PostEngine
Legal

Privacy Policy

How PostEngine collects, uses, and protects your information.

Last updated: June 1, 2025

Welcome to PostEngine ("we", "us", or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our social media automation platform. By accessing or using PostEngine, you agree to this Privacy Policy.

1. Information We Collect

  • Account Information: Name, email address, and profile information provided during registration.
  • Facebook & Instagram Data: Pages, profiles, and permissions you explicitly grant via Meta's OAuth system.
  • Content Data: Post text, images, videos, captions, hashtags, and scheduling data you create within PostEngine.
  • Usage Data: Log data, IP addresses, browser type, pages visited, and platform interactions.
  • Payment Data: Billing details processed by third-party processors — we never store full card numbers.

2. Facebook & Instagram Login Permissions

During the OAuth flow, we request these permissions:

  • pages_manage_posts – Create and publish posts on your Facebook Pages.
  • pages_read_engagement – Read basic engagement metrics.
  • instagram_basic – Access your Instagram Business account.
  • instagram_content_publish – Publish photos, videos, and carousels to Instagram.
  • pages_show_list – List which Facebook Pages you manage.

You can revoke permissions anytime via Facebook Settings .

3. OAuth Authentication

  • We never see or store your Facebook or Instagram password.
  • You authorize PostEngine directly through Meta's secure login dialog.
  • Meta issues a time-limited access token we use to act on your behalf.
  • You can revoke access at any time through your Meta account settings.

4. Access Token Storage

  • All tokens encrypted with AES-256 at rest.
  • Transmitted exclusively over HTTPS (TLS 1.2+).
  • Stored in isolated, role-based access-controlled environments.
  • Tokens deleted immediately upon disconnection or account deletion.

5. Scheduled Posting Permissions

By using PostEngine's scheduling features, you authorize us to:

  • Store your post content until the scheduled publish time.
  • Auto-publish to your selected Facebook Pages and Instagram accounts at the scheduled time.
  • Retry failed publications up to 3 times within a 24-hour window.
  • Send email or in-app notifications about publishing status.
You retain full ownership of all content. We never use it beyond delivering the service.

6. User Privacy Protection

  • End-to-end HTTPS encryption for all data in transit.
  • AES-256 encryption for all sensitive data at rest.
  • Role-based access controls — only authorized staff can access user data.
  • Regular security audits and penetration testing.
  • GDPR and CCPA compliance. No third-party ad tracking on your data.

7. Data Deletion Requests

You have the right to request deletion of your personal data at any time:

  • Email privacy@postengine.io with subject "Data Deletion Request".
  • Or use the "Delete My Account" option in your account settings.
  • We will process your request within 30 days and confirm deletion via email.

Contact Us

Questions about this Privacy Policy? We're here to help.

privacy@postengine.io hello@postengine.io