Privacy Policy

This Privacy Policy explains how BrandGrid ("we", "our", "us") collects, uses, shares, and protects your information when you use our web application and services. By using BrandGrid, you agree to this policy.

Information We Collect

• Account information: email, name (if provided), authentication via Supabase Auth.
• Brand data: records stored in tables like brands, brand_settings, brand_documents, brand_thoughts, brand_products.
• Chat data: conversation history/state in user_chats and conversation_state.
• Social connections: Facebook/Instagram/LinkedIn/X (Twitter) OAuth tokens, access tokens, page and IG business account metadata.
• Scheduled posts: content, scheduling data, and post execution logs.
• Usage and logs: system and node execution logs for operations and stability.
• Cookies: session/auth cookies used via @supabase/ssr as necessary.

How We Use Information

• Provide the service: login/auth, brand management, content generation.
• Social publishing: publish posts to Instagram, LinkedIn, X (Twitter) via their respective APIs.
• AI features: generate content/insights with OpenAI, Google AI, and Perplexity.
• Video generation: create and process video content for your brands.
• Scheduled posts: execute and manage scheduled social media posts.
• Improvement and security: debugging, performance, abuse prevention.
• Legal compliance: comply with applicable laws and respond to lawful requests.

Third Parties We Use

• Supabase: database, authentication, and server-side utilities.
• AI providers: OpenAI, Google AI, Perplexity for AI-powered functionality.
• Social media APIs: Meta Graph API (Facebook/Instagram), LinkedIn API, X (Twitter) API for social posting.
• AWS S3: cloud storage for brand assets and generated content.
• Netlify: hosting and deployment.

Data Sharing

We do not sell your personal information. We share data only with trusted third-party service providers necessary to operate our service. We may share information if required by law or to protect our rights.

Data Retention

We retain your data while your account is active or as required by law. You may request deletion of your data at any time. We will delete your data within a reasonable timeframe upon request.

Security

We implement appropriate technical and organizational measures including encryption, secure authentication, and access controls to protect your information. However, no method of transmission over the Internet is 100% secure.

Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, restrict processing, data portability, and withdraw consent. You can exercise these rights by contacting us through the support channels provided in the application.

Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such data, we will delete it immediately.

Cookies

We use essential cookies for session management and authentication. These cookies are necessary for the basic functionality of the service. You can control cookies through your browser settings, but disabling them may affect the functionality of the service.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. By using our service, you consent to such transfers. We ensure appropriate safeguards are in place to protect your data during international transfers.

Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by updating the "Last updated" date. Your continued use of the service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us through the support channels available in your account dashboard.