← posic.io

Privacy Policy

Last updated: April 8, 2026

POSIC ("we", "our", "us") is operated by Posic Digital. This policy explains what data we collect, how we use it, and your rights.

1. What We Collect

Account data: When you sign up, we collect your email address, name, and organisation domain. We use this to create and identify your account.

Usage data: We collect information about how you use POSIC — pages visited, features used, and actions taken — to improve the product and diagnose issues.

Content you create: Todos, comments, files, and other content you create inside POSIC are stored on your behalf and used only to provide the service.

Social media data: If you connect a Facebook or Instagram account, we access your pages, posts, and engagement data using the Meta Graph API. We use this data only to provide the social publishing and analytics features you request. We do not sell this data, share it with third parties, or use it for advertising.

Google user data: If you connect Google services (including Google Drive or Google Ads), we access only the data required to provide the specific feature you enable. We do not use Google user data for any purpose other than providing the requested feature. We do not sell, transfer, or disclose Google user data to third parties except as necessary to operate the service (e.g. cloud storage providers). Our use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.

Cookies: We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.

2. How We Use Your Data

We use your data to:

  • Provide and operate POSIC
  • Send transactional emails (invitations, notifications)
  • Diagnose bugs and improve the product
  • Comply with legal obligations

We do not sell your data. We do not use your data for advertising. We do not share your data with third parties except for the infrastructure providers listed below.

3. Data Storage and Processors

Your data is processed by the following sub-processors:

  • Supabase — database and authentication (US)
  • Backblaze B2 — file storage (US)
  • Cloudflare — CDN and edge network (global)
  • Vercel — hosting and edge functions (US)
  • Resend — transactional email (US)
  • Razorpay — payment processing (India/global)

4. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where we are required to retain it by law.

Files you delete are removed from storage immediately. Trashed projects are permanently deleted after 30 days.

5. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for optional processing

To exercise any of these rights, email us at hello@posic.io.

6. Security

We use industry-standard security practices including encrypted data transmission (TLS), encrypted storage, and access controls. We require multi-factor authentication for administrative access.

7. Children

POSIC is not intended for use by children under 16. We do not knowingly collect data from children.

8. Changes to This Policy

We will notify you of material changes to this policy by email or by displaying a notice inside POSIC. Continued use after changes constitutes acceptance.

9. Contact

For privacy questions or requests: hello@posic.io

Posic Digital
hello@posic.io
posic.io

Privacy PolicyTerms of Service