Privacy Policy

Last Updated: March 2026

1. Introduction

Welcome to CrossPoster. We are committed to protecting your privacy and ensuring you have a positive experience on our application and services.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web and mobile application.

2. Information We Collect

2.1 Social Media Authentication

When you connect your social media accounts (Instagram, TikTok, LinkedIn, YouTube, Pinterest, X (Twitter), Bluesky, and Mastodon), we collect and store:

  • OAuth access tokens (encrypted at rest using AES-256-GCM; these credentials allow us to publish on your behalf)
  • Your social media profile information (username, profile ID)

2.2 Payment Information

When you subscribe to a paid plan, payment is processed by Stripe. We store:

  • Last 4 digits of your card, card brand, expiration date
  • Subscription details and billing history

We do NOT store your full credit card number.

2.3 User-Generated Content

When you create and publish posts through CrossPoster, we collect:

  • Post captions and text content you create
  • Images and media you upload
  • Selected publishing platforms

3. How We Use Your Information

  • Publishing: To authenticate with social platforms and publish your posts
  • Billing: To process subscriptions and payments via Stripe
  • Service Improvement: To analyze usage patterns and improve our application
  • Security: To detect, prevent, and address security issues

4. Third-Party Services

We use the following third-party services to operate CrossPoster:

  • Social media platforms (Instagram, TikTok, LinkedIn, YouTube, Pinterest, X, Bluesky, Mastodon) for publishing your content
  • Stripe for payment processing and subscription management
  • Cloudinary for media storage and content delivery

Each third-party service has its own privacy policy governing how they handle your data.

5. Data Retention and Deletion

  • You can disconnect any social media platform at any time from your Settings page. Disconnecting a platform immediately deletes the stored credentials for that platform.
  • You can request full account deletion by emailing us at support@crossposter.tech. We will delete all your data, including account information, stored tokens, and uploaded media, within 30 days.

6. Contact Us

If you have questions about this Privacy Policy, please contact us:

Email: support@crossposter.tech