Privacy Policy

Last updated: February 23, 2026

CreatifyHQ ("we", "us", "our") operates the website www.creatifyhq.com and the application app.creatifyhq.com. This Privacy Policy explains how we collect, use, store, and protect your personal information and social media data.

1. Information We Collect

• Account information: name, email address, password (hashed), billing information
• Social media tokens: OAuth access tokens and refresh tokens for connected social media platforms. We never store your social media passwords.
• Content data: posts, captions, images, and videos you create or schedule through our platform
• Usage data: how you interact with our application, features used, and publishing history
• Analytics data: engagement metrics, reach, and performance data retrieved from your connected social platforms

2. How We Use Social Media Data

When you connect a social media account to CreatifyHQ, we request permission to:

• Read your public profile information (name, profile picture, account ID)
• Publish content on your behalf to platforms you explicitly select
• Read engagement metrics (likes, comments, shares, reach) from your published posts
• Schedule posts for future publishing at times you choose

We do not sell your social media data to third parties. We do not access your direct messages. We do not post content without your explicit instruction or scheduled authorization.

3. Meta Platform Data (Facebook, Instagram, Threads, WhatsApp)

CreatifyHQ uses the Meta Graph API and Instagram Graph API to publish content and retrieve analytics on your behalf. Data obtained through Meta APIs is used solely to provide you with the CreatifyHQ service and is not transferred to any third party, used for advertising, or stored beyond what is necessary to deliver the service. You may revoke CreatifyHQ's access to your Meta accounts at any time via your Facebook Settings → Apps and Websites.

4. Data Storage and Security

• OAuth tokens are encrypted at rest using AES-256 encryption
• All data is stored on servers located in the United States (Railway.app infrastructure)
• All connections between your browser and our servers use HTTPS/TLS encryption
• We perform regular security audits and penetration testing

5. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data, social media tokens, and content are permanently deleted within 30 days.

6. Your Rights

• Right to access your data
• Right to correct inaccurate data
• Right to delete your data (right to be forgotten)
• Right to export your data in a portable format
• Right to revoke social media access at any time

7. Third-Party Services

We use the following third-party services to operate CreatifyHQ:

• Stripe — payment processing (subject to Stripe's privacy policy)
• Railway.app — cloud infrastructure hosting
• OpenAI — AI content generation
• Anthropic — AI content generation (Claude)
• Google Gemini — AI content generation

8. Cookies

We use essential cookies to maintain your login session and preferences. We do not use advertising cookies or third-party tracking cookies.

9. Children's Privacy

CreatifyHQ is not directed to children under 13. We do not knowingly collect personal information from children.

10. Changes to This Policy

We will notify you by email and with an in-app notice at least 14 days before any material changes to this Privacy Policy take effect.

11. Contact Us

For privacy questions or data requests, contact us at: privacy@creatifyhq.com

CreatifyHQ Inc.
Registered in Canada