Privacy Policy

Postcasso ("we", "our", or "us") operates the website postcasso.com. This Privacy Policy explains how we collect, use, and protect your personal information when you use our service.

By using Postcasso, you agree to the collection and use of information in accordance with this policy. We are committed to keeping your data minimal, secure, and never selling it to third parties.

We collect only what is necessary to provide our service:

• Email address — collected when you sign up or log in via Google OAuth. Used to identify your account and send essential service communications.
• Google account information — when you sign in with Google, we receive your name, email address, and profile picture from Google. We do not access your Google Drive, Gmail, or any other Google services.
• Usage data — we may collect anonymised data such as pages visited and features used, to improve the product. This data is never linked to your identity.
• Content you provide — the experiences, insights, and inputs you enter to generate LinkedIn posts. This content is processed by our AI provider (Anthropic) and is not stored long-term on our servers.

Your data is used exclusively to:

• Create and manage your Postcasso account
• Generate LinkedIn posts based on your inputs
• Track your credit balance and usage
• Send essential account-related emails (e.g. payment confirmations)
• Improve and debug our service

We do not use your data for advertising, profiling, or selling to third parties. Ever.

Postcasso uses Razorpay to process all payments. We do not store your card details, bank account information, or any payment credentials on our servers. All payment data is handled securely by Razorpay in accordance with PCI-DSS standards.

We use the following third-party services to operate Postcasso:

• Google OAuth — for authentication. Governed by Google's Privacy Policy.
• Anthropic (Claude API) — to generate post content from your inputs. Your inputs are processed per Anthropic's Privacy Policy.
• Supabase — for secure database storage of your account and credit information.
• Razorpay — for payment processing.
• Vercel — for hosting our application.

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law.

Post generation inputs are not stored permanently and are discarded after your posts are generated.

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Withdraw consent at any time by deleting your account

To exercise any of these rights, email us at privacy@postcasso.com.

Postcasso uses minimal cookies necessary for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

We implement industry-standard security measures to protect your data, including encrypted connections (HTTPS), secure database access controls, and regular security reviews. However, no method of transmission over the internet is 100% secure.

Postcasso is not intended for users under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page with an updated date. Continued use of Postcasso after changes constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy or how we handle your data, please contact us: