P PostHarbor
Privacy Policy

How PostHarbor collects, uses, and protects data.

This Privacy Policy applies to the PostHarbor mobile application, website, and related services. It explains what information we collect, how we collect it, why we use it, when it is shared, how long we keep it, and how users can make privacy and deletion requests.

Effective date: May 2, 2026

1. Scope

PostHarbor is a social publishing and scheduling service that lets users authenticate, connect supported social accounts, upload media, create posts, and publish or schedule content to third-party platforms. This policy covers information collected through the app, our backend services, and related operational tools.

2. Information We Collect

Depending on how you use PostHarbor, we may collect the following categories of data:

  • Account and sign-in information: name, email address, account identifiers, profile information, and sign-in details returned by Apple Sign In or Google Sign-In.
  • Authentication and session data: tokens, session identifiers, user IDs, and authentication metadata needed to keep you signed in and secure your account.
  • Connected social account information: platform account IDs, usernames, profile images, permissions granted, and other account metadata necessary to connect and publish to Facebook, Instagram, Threads, and X.
  • Content and media: post text, captions, photos, videos, upload metadata, scheduled publish times, and the social accounts you select for distribution.
  • Subscription and transaction information: subscription status, entitlement information, app user IDs, purchase-related records, and receipt validation information if subscriptions or purchases are managed through RevenueCat and the applicable app store.
  • Usage, diagnostics, and product analytics: feature usage, screen and event interactions, app version, device and operating system details, network information, approximate timestamps, crash and error information, and service performance logs. This may be collected directly by our systems or through analytics providers such as PostHog.
  • Support and communications: information you provide when you contact us for help, report a bug, or request account or data deletion.

3. How We Collect Information

  • Directly from you: when you create content, upload media, choose connected accounts, or contact support.
  • From sign-in providers: when you sign in with Apple or Google, we receive the account information and tokens necessary to authenticate you.
  • From connected social platforms: when you link Facebook, Instagram, Threads, or X accounts, we receive the data and access necessary to manage those connections and publish content on your behalf.
  • Automatically from app and backend usage: when you use PostHarbor, our backend, infrastructure, analytics, and security systems may log technical and operational events.

4. How We Use Information

  • To create and manage user accounts and sessions.
  • To authenticate users and maintain account security.
  • To connect and manage third-party social accounts.
  • To store, schedule, and publish posts and media at your direction.
  • To provide subscription access, entitlement checks, and billing-related support.
  • To monitor product usage, diagnose errors, detect abuse, and improve performance.
  • To respond to support requests, legal requests, and deletion requests.
  • To comply with legal obligations and enforce our terms.

5. Third-Party Services We Use

PostHarbor uses third-party providers to operate core features. These providers may process data on our behalf only as needed to provide the service, and we expect them to protect user data in a manner consistent with this policy and applicable law.

  • Supabase: authentication, session management, backend data services, and user account infrastructure.
  • Google Sign-In: native Google authentication and identity token handling.
  • Apple Sign In: authentication using Apple ID.
  • RevenueCat: subscription management, receipt validation, entitlement state, and purchase-related records.
  • PostHog: product analytics, diagnostics, and feature usage measurement.
  • Cloud storage and media delivery providers: object storage, presigned upload handling, and media hosting or delivery for content uploaded through the service.
  • Hosting, database, networking, and infrastructure providers: vendors that help us run our APIs, logging, security, background jobs, and related operations.

The exact service providers we use may change over time. If our data practices materially change, we will update this policy and our App Store Connect disclosures.

6. Connected Social Platforms

If you choose to connect Facebook, Instagram, Threads, or X to PostHarbor, we may receive and use account identifiers, usernames, profile images, granted scopes, and access data required to maintain the connection and publish content at your direction.

Content you send through PostHarbor may be transmitted to those platforms, and once published or processed there, it is also subject to the privacy policies and terms of the relevant third-party platform.

7. How Information Is Shared

We do not sell personal information. We may share information in the following limited situations:

  • With service providers: when needed to operate authentication, infrastructure, analytics, subscriptions, media uploads, hosting, and other core service functions.
  • With connected platforms at your direction: when you connect accounts or publish content to Facebook, Instagram, Threads, or X.
  • For security and legal reasons: to investigate abuse, enforce our agreements, comply with legal obligations, or protect users, PostHarbor, and the public.
  • As part of a business transition: if PostHarbor is involved in a merger, acquisition, financing, or asset sale, information may be transferred subject to this policy or an updated notice.

Any third party that receives user data from us to provide services for PostHarbor is expected to protect that data with at least the same level of care described in this policy and as required by applicable law.

8. Retention and Deletion

We keep personal information for as long as reasonably necessary to operate PostHarbor, maintain connected services, provide subscriptions, comply with legal obligations, resolve disputes, and enforce our agreements.

  • Account records are generally retained while your account remains active.
  • Posts and uploaded media are retained until deleted by you, removed by our systems, or no longer needed for the service.
  • Connected social account records may remain until you disconnect them or request account deletion.
  • Analytics, logs, and backups may persist for a limited period for security, reliability, fraud prevention, and recovery purposes.

To request deletion of your account and associated personal data, use the support contact information made available within the app, on the App Store product page, or on any official PostHarbor support channel we provide. Include enough information for us to identify your account, such as your sign-in method or associated email address. We may need to retain limited information where required for security, fraud prevention, accounting, or legal compliance.

9. Privacy Choices and Revoking Consent

  • You can stop using the service at any time.
  • You can disconnect linked social accounts inside the app where that functionality is provided.
  • You can delete individual posts and content inside the app where that functionality is provided.
  • You can revoke app permissions through your device settings and through the settings of Apple, Google, Facebook, Instagram, Threads, or X, as applicable.
  • You can sign out of PostHarbor using the app’s account controls.
  • You can request deletion of your account and related data using the support or privacy contact channels described above.

10. Security

We use reasonable administrative, technical, and organizational measures to protect information. That said, no system is perfectly secure, and we cannot guarantee absolute security of any data stored or transmitted through the service.

11. Children’s Privacy

PostHarbor is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date on this page and may provide additional notice when appropriate.