Privacy Policy

Omni Posto may process account details, profile information, email address, organization details, content drafted in the product, publishing metadata, and billing information related to your use of the service.

When you connect a social platform, Omni Posto may also process the data required for that integration, such as account identifiers, OAuth permissions, publishing status, and certain performance data.

We use data to provide the service, administer workspaces, authenticate users, publish requested content, sync analytics, support billing, secure the platform, and respond to support needs.

Some data may also be used to prevent abuse, investigate incidents, log sensitive actions, and improve the product.

A support or development staff member must first initiate an access request tied to a ticket reference and a specific reason. Reading is possible only when an organization owner or admin approves that request with the required MFA check.

This approval is separate from cookie or analytics consent. It only allows an active staff member to read data needed for the ticket: account, organization, posts, visible media metadata, and displayable analytics.

The approved grant expires automatically after a maximum of 7 days and can be withdrawn at any time from Support access in settings. Every request, approval, revocation, and support read is audited.

Omni Posto uses essential cookies for session handling, security, OAuth, MFA, device binding, and the omniposto_consent_preferences cookie.

Functional browser storage may keep a Publish draft for 72 hours, remember an active AI job id, and use an IndexedDB media cache limited by default to 150 MB or 400 entries.

No visitor marketing tracker is active today. Any non-essential analytics measurement, including first-party conversions, stays blocked until analytics consent is granted.

OAuth permissions granted to Omni Posto are used only to perform the actions requested by the user on connected accounts.

Technical secrets and tokens are handled with appropriate protections and are not exposed publicly in the user interface.

Omni Posto relies on technical providers to operate the service. Depending on the features used, this may include hosting and infrastructure, authentication, database and storage services, email delivery, subscription billing, and AI providers.

Data is kept as long as necessary to provide the service, satisfy contractual requirements, secure the platform, handle disputes, or comply with legal obligations.

Some data related to videos, publications, analytics, or plan limits may be deleted or restricted depending on the active plan, user-requested actions, legal obligations, and account state.

Omni Posto uses reasonable technical and organizational safeguards to protect data against unauthorized access, loss, alteration, or disclosure.

No method provides absolute security. You are also responsible for protecting your credentials, devices, and connected accounts.

Sentry may receive technical error events to diagnose incidents and protect service stability.

The active configuration uses sendDefaultPii=false and sanitization before sending. Replay or marketing-style session tracking is not enabled without explicit analytics consent.

Omni Posto applies a strict global baseline: no non-essential tracker before consent, simple withdrawal, data minimization, and GPC honored for any future marketing, sale, or advertising share.

Depending on your region, you may have rights to access, correct, delete, object, restrict, port, or withdraw consent.

Depending on applicable law, you may request access to, correction of, deletion of, or restriction on certain personal data, and you may object to certain processing where available.

You may also request the disconnection of a social account, deletion of a workspace, or additional information about how your data is handled.