Privacy Policy

We collect information you provide directly to us, including:

• Account Information: Name, email address, and password when you create an account.
• Social Media Data: When you connect your social media accounts to Creator App, we access analytics data from those platforms in accordance with their APIs and terms of service. See the *Third-Party Platform Data* section below for platform-by-platform details.
• Payment Information: Payment details are processed securely through Stripe, Inc. We do not store your full credit card number on our servers.
• Communications: Information you provide when you contact us through our contact form or email.
• Usage Data: We use analytics tools (such as Google Analytics or PostHog) to collect information about how you interact with our website and services, subject to your cookie consent choices (see our *Cookie Policy*).

We use the information we collect to:

• Provide, maintain, and improve our services.
• Process transactions and send related information.
• Send you technical notices and support messages.
• Respond to your comments, questions, and requests.
• Analyze usage trends to improve user experience.

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party vendors who help us operate our services (e.g., Stripe for payment processing, Mailgun for contact email delivery, analytics providers).
• Legal Requirements: When required by law or to protect our rights.
• Business Transfers: In connection with a merger, acquisition, or sale of assets.

When you connect a third-party social platform to Creator App, we access data through that platform's official API. We process and retain the minimum data needed to provide the analytics features you have asked for. Each platform below has its own terms, and we act in accordance with them.

• X (operated by X Corp.): We access post metadata, engagement metrics, and account-level analytics via the X API. We request informed consent before taking any action on your behalf. We do not associate X identities with off-platform identifiers without your explicit opt-in. See X's Privacy Policy and Developer Policy.
• Threads (operated by Meta Platforms, Inc.): We access posts, media, and engagement data you have authorized. Example data types: username, post identifiers, post content, engagement counts, profile picture URL, device identifiers exposed by the API, and IP-derived region data. See Meta's Privacy Policy and the Threads Supplemental Privacy Policy.
• Bluesky (AT Protocol, operated by Bluesky Social PBC): We access posts, engagement metrics, and profile data via the AT Protocol. See Bluesky's Privacy Policy.
• Instagram (operated by Meta Platforms, Inc.): We access posts, Reels, Stories, insights, and account-level analytics via the Instagram Graph API. Example data types: username, media identifiers, media content, engagement counts, impression/reach metrics. See Meta's Privacy Policy and Instagram's Data Policy.
• YouTube (operated by Google LLC): Creator App uses YouTube API Services. By using features that connect to YouTube, you also agree to YouTube's Terms of Service and the Google Privacy Policy. We access channel analytics, video metadata, and engagement data for channels you authorize. You can revoke our access at any time through Google's security settings.
• TikTok (operated by TikTok Ltd. / TikTok Inc.): We access video metadata, engagement, and account-level analytics via the TikTok Developer APIs. We do not sell or disclose TikTok Developer Services US Data for cross-context behavioral advertising unless you intentionally interact with us for that purpose. See TikTok's Privacy Policy and Developer Terms of Service.
• LinkedIn (operated by LinkedIn Corporation): We access profile data, post metadata, and analytics via the LinkedIn APIs. For features that use the LinkedIn Marketing API, member social activity data is retained for a maximum of 48 hours and most profile data is deleted within 24 hours. See LinkedIn's Privacy Policy.

We do not use third-party platform data for surveillance, tracking of individuals, monitoring of sensitive events, unlawful discrimination, or any purpose prohibited by the respective platform's developer terms. You may revoke our access to any connected platform from the respective platform's settings or from your Creator App account settings.

We retain your information only as long as needed to provide our services and comply with applicable law. Platform-specific retention rules:

• YouTube API data: We store authorized YouTube data for no longer than 30 calendar days, after which we either delete it or refresh it from the API. When you revoke authorization, we delete all stored YouTube data within 30 days.
• LinkedIn Marketing API data: Member social activity is retained for up to 48 hours. Most LinkedIn profile data is deleted within 24 hours.
• Other social platform data: Retained only as long as needed to provide the requested analytics and aggregated metrics, and deleted on revocation or user request.
• Account information: Retained for the duration of your account plus a short period for accounting and legal compliance.
• Payment records: Retained as required by tax, accounting, and anti-fraud laws (typically up to 7 years in the United States).
• Contact form messages: Retained for up to 24 months for customer support continuity, then deleted.

You can request deletion of your personal information at any time. See our dedicated Data Deletion page for step-by-step instructions.

Meta-compliant users may also initiate deletion via our data deletion callback, which is registered with the Meta developer platform. After a valid request, you will receive a confirmation code and a URL where you can monitor the status of your deletion.

For any platform, you can also revoke our access directly in that platform's settings; once access is revoked, we will delete the associated data within the retention windows described above.

We use cookies and similar technologies to deliver, secure, and improve our services. Stripe may also place cookies on your device for payment processing and fraud prevention. For full details on categories, purposes, and your choices, please see our Cookie Policy. If you are in the EEA, UK, or another region that requires opt-in consent, a consent banner will let you accept or reject non-essential cookies before they are set.

We implement appropriate technical and organizational measures to protect your personal information. All data is transmitted over HTTPS using TLS 1.2 or higher. Access to production systems is restricted and audited, and we apply the principle of least privilege to internal staff.

Our services are operated from the United States. If you are located outside the United States, your information may be transferred to and processed in the United States in accordance with applicable data protection laws, including Standard Contractual Clauses where required.

Depending on your location, you may have rights regarding your personal data, including:

• Access to your personal data.
• Correction of inaccurate data.
• Deletion of your data (see our *Data Deletion* page).
• Objection to or restriction of processing.
• Portability of your data.
• Withdrawal of consent where processing is based on consent.

To exercise these rights, contact us at ryan.brown@engineofascension.com. We respond to verified requests within 30 days.

If you are in the EEA or UK, we process your data based on: consent, contractual necessity, legal obligations, or legitimate interests. You have the right to lodge a complaint with your local data protection authority. Our EU/UK representative can be contacted at ryan.brown@engineofascension.com.

If you are a resident of Japan, we handle your personal information in accordance with the Act on the Protection of Personal Information (APPI). We will obtain your consent before using your personal information for purposes beyond those disclosed.

Our services are not directed at children under 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children. If we learn that we have collected such information, we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page, updating the "Last updated" date, and — where required by law — notifying you by email or in-product notice.

If you have questions about this Privacy Policy, please contact us at:

Engine of Ascension Holdings, LLC

(doing business as Data Ascension Consulting and Creator App)

Eden Prairie, Minnesota 55344, USA

ryan.brown@engineofascension.com