WePostForYou

Privacy Policy

Last updated: April 1, 2026

At We Post For You (WePostForYou), protecting your data is at the heart of our commitment. This page details how we process your information through our platform and our tools connected to social network APIs.

Publisher Legal Information

  • Company name : We Post For You (WePostForYou)
  • Legal form : Société par actions simplifiée (SAS)
  • SIREN : 101 718 559
  • RCS : 101 718 559 R.C.S. Carcassonne
  • EUID : FR1101.101718559
  • Headquarters : 5 Rue des 4 Vents, 11300 Limoux, France
  • Legal representative : Ahmed HAMADI (Président)
  • Registration date : 26/02/2026
  • Domain name : wepostforyou.fr

1. Data Collection

We collect only the data strictly necessary for the proper functioning of our service:

  • Account information: Name, email, and encrypted password.
  • Social platform data: Access tokens, Facebook page names, Instagram, YouTube, TikTok, LinkedIn, Snapchat, X (Twitter), Threads, Google Business Profile account identifiers and publication statistics.
  • Content: Scheduled publications, images, videos, AI-generated texts.

2. Social Network API Usage

Compliance: We use the official APIs of connectable platforms: Meta (Facebook, Instagram, Threads), Google (YouTube and Google Business Profile), TikTok, LinkedIn, Snapchat and X (Twitter).

Google / YouTube Data

"WePostForYou's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements."

WePostForYou uses Google/YouTube data solely to allow users to publish content on their own channels. No data is used for advertising, external analytics, or shared with third parties.

Facebook / Instagram (Meta) Data

WePostForYou only accesses data necessary for managing and scheduling publications on users' pages and Instagram accounts. No personal private data is read or stored.

TikTok Data

WePostForYou only accesses data necessary for publishing content on TikTok, after explicit user action. WePostForYou does not access private messages, does not collect unnecessary data, and never publishes automatically without validation.

LinkedIn Data

WePostForYou allows content publishing on LinkedIn only at the user's request. No mass automated actions or spam-like behavior is performed.

Snapchat, X, Threads and Google Business Data

For Snapchat, X (Twitter), Threads, and Google Business Profile, we only access data strictly necessary for account connection, scheduling, and publishing content on behalf of the user. No data is resold or used for third-party advertising.

3. Storage and Security

Your access tokens are stored securely and encrypted in our database. We retain your data only for as long as necessary to provide the service or until you request deletion.

Security: All connections are encrypted via HTTPS. Passwords are hashed with bcrypt. OAuth tokens are stored securely.

3.1 Data Protection Mechanisms for Sensitive Data

WePostForYou implements the following technical and organizational measures to protect your sensitive data, including OAuth tokens and data received from third-party APIs:

Data Encryption

  • In transit: All communications are encrypted via TLS 1.2+ (HTTPS). No data is transmitted in plaintext.
  • At rest: OAuth tokens and sensitive data are encrypted in our database. Passwords are hashed with bcrypt (unique salt per user).

Access Control

  • Access to user data is limited to authorized personnel only, following the principle of least privilege.
  • Application authentication relies on secure sessions managed by NextAuth with signed tokens (JWT).
  • API keys and application secrets are stored in secure environment variables, never in source code.

Data Minimization

  • We collect only data strictly necessary for the service to function (content publishing).
  • OAuth scopes requested are limited to the strict minimum required for each platform.
  • No additional personal data (contacts, private messages, browsing history) is collected.

Data Sharing and Disclosure

  • Your data is never sold, rented, or shared with third parties for advertising or commercial purposes.
  • Data is only transmitted to the social platform APIs you have explicitly connected, and only to execute actions you have requested.
  • No subcontractor has access to your sensitive data without a confidentiality agreement.

OAuth Token Management

  • Access and refresh tokens are stored encrypted and are never exposed client-side.
  • Tokens are automatically refreshed when necessary and old tokens are invalidated.
  • When revoked by the user, all associated tokens are immediately deleted from our systems.

Incident Response

  • In case of a data breach, affected users will be notified within 72 hours in accordance with the GDPR.
  • Compromised OAuth tokens will be immediately revoked and users will be asked to reconnect their accounts.
  • A security incident log is maintained and reviewed regularly.

Infrastructure and Hosting

  • The application is hosted on Vercel, a SOC 2 Type II compliant platform.
  • The database is hosted on Supabase with encryption at rest and automatic backups.
  • Security updates are regularly applied across all infrastructure.

4. Your Rights (GDPR)

In accordance with the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access: View your data in your account settings
  • Right to rectification: Modify your personal information
  • Right to erasure: Delete your account and all your data
  • Right to data portability: Export your data

5. Data Deletion

Users can delete their account and all associated data directly from the application settings (Settings → Subscription → Delete my account) or by contacting our support. Deletion is final within 30 days.

For more details, see our data deletion page.

6. Cookies and Trackers

We use essential cookies to:

  • Maintain your login session (NextAuth)
  • Store your preferences (light/dark theme)

We do NOT use advertising cookies or third-party tracking.

7. Changes to This Policy

We reserve the right to modify this privacy policy. Any changes will be published on this page with an updated date.

Need help?

For any questions about your data or for a deletion request:

📧 support@wepostforyou.fr

Back to homeLegal noticesTerms of ServiceCGUPolicyData deletion

© 2026 WePostForYou - All rights reserved

Privacy Policy - WePostForYou