Back

Privacy Policy

Last Updated: January 17, 2025
Effective Date: January 17, 2025

1. Introduction

Schedulala ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our social media scheduling service available at schedulala.com (the "Service").

By using our Service, you consent to the data collection and usage practices described in this Privacy Policy. If you do not agree with our policies and practices, do not use our Service.

2. Information We Collect

2.1 Personal Information

We collect the following personal information from you:

  • Account Information: Name, email address, profile information
  • Payment Information: Billing details processed securely through Stripe (we do not store credit card information)
  • Communication Data: Messages you send to us for customer support

2.2 Social Media Account Data

When you connect your social media accounts, we collect:

  • OAuth Tokens: Access tokens that allow us to post on your behalf
  • Account Profiles: Basic profile information from connected accounts (username, profile picture, account ID)
  • Content Data: Posts, images, and videos you create through our Service
  • Posting History: Records of posts scheduled and published through our Service

2.3 Technical Information

We automatically collect:

  • Usage Data: How you interact with our Service, features used, time spent
  • Device Information: IP address, browser type, operating system, device identifiers
  • Cookies and Tracking: Cookies, web beacons, and similar technologies for functionality and analytics
  • Log Information: Server logs, error reports, and performance metrics

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Provision

  • Creating and managing your account
  • Connecting to your social media accounts via OAuth
  • Scheduling and posting content to your connected accounts
  • Processing payments and managing subscriptions
  • Providing customer support and technical assistance

3.2 Service Improvement

  • Analyzing usage patterns to improve our Service
  • Developing new features and functionality
  • Monitoring and preventing fraud or abuse
  • Ensuring security and technical stability

3.3 Communication

  • Sending service-related notifications and updates
  • Responding to your inquiries and providing support
  • Notifying you about changes to our Service or policies
  • Marketing communications (with your consent)

4. Data Security and OAuth Token Handling

4.1 Security Measures

We implement industry-standard security measures to protect your data:

  • Encryption of data in transit and at rest
  • Secure storage of OAuth tokens with encryption
  • Regular security audits and vulnerability assessments
  • Access controls and authentication requirements
  • Secure payment processing through Stripe

4.2 OAuth Token Management

We securely store OAuth access tokens to enable automated posting to your social media accounts. These tokens are:

  • Encrypted and stored securely in our database
  • Used only for the specific permissions you granted
  • Automatically refreshed when necessary
  • Deleted when you disconnect your accounts

5. Information Sharing and Disclosure

5.1 Third-Party Services

We share your information with the following third parties:

  • Social Media Platforms: Content and posting data as directed by you
  • Payment Processors: Stripe for payment processing
  • Analytics Services: Anonymized usage data for service improvement
  • Customer Support: Support ticket platforms for assistance

5.2 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal obligations or court orders
  • Protect our rights, property, or safety
  • Prevent fraud or abuse of our Service
  • Respond to government requests or investigations

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to the same privacy protections.

6. Data Retention

We retain your information for the following periods:

  • Account Information: Until you delete your account
  • OAuth Tokens: Until you disconnect your social media accounts
  • Content Data: Until you delete specific posts or your account
  • Payment Information: As required by financial regulations (typically 7 years)
  • Usage Logs: Up to 2 years for security and analytics purposes

7. Your Rights and Choices

7.1 Access and Control

You have the following rights regarding your data:

  • Access: View and download your personal data
  • Correction: Update inaccurate or incomplete information
  • Deletion: Delete your account and associated data
  • Portability: Export your data in a machine-readable format
  • Disconnect: Remove social media account connections at any time

7.2 Cookie Preferences

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of our Service.

7.3 Marketing Communications

You can opt out of marketing communications at any time by using the unsubscribe link in emails or contacting us directly.

8. International Data Transfers

Our servers are located in Canada, and your information may be transferred to and processed in Canada or other countries where we operate. We ensure appropriate safeguards are in place for international transfers in compliance with applicable privacy laws.

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

10. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

10.1 Legal Basis for Processing

We process your data based on:

  • Consent: For marketing communications and optional features
  • Contract Performance: To provide our Service as agreed
  • Legitimate Interests: For service improvement and security
  • Legal Obligations: To comply with applicable laws

10.2 Additional GDPR Rights

  • Right to object to processing based on legitimate interests
  • Right to restrict processing in certain circumstances
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

11. California Privacy Rights (CCPA)

California residents have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising privacy rights

12. Cookies and Tracking Technologies

We use the following types of cookies and tracking technologies:

12.1 Essential Cookies

Required for basic website functionality, including:

  • Authentication and session management
  • Security features and fraud prevention
  • Load balancing and performance optimization

12.2 Analytics Cookies

Help us understand how users interact with our Service:

  • Usage statistics and performance metrics
  • Feature usage and user behavior patterns
  • Error tracking and debugging information

12.3 Functional Cookies

Enhance your experience with personalized features:

  • User preferences and settings
  • Language and region preferences
  • Dashboard layout and customizations

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Sending an email notification to your registered email address
  • Posting a notice in our Service or on our website
  • Updating the "Last Updated" date at the top of this policy

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

14. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: hello@schedulala.com

Response Time: We will respond to privacy-related inquiries within 30 days

14.1 Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at the same email address above, clearly marking your message as "GDPR Inquiry" or "Privacy Rights Request".

15. Acknowledgment

By using Schedulala, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.