Privacy Policy
1. Who We Are
Postari ("the App", "we", "us") is an iOS application developed by Pavel Lobashkin. API integrations and data processing services are provided by IE Yunetskaya (Registration № KZ39UWQ08589323, TIN 040509601180).
This Privacy Policy explains how we collect, use, and protect your information when you use the App.
Contact: support@postari.app
2. What Data We Collect
2.1 Data You Provide
- Threads Account (OAuth token): When you connect your Threads account, we receive an OAuth access token issued by Meta Platforms. The token is stored on your device in the iOS Keychain. A copy is also stored on our backend in encrypted form (AES-GCM, with a server-held key) so that we can publish scheduled posts on your behalf when your device is offline and so that the backend can call the Threads API on your account. We also store the Threads user ID, username, and token expiry timestamp. The encrypted token is removed when you disconnect the account or delete your account data.
- Expert profile: Your niche, target audience description, content tone and style preferences. Stored locally on your device only.
- Draft content: Posts and drafts you create in the Planner are stored locally on your device. Scheduled posts (posts with a future publish date) are also stored in our backend database to enable server-side scheduling and publication.
- Support requests: If you use the Feedback screen, we collect the issue category, your message, optional reply email, app version/build, iOS version, locale, app language, connected account identifier if available, and submission timestamp. The reply email is optional and is used only to respond to your request.
2.2 Data Accessed on Your Device
- Photo Library: The App requests access to your photo library solely to display and save media inside the Media screen and to manage a dedicated "Postari" album. We do not upload your photos to any server.
- Microphone: Used only for the Voice Input feature. Audio is recorded locally, sent to our backend for transcription, and the audio file is deleted immediately after processing. We do not store your audio recordings.
2.3 Identifiers We Generate or Collect
- Voice Client ID: A randomly generated UUID created on first use of the Voice Input feature. Stored on your device and sent with each voice request to our backend to enforce per-device daily usage quotas. This identifier is not linked to your name or Threads account.
- Push Notification Token (APNs): If you use the Planner, your iOS device token is registered with our backend to deliver post-publication status notifications. You can revoke this by disabling notifications for Postari in iOS Settings.
- Planner authentication: Requests to scheduled-post endpoints are authenticated using your Threads OAuth token (sent as a bearer credential and verified against Meta). We do not maintain a separate password or secret for the Planner.
2.4 Data We Do NOT Collect
- We do not require your name, email, or account registration to use the App.
- We do not track your location.
- We do not use advertising SDKs or third-party analytics.
- We do not sell your data to any third party.
3. AI-Generated Content
The App supports multiple AI providers for generating post content, analyzing style, and generating replies. When you request AI assistance, your prompt and context are sent to the selected provider — either directly from the app or via our Cloudflare Worker backend proxy.
3.1 Anthropic Claude
- Provider: Anthropic, PBC
- Model: claude-sonnet-4-6
- Data sent: your prompt, system instructions, and relevant profile context (niche, audience, tone)
- Anthropic processes this data in accordance with their Privacy Policy
3.2 OpenAI
- Provider: OpenAI, LLC
- Model: gpt-4o-mini (text generation); Whisper (voice transcription)
- Data sent for text generation: your prompt, system instructions, profile context
- Data sent for voice transcription: audio recording (routed through our Cloudflare Worker)
- OpenAI processes this data in accordance with their Privacy Policy
In all cases: We do not send your Threads credentials, OAuth tokens, saved posts, or photo library content to any AI provider.
4. Voice Input
When you use Voice Input, your audio recording is sent over HTTPS to our Cloudflare Worker backend. The Worker forwards the audio to OpenAI's Whisper API for transcription. The audio file is deleted from our backend immediately after transcription is complete. The resulting transcript is returned to your device and never stored server-side.
5. Scheduled Posts (Planner)
When you schedule a post for future publication, the post content, scheduled time, status, publish attempts, and (if publishing fails) the last error code and message are stored in our Cloudflare D1 database. This is necessary to publish the post at the scheduled time even if your device is offline. Your scheduled post data is associated with your Threads User ID via an internal account record that holds your encrypted Threads OAuth token (see Section 2.1).
You can delete any scheduled post from within the Planner. Deleting the post removes it from our database.
6. Threads API
The App uses the official Threads API (by Meta Platforms). By connecting your Threads account you also agree to Meta's Terms of Service and Privacy Policy. We access your Threads profile and post data solely to provide in-app features. We never post to your account without explicit action on your part.
7. Data Storage and Security
- Third-party AI provider API keys (Anthropic, OpenAI) are held only on our Cloudflare Worker backend and are never shipped inside the iOS app.
- Your Threads OAuth token is stored on your device in the iOS Keychain and on our backend in encrypted form (AES-GCM with a server-held key) so the backend can publish scheduled posts and call the Threads API on your behalf.
- Scheduled post data, account records, push device tokens, voice quota counters, and support tickets are stored in Cloudflare D1. All client–server traffic uses HTTPS.
- Support requests are transmitted via HTTPS to our Cloudflare Worker and stored as support tickets in Cloudflare D1. Internal Telegram/email notifications contain the ticket number and technical metadata, not the full message body or reply email.
- We do not store audio recordings beyond the duration of the transcription request.
- We do not include OAuth tokens, API keys, photo-library content, or raw debug logs in any server-side storage.
8. Children's Privacy
The App is not directed to children under 13. We do not knowingly collect personal information from children under 13.
9. Data Deletion and Your Rights
Device data
To remove all local App data, delete the App from your device. This removes locally stored tokens, drafts, saved posts, profile data, and all Keychain entries.
Server-side data
You can delete your server-side data from within the App:
- Scheduled posts: Delete individual posts from the Planner, or delete all scheduled posts from Profile → Settings → Delete Account Data.
- Account record (encrypted Threads token, username, Threads user ID): Removed when you disconnect the Threads account or run Delete Account Data.
- Push notification token: Automatically deregistered when you disconnect your Threads account.
- Support feedback: Retained for up to 12 months unless you delete your account data earlier. Support tickets associated with your connected account are deleted by the in-app account data deletion flow.
To request full deletion of all server-side data associated with your account, use the in-app option at Profile → Profile deletion, or contact us at support@postari.app.
10. Changes to This Policy
We may update this Privacy Policy. We will notify you of significant changes by updating the "Last updated" date above. Continued use of the App after changes constitutes acceptance of the updated policy.
11. Contact
If you have questions about this Privacy Policy, contact us at:
support@postari.app
API integrations and data processing services are provided by IE Yunetskaya (Registration № KZ39UWQ08589323, TIN 040509601180).
Public URL: https://postari.app/privacy