Privacy Policy

This Privacy Policy ("Policy") explains how Hanif Maulana, an individual sole proprietor trading as "MultiPost" ("MultiPost", "we", "us", "our"), operating from Karawang, West Java (Jawa Barat), Indonesia, collects, uses, shares, and protects information about you when you visit

multipost.pro

app.multipost.pro

api.multipost.pro

This Policy is part of, and is incorporated by reference into, our Terms of Service. By accessing or using the Service you acknowledge that you have read and understood this Policy.

Who this Policy applies to. This Policy applies to all visitors, registered users (free and paid), administrators, and other individuals whose personal data we receive in connection with the Service. Where you act on behalf of an organisation, "you" includes that organisation.

Languages. This Policy is published in English. Translations are for convenience only; the English version controls in case of conflict.

For the purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR"), the UK GDPR, and analogous data-protection laws (collectively, "Data Protection Laws"), the data controller of the personal data we collect about you through the Service is:

Hanif Maulana, sole proprietor trading as "MultiPost"

• Place of business: Karawang, West Java (Jawa Barat), Republic of Indonesia
• Email for privacy enquiries and rights requests: support@multipost.pro

For personal data we process on your behalf as part of providing the Service to you (for example, the metadata of an end-user who comments on a video you publish through the Service), MultiPost acts as a data processor and you act as the controller. In that case, the legal basis on which the data was originally collected, and the responses to data-subject rights, are your responsibility — we will assist you in line with our Terms of Service and applicable law.

The Service is not large enough to require a Data Protection Officer (DPO) under Article 37 GDPR. Privacy enquiries should be directed to support@multipost.pro.

We collect the following categories of personal data, which we process for the purposes set out in Section 5:

A. Information you provide directly:

• Account data — full name, email address, hashed password, optional profile picture, time zone, and language preference.
• Verification data — email-verification token state, password-reset token state, and (rarely) phone number if you choose to provide one.
• Subscription / billing data — the Plan you choose, billing email, country, postal/ZIP code (for tax purposes), and the unique customer / subscription identifiers issued by Lemon Squeezy. We do not store full card numbers, CVV codes, or bank credentials. Card and bank data are collected and processed directly by Lemon Squeezy and its underlying processors (e.g., Stripe, PayPal); we receive only tokenised references and last-four / brand metadata.
• Connected Platform data — when you connect a Connected Platform (YouTube, Facebook, Instagram, TikTok), we receive the OAuth access tokens and refresh tokens, the channel/page/account identifier, the display name, and the avatar that platform exposes for the connection. OAuth tokens are stored encrypted at rest using AES-256-GCM.
• Content & metadata — the videos, thumbnails, captions, titles, descriptions, tags, hashtags, schedule times, and templates you upload or save.
• Support communications — the content of your support tickets, live-chat conversations, AI-assistant prompts, and any attachments (such as screenshots).

B. Information collected automatically when you use the Service:

• Usage data — features used, buttons clicked, error messages, latency metrics, upload status, retry counts, and similar telemetry.
• Technical data — IP address, approximate location derived from IP, user-agent, browser, operating system, device type, screen size, time-zone offset.
• Cookies and similar identifiers — see Section 6 for the full list and purpose of each.

C. Information from third parties:

• From Lemon Squeezy — receipts, refund status, dispute / chargeback events, subscription state changes (renewal, cancellation, dunning).
• From Connected Platforms — through OAuth, the limited account information and content metadata each platform exposes.

We do not knowingly collect any "special category" personal data (such as data revealing race, ethnicity, political opinions, religion, health, biometric or genetic data, sex life, or sexual orientation) and we ask you not to upload or send such data through the Service.

We use your personal data for the following purposes:

• To provide the Service — create and authenticate your Account; deliver paid features in line with your Plan; transmit Content to Connected Platforms; schedule and retry uploads; show you your dashboards and history.
• To process payments and manage subscriptions — through Lemon Squeezy as our Merchant of Record (see Section 7). Lemon Squeezy is responsible for billing, receipts, taxes, refunds, and dunning.
• To communicate with you — to send transactional emails (verification, password reset, receipts, dunning, security alerts, important Service notices) and, where you have opted in, occasional product updates or marketing.
• To provide support — to respond to support tickets, process AI-assistant prompts, and run live-chat conversations.
• To secure the Service — to detect fraud, abuse, brute-force login attempts, account takeover, automated scraping, denial-of-service, and violations of our Terms of Service or Acceptable Use Policy.
• To improve the Service — to debug issues, run aggregated analytics, plan capacity, and prioritise new features. Aggregated data does not identify you.
• To comply with legal obligations — including book-keeping, tax compliance (carried out for Paid Plans by Lemon Squeezy on our behalf), responses to lawful government and law-enforcement requests, and exercise or defence of legal claims.

We do not use your personal data for automated decision-making that produces legal or similarly significant effects on you (Article 22 GDPR). Where we make automated content-moderation or anti-abuse decisions (for example, automatically suspending a clearly-fraudulent account) you may request human review by emailing support@multipost.pro.

Where the GDPR or UK GDPR applies, we rely on the following legal bases for processing your personal data:

• Performance of a contract (Article 6(1)(b) GDPR) — to provide the Service to you under our Terms of Service, to take steps before entering into a contract at your request, and to manage your subscription.
• Legitimate interests (Article 6(1)(f) GDPR) — to keep the Service secure, prevent fraud and abuse, run aggregated analytics, improve the product, and communicate operational information to you. Where we rely on this basis we have balanced our interests against your rights and reasonable expectations.
• Consent (Article 6(1)(a) GDPR) — for non-essential cookies, optional marketing communications, and any sharing of personal data with third parties for purposes outside the scope of providing the Service. You can withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
• Legal obligation (Article 6(1)(c) GDPR) — to retain records required by Indonesian, EU, UK, or other applicable law (e.g. tax records), and to respond to valid legal process.
• Vital interests (Article 6(1)(d) GDPR) — only in the rare case where this is necessary to protect the life or physical safety of you or another person.

We do not process special-category personal data, so Article 9 GDPR exceptions do not apply. We do not knowingly process the personal data of children (see Section 13).

We use cookies and similar local-storage technologies for the following purposes:

Strictly necessary (always on, no consent needed):

• mp_token

  /

  mp_admin_token

  — HttpOnly, Secure, SameSite=Lax JWT cookies used to keep you signed in.
• CSRF / session cookies — to prevent cross-site request forgery on form submissions.
• Lemon Squeezy checkout / portal cookies — set by Lemon Squeezy on its own domains during purchase and account-management flows; subject to Lemon Squeezy's privacy policy.

Functional (used with your continued use of the Service):

• Theme, language, time-zone, and dashboard-layout preferences stored in browser

  localStorage

  .

Analytics (privacy-conscious, used by default in production):

• Vercel Analytics and Vercel Speed Insights — collect aggregated, IP-truncated metrics about page-views, route timings, and Core Web Vitals. They do not use third-party advertising cookies and do not sell or share your data.

No advertising cookies. We do not use Google Ads, Meta Pixel, TikTok Pixel, or any other cross-site advertising or remarketing technology on the Service.

You can control cookies in your browser settings, but blocking strictly-necessary cookies will prevent you from signing in or making purchases.

For all paid subscriptions, Lemon Squeezy acts as our Merchant of Record (MoR). This means that, for the payment-and-tax leg of the relationship:

• Lemon Squeezy is the seller of record;
• Lemon Squeezy hosts the checkout, captures and processes your payment-method details, and issues the receipt and any tax document;
• Lemon Squeezy is responsible for collecting and remitting any applicable VAT, GST, sales tax, or similar consumption taxes;
• Lemon Squeezy is an independent data controller in respect of the payment data it collects from you. Its handling of your payment data is governed by Lemon Squeezy's Privacy Policy at

  https://www.lemonsqueezy.com/privacy

  .

We receive from Lemon Squeezy only the data we need to provide the Service (your customer ID, subscription state, Plan tier, billing email, country/ZIP code for tax-zone purposes, last-four card brand, receipt URL, refund status). We do not receive — and never see — your full card number, CVV, or bank credentials.

If you would like to update payment-method details, change billing addresses, or download invoices, the easiest way is the Lemon Squeezy customer portal linked from your most recent receipt and from the in-app Billing page.

We do not sell your personal data, and we do not "share" your personal data for cross-context behavioural advertising as those terms are defined under the California Consumer Privacy Act (as amended by the CPRA). We share your personal data only in the following circumstances:

• With our sub-processors (Section 9) — vendors that process personal data on our behalf to deliver the Service.
• With Connected Platforms that you instruct us to integrate with — when you publish a video, the Content and metadata you provide is transmitted to the Connected Platform you select, on your instruction. Each Connected Platform has its own privacy policy that applies to data once it reaches that platform.
• With Lemon Squeezy as Merchant of Record (Section 7).
• With our professional advisers (e.g., lawyers, accountants, auditors, tax advisers) under appropriate confidentiality obligations, where reasonably necessary for the operation of the business.
• In connection with a merger, acquisition, financing, asset sale, reorganisation, bankruptcy, or other corporate transaction — your personal data may be transferred as part of the transaction. We will notify you of any such transfer and the resulting privacy implications.
• For legal reasons — to comply with valid legal process (subpoena, court order, lawful regulator request); to investigate, prevent, or take action regarding suspected fraud, security incidents, or violations of our Terms of Service; to protect the rights, property, or safety of MultiPost, our users, or the public; or as otherwise required or permitted by law.
• With your consent — for any other sharing, such as customer testimonials.

The following sub-processors process personal data on our behalf to deliver the Service. Each is bound by a data-processing addendum (DPA) and uses appropriate safeguards (e.g., the EU Standard Contractual Clauses) for any international transfers.

Hosting & Compute

• Vercel Inc. (United States) — frontend hosting, edge runtime, Vercel Analytics, Speed Insights. Privacy:

  https://vercel.com/legal/privacy-policy

  .

Object Storage & CDN

• Cloudflare, Inc. (United States, with global edge) — Cloudflare R2 object storage and CDN delivery for video files, thumbnails, and static assets. Privacy:

  https://www.cloudflare.com/privacypolicy/

  .

Database

• MongoDB, Inc. (MongoDB Atlas) (regions selected by us) — primary application database. Privacy:

  https://www.mongodb.com/legal/privacy-policy

  .

Queue, Cache & Webhooks

• Upstash, Inc. (United States, with regional clusters) — Redis cache, QStash queue, and webhook signing. Privacy:

  https://upstash.com/trust/privacy.pdf

  .

Transactional Email

• Resend Inc. (United States) — verification, password-reset, billing-receipt, security-alert, and dunning emails. Privacy:

  https://resend.com/legal/privacy-policy

  .

Payments — Merchant of Record

• Lemon Squeezy (operated by Paddle.com Market Limited / Lemon Squeezy LLC) — see Section 7.

AI / LLM Providers

• Google LLC (Gemini API) — powers the Firdha AI Assistant for caption / hashtag generation. Prompts and AI outputs are processed by Google subject to Google's terms; we do not train Google models on your data. Privacy:

  https://policies.google.com/privacy

  .

Connected Platforms (controllers, not processors)

• Google LLC (YouTube) — when you connect a YouTube channel.
• Meta Platforms, Inc. / Meta Platforms Ireland Ltd. (Facebook & Instagram) — when you connect Facebook Pages or Instagram Professional accounts.
• TikTok Pte. Ltd. / TikTok Inc. — when you connect a TikTok account. These platforms act as independent controllers for any personal data that reaches them as a result of you publishing through the Service.

A current sub-processor list is maintained at this section. Material additions of new sub-processors that materially change the processing will be notified via in-app banner or email at least 30 days in advance, where reasonably practicable.

MultiPost is operated from Indonesia, but our sub-processors (including Vercel, Cloudflare, MongoDB Atlas, Upstash, Resend, Google, Meta, TikTok, and Lemon Squeezy) operate globally and may store or process personal data in the United States, the European Economic Area, the United Kingdom, Singapore, and other regions.

Where personal data of individuals located in the European Economic Area, the United Kingdom, or Switzerland is transferred to a country that has not been granted an adequacy decision by the relevant data-protection authority, we rely on appropriate safeguards, principally the EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) and, for transfers from the UK, the UK International Data Transfer Addendum to those clauses, supplemented by additional technical and organisational measures (encryption in transit, encryption at rest, strict access controls).

You may request a copy of the relevant transfer mechanism by emailing support@multipost.pro. We will provide a copy with sensitive commercial terms redacted.

We retain personal data only for as long as necessary for the purposes for which we collected it, and for any additional period required to comply with our legal obligations (such as tax record-keeping). Indicative retention periods:

• Account data (name, email, hashed password) — for the lifetime of your Account, plus up to 90 days after deletion to allow recovery from accidental deletion and to complete back-up rotation.
• Connected-Platform OAuth tokens — until you disconnect the platform or delete your Account; revoked immediately on disconnection.
• User Content (videos, thumbnails, metadata) on our R2 storage — until you delete it or until 30 days after Account deletion, whichever is sooner. Successfully published Content remains on the Connected Platform under that platform's retention rules, which we do not control.
• Subscription / billing records — retained by Lemon Squeezy and (in summary form) by us for at least the period required by Indonesian tax and accounting law, generally ten (10) years for invoicing records.
• Server, security, and audit logs — typically up to 90 days, or longer when required for an active investigation, legal claim, or security incident.
• Support tickets and live-chat transcripts — up to 24 months after the conversation closes, to handle follow-up questions and quality assurance.
• Marketing-consent records — for the duration of your consent plus a reasonable period to demonstrate compliance with consent-based processing.
• Backups — incremental backups are over-written on a rotating schedule of up to 90 days.

After the applicable retention period, personal data is securely deleted or anonymised so that it can no longer be associated with an identifiable person.

We implement industry-standard technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. These measures include:

• Encryption in transit — all communication with the Service uses TLS 1.2+ (HTTPS).
• Encryption at rest — OAuth tokens, refresh tokens, and other secrets are encrypted with AES-256-GCM (using authenticated encryption with proper IVs and auth tags) before being persisted; databases and storage volumes are encrypted at rest by the underlying provider.
• Password hashing — passwords are stored using a memory-hard algorithm with per-account salt; we never store, log, or transmit plaintext passwords.
• Least-privilege access — only authorised personnel with a documented business need can access production data, controlled by SSO and audit logging.
• Rate limiting and abuse detection — login, password-reset, signup, and upload endpoints are rate-limited; suspicious activity triggers alerts.
• Input validation and security headers — all user input is validated; we set Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, and similar hardening headers.
• Secure SDLC — code is reviewed before deployment; secrets are managed in a secret-store, not in source.
• Patching — operating systems, runtimes, and dependencies are patched promptly when vulnerabilities are disclosed.

No system is 100% secure. We do not, and cannot, guarantee absolute security. If you become aware of any actual or suspected breach, please email support@multipost.pro immediately.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

• Notify the competent supervisory authority within 72 hours of becoming aware, where required by Article 33 GDPR or analogous local law;
• Notify you without undue delay where the breach is likely to result in a high risk to your rights and freedoms (Article 34 GDPR), via the email address associated with your Account and/or a prominent in-app notice;
• Take appropriate steps to contain, investigate, and remediate the breach.

This Section does not create any obligation that goes beyond what is required by applicable law.

Depending on where you live, you may have one or more of the following rights in respect of your personal data. You can exercise any of these rights by emailing support@multipost.pro from the email address associated with your Account. We will respond within the timeframe required by applicable law (typically one month for GDPR, 45 days for CCPA).

A. Rights available to all users:

• Access — request confirmation of whether we process your personal data and a copy of it.
• Rectification — ask us to correct inaccurate or incomplete personal data. You can update most profile data yourself in the in-app Settings page.
• Deletion ("right to be forgotten") — ask us to delete your personal data. You can self-serve by deleting your Account from the in-app Settings page.
• Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior processing.
• Lodge a complaint — with the data-protection regulator in your country.

B. Additional rights under EU/UK GDPR:

• Restriction of processing — ask us to limit how we use your data while a request is being investigated.
• Data portability — receive a copy of the personal data you provided in a structured, commonly used, machine-readable format and have it transmitted to another controller where technically feasible.
• Object to processing based on legitimate interests, including profiling.
• Object to direct marketing at any time.
• You may lodge a complaint with the data-protection authority of your country of residence, place of work, or place of the alleged infringement.

C. Additional rights under California (CCPA / CPRA): California residents have the rights to know, access, correct, delete, and opt-out of the sale or sharing of their personal information. We do not sell or "share" personal information for cross-context behavioural advertising. We also do not knowingly collect or process the personal information of consumers under 16. To exercise California rights, email support@multipost.pro from your registered address with the subject "California Privacy Request". You may designate an authorised agent to make a request on your behalf with proof of authorisation.

D. Additional rights under other US state privacy laws (Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Iowa, Montana, and others as applicable) — analogous rights of access, correction, deletion, portability, and opt-out of targeted advertising / sale (which we do not engage in).

Verification. To protect you, we may need to verify your identity before fulfilling a rights request. We may ask you to confirm details associated with your Account from a request sent from your registered email.

We do not currently respond to browser "Do Not Track" (DNT) signals because no common industry standard for honouring DNT has been adopted. We recognise the Global Privacy Control (GPC) signal as a valid request to opt out of the "sale" or "sharing" of personal information for cross-context behavioural advertising under U.S. state privacy laws. As noted above, we do not sell or share personal information in that sense in any case.

Transactional emails (verification, password reset, receipts, security alerts, important Service notices) are sent to you on the basis that they are necessary to provide the Service. You cannot opt out of these while you have an active Account.

Optional product updates and newsletters are sent only where you have opted in (or, in jurisdictions where soft opt-in is permitted, where you are an existing customer for a similar product). Every marketing email contains a one-click unsubscribe link, and you can also opt out at any time by emailing support@multipost.pro.

The Service is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. In the European Economic Area, the United Kingdom, and other jurisdictions where the GDPR digital-consent age is higher (typically 16), the Service is not directed to children under that local age.

If you believe that a child has provided personal data to us without the consent of a parent or legal guardian, please email support@multipost.pro. We will take prompt steps to delete such information.

Where you connect a YouTube channel and use features that rely on the YouTube API Services, the following additional disclosures apply:

• Compliance. Our use of personal data received from the YouTube API Services adheres to the Google API Services User Data Policy, including the Limited Use requirements (

  https://developers.google.com/terms/api-services-user-data-policy

  ).
• Purpose. We access and use your YouTube data (channel info, ability to upload videos on your behalf, analytics where applicable) solely to provide the core functionality of the Service that you have requested.
• No advertising. We do not use YouTube API data to serve advertisements or to build advertising profiles.
• No human reading. Authorised personnel may access OAuth tokens and content metadata only for engineering, support, security, abuse-investigation, or legal purposes, in line with our internal access-control policy.
• No model training. We do not use YouTube API data to train AI/ML models for any purpose other than Service-internal anti-abuse and recommendation features (and even then, only on aggregated, de-identified data where feasible).
• No transfer outside Limited Use. YouTube API data is shared with sub-processors only to the extent necessary to provide the Service to you (Section 9).
• Revoking access. You can revoke our access at any time via Google's Security settings at

  https://security.google.com/settings/security/permissions

  . After revocation, we will delete the corresponding OAuth tokens within seven (7) days from active production systems (subject to back-up rotation).
• Applicable Google policies. Your use is also subject to the YouTube Terms of Service and the Google Privacy Policy.

Where you connect Facebook, Instagram, or TikTok accounts:

• The personal data we receive is limited to what those platforms expose under the OAuth scopes you grant.
• We use that data only to publish content on your behalf and to display connection status to you.
• OAuth tokens are encrypted at rest with AES-256-GCM and revoked immediately on disconnect or Account deletion.
• Once Content is published to Meta or TikTok, those platforms become independent controllers for any further processing of that Content. Their privacy practices are governed by their own privacy policies.

• Firdha AI Assistant. When you use the AI Assistant, your prompt and any context we attach to it (such as the title of the video you are working on) is sent to a third-party LLM provider, currently Google Gemini (subject to change with notice). The provider returns a response which we deliver to you in-app. We may log prompts and responses (excluding sensitive personal data where reasonably possible) for service improvement, abuse detection, and quality assurance. We do not allow the LLM provider to train its general models on your prompts to the extent the provider's API offers an opt-out, and we configure the API accordingly.
• Live Chat. Conversations between you and our support team — including text, images, and any voluntarily-shared metadata — are stored securely. Access is restricted to authorised support personnel. Live-chat transcripts are retained per Section 11.
• Acceptable use. Do not paste sensitive personal data of third parties into the AI Assistant or live chat unless you have a valid legal basis to do so.

The Service contains links to, and integrates with, websites operated by third parties (Connected Platforms, Lemon Squeezy customer portal, sub-processors' help pages, and similar). When you click a link to a third-party website, you leave the Service and those third parties' privacy policies and terms apply. We are not responsible for the privacy practices or content of any third-party website.

We may update this Privacy Policy from time to time. If we make a material change (for example, a new purpose of processing, a new sub-processor category, or a change in the legal basis for processing), we will notify you in advance by email and/or by a prominent in-app banner before the change takes effect, and (where required) seek any necessary consent. Non-material updates take effect when posted with a refreshed "Last updated" date. Your continued use of the Service after the effective date constitutes acceptance of the revised Policy.