones auto-purged
Anonymised analytics: retained indefinitely
Billing records: 7 years (HMRC requirement)

7. Your rights (UK GDPR)

You have the right to:

Access a copy of all the data we hold about you
Correct inaccurate data
Delete your account and all associated data ("right to be forgotten")
Export your data in a portable format (JSON download)
Restrict or object to certain types of processing
Withdraw consent at any time (with no penalty)
Complain to the UK Information Commissioner's Office (ICO) at ico.org.uk

Email [email protected] to exercise any of these rights. We respond within 30 days as required by UK GDPR.

8. Security

All data in transit is encrypted (TLS 1.3)
Passwords are hashed using industry-standard algorithms (Argon2 / bcrypt)
OAuth tokens and API keys are encrypted at rest
The Anthropic API key is held server-side (Cloudflare Worker) — never bundled into the app
We use 2FA-protected admin accounts on all infrastructure providers
Suspected breaches reported to the ICO within 72 hours as required

9. Cookies + analytics

Our marketing website (socialiser.app) uses Cloudflare's privacy-preserving analytics — no cookies, no cross-site tracking. The mobile app uses no tracking cookies. Crash reports are anonymised before submission.

10. Children

Socialiser is intended for business owners aged 18 and over. We do not knowingly collect data from anyone under 18. If you believe a minor has signed up, contact us and we'll delete the account.

11. Changes to this policy

If we make material changes we'll notify you in-app and via email at least 14 days before they take effect. The "Last updated" date at the top reflects the most recent change.

12. Contact us

Data Controller: Socialiser App Ltd
Registered office: [TODO — your registered office address from Companies House]
Company number: [TODO — your Companies House number]
Email: [email protected]
General: [email protected]

← Back to socialiser.app · Terms of Service