Legal

Privacy Policy

Last Updated: April 4, 2026

PerimeterOS ("we", "our", or "us") provides a social media management platform (the "Service"). This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our website, application, and related services. By using PerimeterOS, you agree to the practices described below.

01

Information We Collect

We collect information you provide directly, data from connected platforms, and technical data generated automatically when you use our Service.

1.1 Account & Personal Data

  • Full name and email address
  • Profile photo (if provided via OAuth)
  • Billing name and address (processed via Stripe — we do not store card details)
  • Username and password (hashed — never stored in plain text)

1.2 Connected Social Media Accounts

When you connect accounts such as YouTube, Instagram, Facebook, TikTok, LinkedIn, Twitter/X, or Pinterest, we collect:

  • OAuth authentication tokens and refresh tokens
  • Platform-assigned user IDs and handles
  • Profile metadata (name, avatar, follower count)
  • Channel/page analytics (impressions, reach, engagement rates)
  • Content metadata (post captions, publish times, media URLs)
  • Audience demographic data where permitted by the platform

1.3 Usage & Technical Data

  • IP address and approximate geolocation (country/city level)
  • Browser type, version, and operating system
  • Device identifiers and screen resolution
  • Pages visited, features used, and session duration
  • Referral source and UTM parameters
  • Error logs and crash reports

1.4 Cookies & Tracking Technologies

  • Session cookies (required for authentication)
  • Persistent cookies (to remember preferences)
  • Analytics cookies (privacy-first, no cross-site tracking)
  • We do not use advertising or retargeting cookies

1.5 Content You Create

  • Scheduled posts, captions, hashtags, and media you upload
  • Workspace names, team members, and collaboration notes
  • AI-generated draft content initiated by you
  • Saved templates and content libraries
02

How We Use Your Data

We use your data only for purposes necessary to operate and improve the Service. Specifically:

Service Delivery

  • Authenticate you and manage your account
  • Schedule and publish posts to connected social accounts on your behalf
  • Display analytics, performance reports, and audience insights
  • Enable team collaboration features within workspaces

Product Improvement

  • Diagnose bugs, crashes, and performance issues
  • Analyse feature usage to prioritise development
  • Conduct A/B tests to improve the user experience

Communication

  • Send transactional emails (password resets, billing receipts)
  • Notify you of scheduled post failures or platform errors
  • Send product updates and changelogs (you may opt out at any time)

Legal & Safety

  • Comply with applicable laws and regulations
  • Detect and prevent fraud, abuse, or unauthorised access
  • Enforce our Terms of Service
03

Google & YouTube API Data

PerimeterOS integrates with the YouTube Data API v3 and Google OAuth 2.0. Our use of data received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

  • We access YouTube channel data solely to schedule, publish, and display analytics for your content.
  • We do not use YouTube API data to train machine learning models.
  • We do not sell, share, or transfer YouTube API data to any third party for advertising or profiling.
  • Access tokens are encrypted at rest and transmitted over TLS.
  • You may revoke our access at any time via Google Security Settings at myaccount.google.com/permissions.
  • Upon revocation, we will delete all stored tokens and cease accessing your YouTube data within 30 days.
04

Other Social Platform Integrations

For all other connected platforms (Instagram, Facebook, TikTok, LinkedIn, Twitter/X, Pinterest), we apply the same principles:

  • Data is accessed solely to fulfil the features you explicitly activate (scheduling, analytics, inbox management).
  • We comply with each platform's developer policies and terms of service.
  • Authentication tokens are stored with AES-256 encryption.
  • You may disconnect any platform at any time from your account settings; tokens are deleted immediately upon disconnection.
  • We do not scrape data beyond what is provided via official APIs.
05

Data Sharing & Third Parties

We do not sell your personal data. We share data only in these limited circumstances:

Service Providers (Sub-processors)

  • Stripe — payment processing (PCI-DSS compliant)
  • AWS / Vercel — cloud hosting and infrastructure
  • PostHog — product analytics (self-hosted, privacy-first)
  • Resend / SendGrid — transactional email delivery
  • Sentry — error monitoring and crash reporting

Legal Requirements

  • When required by law, court order, or governmental authority
  • To protect the rights, property, or safety of PerimeterOS, our users, or the public

Business Transfers

  • In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you via email and/or a prominent notice on our Service prior to your data being transferred.
06

Data Retention

We retain your personal data only as long as necessary:

  • Active account data is retained for the duration of your subscription.
  • Upon account deletion, personal data is purged within 30 days, except where legal obligations require longer retention (e.g., billing records retained for 7 years).
  • Aggregated and anonymised analytics data may be retained indefinitely as it cannot be used to identify you.
  • Backups are purged on a rolling 90-day cycle.
07

Security

We implement industry-standard security measures to protect your data:

  • All data in transit is encrypted with TLS 1.2+
  • Sensitive data at rest is encrypted with AES-256
  • Passwords are hashed using bcrypt with a high cost factor
  • OAuth tokens are stored encrypted and rotated regularly
  • We conduct regular dependency audits and security reviews
  • Access to production systems is restricted to authorised personnel only
  • Despite our best efforts, no method of transmission over the internet is 100% secure. We will notify affected users promptly in the event of a data breach.
08

Your Data Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Access

Request a copy of the personal data we hold about you.

Correction

Request correction of inaccurate or incomplete data.

Deletion

Request erasure of your personal data (right to be forgotten).

Portability

Receive your data in a structured, machine-readable format.

Restriction

Request that we limit how we process your data.

Objection

Object to processing based on legitimate interests.

Withdraw Consent

Withdraw consent at any time where processing is consent-based.

Complaint

Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us via our Contact Page. We will respond within 30 days.

09

Children's Privacy

PerimeterOS is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately and we will take steps to delete such information.

10

International Data Transfers

PerimeterOS operates globally. Your data may be processed in countries outside your own, including the United States, where data protection laws may differ. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where required under GDPR.

11

AI-Powered Features

PerimeterOS offers AI-assisted content generation features. When you use these features:

  • Your prompts and generated outputs may be processed by third-party AI providers (e.g., OpenAI) subject to their own privacy policies.
  • We do not use your content to train AI models without your explicit consent.
  • You retain full ownership of content you create using AI features.
  • AI-generated content is not automatically published — you review and approve before any post goes live.
12

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last Updated" date at the top of this page and, where appropriate, by sending you an email notification. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

13

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please reach out:

  • Via our Contact Page (preferred)
  • By email: privacy@perimeteros.com
  • Response time: within 2 business days

Go to Contact Page →