Privacy Policy

Privacy Policy

Last updated: June 12, 2026

This is the minimal privacy policy for PostZen. It covers the information we currently use to run the website, dashboard, social publishing tools, API, billing, and support.

Who we are

PostZen is operated by Dead Unicorn Inc., a company located in Alberta, Canada. This policy explains how we handle personal information when you visit PostZen, create an account, connect social accounts, use our API, or contact us.

Information we collect

  • Account information, such as your name, email address, sign-in provider, verification emails, password reset activity, and workspace profile names.
  • Connected social account information, such as platform, account IDs, usernames, display names, profile URLs, avatars, OAuth scopes, permissions, connection status, and encrypted access or refresh tokens.
  • Content you provide, including posts, captions, media uploads, alt text, scheduled times, platform options, tags, drafts, publishing status, and related error messages.
  • API and integration data, including API key names, hashed API key tokens, key prefixes, selected profile access, idempotency keys, client references, webhook settings, and delivery events.
  • Billing and payment information needed to manage paid plans. Card details are processed by Stripe; we do not store full card numbers.
  • Support and communication data, such as messages you send us, email delivery records, and troubleshooting details.
  • Basic technical data, such as session cookies, authentication state, security logs, device/browser details, and product usage events needed to operate and secure the service.

How we use information

  • To create accounts, authenticate users, secure sessions, and prevent unauthorized access.
  • To connect social accounts, refresh tokens, validate permissions, publish or schedule content, read analytics where you authorize it, and show connection health.
  • To store media, prepare platform-specific posts, retry failed publishes, keep an audit trail of post status, and send configured webhooks.
  • To provide API keys, profile access controls, support, billing, product improvements, abuse prevention, and required service notices.
  • To comply with legal obligations and enforce our agreements.

Cookies and similar technologies

We use necessary cookies and similar browser storage for authentication, security, preferences, and keeping the product usable. We do not sell personal information or use it for cross-site advertising.

When we share information

We share information only as needed to run PostZen, provide features you request, or meet legal requirements.

  • Service providers that host, store, secure, email, bill, monitor, or support PostZen, including backend, storage, email, and payment providers.
  • Connected social platforms and API providers, such as Meta/Facebook/Instagram/Threads, TikTok, LinkedIn, YouTube/Google, X, and any other platform you choose to connect.
  • Professional advisers, authorities, or other parties when required by law, to protect rights and safety, or as part of a business transaction.

Storage, security, and transfers

We use reasonable administrative, technical, and organizational safeguards. OAuth tokens are encrypted before storage, API keys are stored as hashes, and access is limited to what is needed to operate PostZen.

Because we use cloud providers and connected platforms, information may be processed outside Alberta or Canada. Those locations may have different privacy laws.

Retention and deletion

We keep information for as long as needed to provide PostZen, maintain security, resolve disputes, comply with legal obligations, and preserve legitimate business records. You can remove API keys, disconnect social accounts, delete supported content, or ask us to delete your account data. Some backups, logs, billing records, and legal records may be retained for a limited period.

Your choices

  • You can update account details and workspace profile information in the product where those controls are available.
  • You can revoke PostZen access from a connected social platform and disconnect accounts in PostZen.
  • You can request access, correction, deletion, or portability of your personal information, subject to legal limits.
  • You can opt out of non-essential communications. We may still send transactional, security, billing, or service messages.

Children

PostZen is not directed to children and should not be used by anyone who cannot legally enter into the applicable agreement for the service.

Contact

For privacy requests or questions, contact Dead Unicorn Inc. at privacy@postzen.com.