SMPoster Privacy Policy Content

Privacy Policy for Social Scheduler Plugin
Effective Date: April 1, 2025
This Privacy Policy describes how Mobile Studios (“we,” “us,” or “our”) handles information in connection with the Social Scheduler Plugin WordPress plugin (the “Plugin”) and its interaction with social media platforms like Facebook, Instagram, and Twitter/X via our OAuth Helper Application (the “Service”).
1. Information We Collect
When you connect your social media accounts (Facebook Page, Instagram Business, Twitter/X) to the Plugin using our Service, we process the following information:
• Authentication Tokens: We receive access tokens and potentially refresh tokens from the social media platforms (e.g., Facebook) after you grant permission. These tokens allow the Plugin to interact with the respective platform on your behalf.
• Account Information: We receive basic account information associated with the connected social media profile, such as your account ID (e.g., Facebook Page ID, Instagram Business Account ID, Twitter User ID) and account name/username.
• WordPress User Information: The Plugin stores the connected account information in association with your WordPress User ID within your WordPress database.
2. How Information is Collected and Stored
• Collection: Information is collected directly from the social media platform (e.g., Facebook) via their standard OAuth 2.0 authorization flow, which you initiate from within the Plugin. Our Service facilitates this authorization process but does not persistently store your tokens or account details after passing them back to the Plugin.
• Storage: The Plugin stores the collected authentication tokens and associated account information (account ID, name, platform, token expiry) securely within your own WordPress database. This data resides on the server where your WordPress site is hosted.
3. How We Use Information
The information collected is used solely for the following purposes:
• To Connect Your Accounts: To establish an authenticated connection between the Plugin and your selected social media accounts.
• To Enable Plugin Functionality: To allow the Plugin to perform actions you initiate, such as scheduling and publishing posts to your connected accounts. Access tokens are used to make API calls to the respective platforms (e.g., Facebook Graph API, Twitter API) on your behalf.
• To Refresh Tokens: To use refresh tokens (where applicable and provided by the platform) to obtain new access tokens when the current ones expire, maintaining the connection without requiring you to re-authenticate frequently.
4. Data Sharing
We do not sell or share your collected information with third parties, except as necessary to interact with the specific social media platforms (Facebook, Instagram via Facebook Graph API, Twitter/X) to provide the Plugin’s functionality as described above. The Plugin interacts directly with the platform APIs using the stored tokens.
5. Data Security
We rely on the security of your WordPress environment for storing the authentication tokens and account information. The OAuth Helper Service uses standard security practices during the authentication flow, including HTTPS (ensure your helper app is configured for HTTPS) and state parameters for CSRF protection. You are responsible for securing your WordPress site and the server it runs on.
6. Data Retention and Deletion
Authentication tokens and associated account information are stored in your WordPress database as long as the account is connected within the Plugin settings. You can disconnect accounts and delete this stored information at any time using the methods described in our Data Deletion Instructions (see link below).
7. Your Rights
You have the right to access and delete the social media account connection data stored by the Plugin within your WordPress database. Please refer to our Data Deletion Instructions for details.
8. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
9. Contact Us
If you have any questions about this Privacy Policy, please contact us at kevin.demara@gmail.com.