Privacy Policy

1. Information We Collect

When you use Posthaste, we collect the following information:

• Slack Workspace Information: Workspace ID, channel IDs for monitored channels, and user IDs of participating team members.
• LinkedIn Profile Information: Your LinkedIn ID, name, and email address (obtained through OAuth authorization).
• OAuth Tokens: Encrypted access tokens to post on your behalf to LinkedIn.
• LinkedIn Post URLs: URLs shared in monitored Slack channels that trigger reposts.
• Repost Records: Metadata about reposts including timestamps, success/failure status, and generated captions.

2. How We Use Your Information

We use the collected information to:

• Repost LinkedIn content to your LinkedIn feed on your behalf when triggered by Slack activity.
• Generate AI-powered captions for reposts.
• Send you direct messages in Slack about token expiration warnings and repost status.
• Maintain and improve the Posthaste service.

3. Data Storage & Security

• Infrastructure: All data is stored on AWS infrastructure in the EU (eu-west-1 region).
• Encryption at Rest: OAuth tokens are encrypted using AES-256 encryption before storage.
• Encryption in Transit: All communications use SSL/TLS encryption (HTTPS).
• Access Control: Database access is restricted to authorized services only, with no public internet access.

4. Data Retention

• OAuth Tokens: Retained until you revoke access or the token expires.
• Repost History: Retained for 90 days for troubleshooting and analytics purposes.
• Account Data: Retained until you request deletion or uninstall the app from your workspace.

5. Your Rights

You have the right to:

• Access: Request a copy of the data we hold about you.
• Delete: Request deletion of your data at any time.
• Export: Request an export of your data in a machine-readable format.
• Revoke Access: Disconnect your LinkedIn account at any time through the Slack App Home.
• Pause Participation: Temporarily pause your participation without deleting your account.

To exercise any of these rights, contact us at posthaste@oag-svc.dev.

6. Third-Party Services

Posthaste integrates with the following third-party services:

• LinkedIn API: To post content on your behalf. Subject to LinkedIn's Privacy Policy.
• Slack API: To monitor channels and send messages. Subject to Slack's Privacy Policy.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

7. GDPR Compliance

For users in the European Union:

• We process your data based on your explicit consent when you authorize the app.
• You can withdraw consent at any time by disconnecting your LinkedIn account.
• Data is stored in the EU (AWS eu-west-1).
• You have the right to lodge a complaint with your local data protection authority.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by sending a message through Slack or by posting a notice on this page. Your continued use of Posthaste after such changes constitutes acceptance of the updated policy.

9. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: posthaste@oag-svc.dev