PostPilot Live← Back to home

Privacy Policy

Last updated: March 18, 2026

1. Introduction

PostPilot Live ("we," "us," or "our") operates the website postpilotlive.com and the PostPilot Live social media automation service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. PostPilot Live is owned and operated by Vernon Lee.

2. Information We Collect

We collect the following types of information:

  • Account information: Your name, email address, and password when you create an account.
  • Restaurant information: Your restaurant name, address, cuisine type, description, and any details you provide to help us generate social media content.
  • Social media accounts: OAuth tokens and profile information from Facebook, Instagram, Google Business Profile, and TikTok when you connect your accounts.
  • Billing information: Payment details are processed and stored by Stripe. We do not store your full credit card number on our servers.
  • Usage data: Information about how you interact with our service, including pages visited, features used, and post performance analytics.
  • Device and log data: IP address, browser type, operating system, and access times.

3. How We Use Your Information

  • Generate and publish social media posts on your behalf using AI.
  • Manage your connected social media accounts and publishing schedule.
  • Provide analytics and insights about your social media performance.
  • Process payments and manage your subscription.
  • Send you service-related emails (account notifications, weekly reports, billing receipts).
  • Improve and develop our service.
  • Respond to your support requests.

4. Third-Party Services

We share information with the following third-party services to operate PostPilot Live:

  • Stripe: Processes payments and manages subscriptions. Stripe receives your billing information and is governed by the Stripe Privacy Policy.
  • OpenAI: Generates social media post content based on your restaurant information. We send restaurant details (not personal data) to OpenAI for content creation.
  • Meta (Facebook/Instagram): We publish posts to your connected Facebook Pages and Instagram accounts via their APIs.
  • Google: We publish posts to your connected Google Business Profile via their API.
  • TikTok: We publish posts to your connected TikTok account via their API.
  • Supabase: Provides our database and authentication infrastructure.
  • Vercel: Hosts our website and application.

5. Data Retention

We retain your account and restaurant data for as long as your account is active. Post history and analytics are retained for the lifetime of your account. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or billing purposes. Anonymized, aggregated data may be retained indefinitely.

6. Cookies and Tracking

We use essential cookies to keep you signed in and maintain your session. We do not use third-party advertising cookies or tracking pixels. We may use basic analytics to understand how our service is used and to improve it.

7. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS/SSL), encrypted database storage, and secure OAuth token handling. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Update or correct inaccurate information in your account settings.
  • Deletion: Request deletion of your account and associated data by contacting us.
  • Export: Request an export of your data in a portable format.
  • Disconnect: Revoke access to any connected social media account at any time from your dashboard.
  • Opt out: Unsubscribe from non-essential emails at any time.

9. California Privacy Rights (CCPA)

If you are a California resident, you have the right to know what personal information we collect, request deletion of your data, and opt out of the sale of personal information. We do not sell your personal information to third parties. To exercise your rights, contact us at the email below.

10. European Privacy Rights (GDPR)

If you are located in the European Economic Area, you have additional rights including the right to access, rectify, erase, restrict processing, and port your data. Our legal basis for processing is your consent (when you create an account) and contract performance (to deliver the service you subscribed to). To exercise your rights, contact us at the email below.

11. Children's Privacy

PostPilot Live is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website. Your continued use of PostPilot Live after changes are posted constitutes your acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

hello@postpilotlive.com