Last updated: January 20, 2025

1. Introduction

BlogGenAuto ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

This policy applies to users in the United States, European Union, United Kingdom, and all other jurisdictions where our service is available.

2. Information We Collect

We collect information you provide directly to us, including:

Account information (name, email address) obtained through Google Sign-In
Store connection details (e-commerce platform API credentials, store URLs)
Product information from your connected stores
Generated blog post content and preferences
Payment and billing information (processed securely via Stripe)
Social media account connections (TikTok, Meta/Facebook/Instagram)

3. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve our services
Authenticate your identity and manage your account
Generate AI-powered blog posts based on your products
Publish content to your connected social media accounts
Process transactions and send related information
Send technical notices and support messages
Respond to your comments and questions

4. Google User Data

BlogGenAuto uses Google OAuth 2.0 for user authentication. This section describes our practices regarding Google user data.

4.1 Data We Collect from Google

When you sign in with Google, we collect:

Your email address
Your name
Your profile picture (if available)
Your Google account identifier

4.2 How We Use Google Data

We use Google user data exclusively to:

Create and manage your BlogGenAuto account
Authenticate you when you sign in
Display your name and profile picture within the application
Send important account-related communications to your email

4.3 Google Data Sharing and Disclosure

We do NOT sell, rent, trade, or otherwise transfer your Google user data to any third parties.

Your Google user data is:

Never shared with advertisers or marketing companies
Never sold to data brokers or any third parties
Never used for purposes unrelated to providing our service
Only accessible to our core service infrastructure for authentication purposes

4.4 Google Data Retention and Deletion

We retain your Google user data only for as long as your account is active. When you delete your BlogGenAuto account:

All Google user data is permanently deleted within 30 days
You can also revoke our access through your Google Account settings

4.5 Google's Privacy Policy

Our use of Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We also recommend reviewing Google's Privacy Policy.

5. Meta (Facebook/Instagram) Integration

BlogGenAuto allows you to connect your Meta (Facebook and Instagram) accounts to publish content. This section describes our practices regarding Meta user data.

5.1 Data We Collect from Meta

When you connect your Meta account, we collect:

Your Meta user identifier
Access tokens required to publish content on your behalf
Basic profile information (name, profile picture)
List of pages/accounts you manage (for publishing purposes)

5.2 How We Use Meta Data

We use Meta data exclusively to:

Publish content that you create and approve to your Facebook pages or Instagram accounts
Display the status of your content publications
Maintain your connection for seamless publishing

5.3 Meta Data Sharing and Disclosure

We do NOT sell, rent, trade, or otherwise transfer your Meta user data to any third parties.

Your Meta credentials and tokens are:

Stored securely in encrypted form
Never shared with third parties
Used only for the purposes described in this policy
Deleted when you disconnect your Meta account or delete your BlogGenAuto account

5.4 Your Rights Regarding Meta Data

You have the right to:

Disconnect your Meta account at any time from your dashboard
Request deletion of all Meta-related data we store
Revoke our access through Facebook's Business Integrations settings

5.5 Meta's Privacy Policy

Our use of Meta's APIs is subject to Meta's Privacy Policy. We recommend reviewing their policy to understand how Meta handles your data.

6. TikTok Integration

BlogGenAuto allows you to connect your TikTok account to publish video content. This section describes our practices regarding TikTok user data.

6.1 Data We Collect from TikTok

When you connect your TikTok account, we collect:

Your TikTok account identifier (Open ID)
Access tokens required to publish content on your behalf
Basic profile information necessary for the integration

6.2 How We Use TikTok Data

We use TikTok data exclusively to:

Publish video content that you create and approve to your TikTok account
Display the status of your video uploads
Maintain your connection to TikTok for seamless publishing

6.3 TikTok Data Sharing and Disclosure

We do NOT sell, rent, trade, or otherwise transfer your TikTok user data to any third parties.

Your TikTok credentials and tokens are:

Stored securely in encrypted form
Never shared with third parties
Used only for the purposes described in this policy
Deleted when you disconnect your TikTok account or delete your BlogGenAuto account

6.4 Your Rights Regarding TikTok Data

You have the right to:

Disconnect your TikTok account at any time from your dashboard
Request deletion of all TikTok-related data we store
Revoke our access through TikTok's settings

6.5 TikTok's Privacy Policy

Our use of TikTok's API is subject to TikTok's Privacy Policy. We recommend reviewing their policy to understand how TikTok handles your data.

7. Stripe Payment Processing

BlogGenAuto uses Stripe for secure payment processing. This section describes our practices regarding payment data.

7.1 Data Collected for Payments

When you make a payment, Stripe collects:

Credit/debit card information
Billing address
Email address

Important: We do NOT store your full credit card number or CVV on our servers. All payment information is processed and stored securely by Stripe.

7.2 What We Store

We only store:

Your Stripe customer ID (to manage your subscription)
Subscription status and plan information
Last 4 digits of your card (for display purposes only)
Transaction history (dates and amounts)

7.3 Payment Data Sharing

We do NOT sell or share your payment information with any third parties other than Stripe for processing your payments.

7.4 Stripe's Privacy Policy

Stripe's handling of your payment data is subject to Stripe's Privacy Policy. Stripe is PCI-DSS Level 1 certified, the highest level of certification in the payment industry.

8. Data Sharing and Disclosure

We do NOT sell, rent, lease, or trade your personal data to any third parties for their marketing purposes.

We may share your information only in the following limited circumstances:

8.1 Service Providers

We share data with service providers who assist us in operating our service:

Stripe - Payment processing (receives billing information)
Google - Authentication (receives authentication requests)
TikTok - Content publishing (receives content you choose to publish)
Meta - Content publishing (receives content you choose to publish)

These providers are contractually obligated to protect your data and use it only for the specific services they provide to us.

8.2 Legal Requirements

We may disclose your information if required by law, such as:

To comply with a legal obligation or court order
To protect our rights, privacy, safety, or property
To investigate potential violations of our Terms of Service

8.3 Business Transfers

If BlogGenAuto is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email and/or prominent notice on our website of any change in ownership.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we ensure appropriate safeguards are in place:

Standard Contractual Clauses approved by the European Commission
Data Processing Agreements with all service providers
Encryption of data in transit and at rest

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

Encryption of sensitive data at rest and in transit (TLS/SSL)
Secure storage of API credentials and access tokens
Regular security assessments and updates
Access controls limiting employee access to personal data

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

11. Data Retention

We retain your information for as long as your account is active or as needed to provide services. Specifically:

Account data: Retained until you delete your account
Generated content: Retained until you delete it or your account
Payment records: Retained for 7 years for tax and legal compliance
Access tokens: Deleted immediately when you disconnect an integration

When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

12. Your Rights

12.1 Rights for All Users

Regardless of your location, you have the right to:

Access your personal data
Correct inaccurate data
Delete your account and associated data
Disconnect third-party integrations at any time
Export your data

12.2 Additional Rights for EU Residents (GDPR)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

Right to be informed: Know how your data is being used
Right of access: Request a copy of your personal data
Right to rectification: Correct inaccurate personal data
Right to erasure: Request deletion of your personal data
Right to restrict processing: Limit how we use your data
Right to data portability: Receive your data in a portable format
Right to object: Object to processing of your personal data
Right to withdraw consent: Withdraw consent at any time

Legal Basis for Processing: We process your data based on:

Your consent (for optional features)
Contract performance (to provide our services)
Legitimate interests (to improve our services)
Legal obligations (for tax and compliance)

You may lodge a complaint with your local Data Protection Authority if you believe your rights have been violated.

12.3 Additional Rights for UK Residents

If you are located in the United Kingdom, you have similar rights under the UK GDPR and Data Protection Act 2018. You may lodge a complaint with the Information Commissioner's Office (ICO).

12.4 Rights for California Residents (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

Right to know: What personal information we collect and how it's used
Right to delete: Request deletion of your personal information
Right to opt-out: Opt-out of sale of personal information
Right to non-discrimination: Not be discriminated against for exercising your rights

We do not sell personal information. As defined by the CCPA, we do not sell, rent, or share your personal information with third parties for their direct marketing purposes.

13. Children's Privacy

BlogGenAuto is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us and we will delete such information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will notify you via email.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: privacy@bloggenauto.com
General Support: support@bloggenauto.com

We will respond to your request within 30 days (or sooner as required by applicable law).