Privacy Policy
Effective date: June 14, 2026
Postora stores only the data needed to connect user-approved social accounts and publish posts that users approve.
Data We Store
- Login and session records needed to secure private beta access.
- Connected account identifiers and display names.
- Threads profile fields returned by the platform, such as username, display name, profile picture URL, and biography when provided.
- OAuth tokens encrypted at rest.
- Post text, media URLs, publish status, and provider post ids.
- OAuth state records, token refresh logs, provider responses, and system event metadata needed for security, audit, and troubleshooting.
Data We Do Not Sell
Postora does not sell personal data. We do not use connected social account data for advertising, data brokerage, or unrelated profiling.
How We Use Data
We use connected account data to display account status, refresh access, and publish user-approved posts through official platform APIs.
Sharing
We share data with connected social platforms only when required to authenticate accounts, refresh access, or publish content approved by the user. We may use infrastructure providers for hosting, database, and security operations.
Token Handling
Provider access tokens are encrypted before storage. Postora does not expose raw tokens to external dashboards or public API responses.
Data Retention and Deletion
Connected account records and encrypted tokens are kept while the account remains connected. Verified deletion requests remove encrypted OAuth tokens and stop future publishing. Postora may retain minimal publish, security, and audit records where needed for troubleshooting, abuse prevention, legal compliance, or platform-policy compliance. Users can request deletion at any time by emailing help@postora.xyz. Deletion instructions are also available at Data deletion.
Affiliation
Postora is not affiliated with Meta, Instagram, Facebook, or Threads.
Contact
For privacy, support, or data deletion requests, contact help@postora.xyz.