AckPost Privacy Policy

Effective Date: May 13, 2026

This Privacy Policy applies to AckPost, available at https://ackpost.com, and to the AckPost social publishing platform, integrations, support workflows, and related services.

1. Information We Collect

We collect information you provide when creating an account: name, email address, and billing information. We also collect data from connected social media accounts, such as page names, destination identifiers, post status, proof records, comments or messages made available through connected inbox features, and post engagement metrics, solely for the purpose of providing the AckPost service.

If you use migration or import features, we may process uploaded CSV files, scheduling exports, media URLs, captions, destination names, notes, and related migration metadata. Migration files are used to validate, preview, import, troubleshoot, and support your requested migration. We recommend removing unrelated columns or sensitive personal data before upload.

If you enable API, MCP, or agent-access features, we may process API key metadata, tool names, request timestamps, workspace identifiers, status codes, and limited audit metadata. We do not intentionally store raw API keys after creation, and audit records are designed to avoid storing full post text, passwords, OAuth tokens, or payment card data.

2. How We Use Your Information

Your information is used to operate the AckPost platform: schedule and publish posts, generate proof artifacts, manage approvals, process migration imports, maintain connected account health, prepare inbox drafts, send service emails, and provide analytics. We do not sell your personal data to third parties.

For TikTok and other connected platforms, AckPost only requests platform permissions needed for the features you authorize, such as identifying the connected account, preparing or publishing approved content when available, and recording provider responses for proof and troubleshooting.

3. Data Storage

All data is stored securely on Supabase (PostgreSQL) infrastructure. Payment information is processed by Stripe and never stored on our servers. OAuth tokens and connected-account credentials are used only to operate the integrations you authorize and should be revoked from AckPost or the connected platform when you no longer want that integration active.

Connected-account tokens are stored by reference and are not exposed in normal user interfaces, logs, API responses, MCP responses, or public pages. AckPost may keep proof logs, provider responses, and audit events to help teams verify what happened, investigate failures, support customers, and prevent abuse.

4. AI, Automation, and MCP Data

When you use AI-assisted drafting, smart replies, auto-reply settings, content generation, or MCP/agent tools, AckPost may process prompts, draft content, workspace configuration, brand voice settings, connected destination metadata, and relevant operational context to provide the feature. Side-effect actions may be logged for accountability and safety.

Automation features are user-controlled. If a workflow prepares, schedules, publishes, sends, approves, rejects, deletes, or changes account settings, AckPost may record who or what initiated the action, when it occurred, and the related workspace object.

5. Retention and Deletion

You may request access to, correction of, or deletion of your personal data at any time by contacting hello@ackpost.com. Data deletion requests are processed within 30 days where legally and technically feasible.

We may retain limited audit, billing, security, fraud-prevention, platform proof, and legal records when necessary to comply with obligations, resolve disputes, investigate abuse, preserve publishing proof, or maintain service integrity. Migration files and imported content may be deleted on request unless retained for one of these limited purposes.

6. Contact

For privacy inquiries: hello@ackpost.com