Privacy Policy
This Privacy Policy explains how BrandVoice-AI collects, uses, and protects your information when you use our platform for social media comment moderation, direct message management, and engagement.
By creating an account or connecting your social media pages, you agree to this Policy.
1. Information We Collect
We only collect information required to provide our moderation and automation services.
Important: We never access any Facebook or Instagram Page unless you explicitly grant permission during the Meta login flow.
1.1 Account Information
- Email, name, and authentication details
- Connected social media accounts and page IDs
- Access tokens for authorized Facebook Pages and Instagram accounts (stored securely and used only to perform actions you approve)
1.2 Social Media Content
From only the Facebook Pages and Instagram accounts you explicitly authorize:
- Comments, replies, and posts
- Comment metadata (timestamps, author name or ID, thread structure)
- Direct messages and conversations — for the Facebook Pages and Instagram accounts where you enable direct message management — including message content, the sender's name/username or ID, and timestamps
- Page and post IDs required for moderation actions
We access this data exclusively through Meta's official APIs and only with your permission. We do not use scraping or any unauthorized collection methods.
Direct messages are accessed only for accounts where you turn on DM management, and only to power the features you enable — displaying conversations in your inbox, classifying and routing messages, generating suggested replies, and (where you enable automation) sending replies on your behalf.
We do not access private personal accounts, personal profiles, or any content you do not explicitly authorize.
1.3 Brand & Configuration Data
- Brand profiles and voice settings
- Moderation rules
- Knowledge documents you upload
- Automation preferences
- Integration settings
1.4 Usage Data
- Dashboard interactions
- Moderation decisions
- Clicks, timestamps, and session logs
(Used to improve product performance and reliability)
1.5 Support & Communications
- Emails you send us
- Support request content
2. How We Use Your Information
We use your data strictly to provide, operate, and improve the Service.
2.1 Core Functionality
- Analyze and classify comments for moderation
- Read, classify, and route direct messages received by your connected accounts
- Generate brand-aligned responses and suggested replies
- Perform moderation actions (hide, delete, or reply) on your behalf
- Send direct message replies on your behalf — automatically when you enable automation, or when you send them from the inbox
- Process webhook events such as new comments, replies, or direct messages
2.2 Platform Operation
- Maintain your connected accounts
- Display analytics and moderation history
- Sync your brand settings and rules
- Securely refresh Meta access tokens
2.3 Product Improvement
Aggregated and anonymized usage metrics may be used to:
- Identify feature performance
- Improve accuracy and reliability
- Detect misuse or errors
We do not use your individual social media content to train general-purpose AI models.
2.4 Communication
- Send service-related notices (e.g., authentication, security, billing)
- Provide customer support
We do not send marketing emails without your consent.
2.5 Legitimate Business Interests
Certain processing activities may be based on our legitimate business interests, such as ensuring platform security, preventing misuse, or improving service quality.
3. Sharing & Disclosure
We do not sell, rent, or trade your data.
We share data only when necessary to operate the Service:
3.1 Meta (Facebook/Instagram)
We share only what is required to:
- Hide/delete a comment
- Post a comment reply
- Send a direct message reply
- Fetch comments, posts, and (where you enable it) direct messages from your authorized Pages and Instagram accounts
All interactions follow Meta's Platform Policies.
3.2 AI Processing Providers
We may send comment and direct message text and relevant context to trusted AI processing providers solely to:
- Classify comments and direct messages
- Generate replies
They process data only for the purpose of providing the service and do not use it to train their models.
3.3 Authentication Providers
Authentication partners (e.g., OAuth providers) receive only the information required to log you in.
3.4 Legal Reasons
We may disclose information if required by:
- Law or regulatory process
- Valid subpoena or court order
- To protect rights, security, or prevent fraud
3.5 Business Transfer
If we merge, sell, or restructure the company, data may be transferred with user notice and continued protection.
4. Data Security
We apply industry-standard security practices to protect your data:
- Encryption in transit and at rest
- Secure token storage (with restricted internal access)
- Access controls and audit logging
- Automatic token revocation when pages are disconnected
- Regular security reviews and monitoring
While we take responsible measures, no online system can guarantee 100% security.
5. Your Rights & Controls
Depending on your region (e.g., GDPR, CCPA), you may have rights including access, deletion, and correction.
All users can:
5.1 Delete Your Account
Permanently delete your entire account and all associated data directly from the dashboard.
For detailed step-by-step instructions on deleting your account and removing the app from your Facebook account, see our Data Deletion Instructions.
5.2 Remove Connected Pages
Disconnect Facebook Pages or Instagram accounts at any time.
5.3 Manage Brand Data
Edit or delete brand profiles, rules, and knowledge documents.
5.4 Control Processing
Disable automation or stop AI processing for specific pages.
5.5 Request Access
You may request a copy of your personal data by contacting us at pavel@brandvoice-ai.com.
We will respond in accordance with applicable data protection laws.
6. Data Retention
6.1 Active Account
We keep your data while your account remains active.
6.2 Comment, Message & Processing Data
Comment and direct-message data (content and metadata) and AI results are retained for your inbox and dashboard history, unless you delete your account or remove the associated Page or Instagram account.
Raw data sent to AI providers is not stored by them.
6.3 Deleted or Disconnected Data
When you:
- Delete your account → all personal data is permanently removed
- Disconnect a social media account → tokens are revoked and deleted
- Delete documents or brand profiles → content is permanently erased
6.4 Legal Retention
We may retain minimal necessary data if required for:
- Fraud prevention
- Accounting
- Legal compliance
7. Children's Privacy
The Service is not intended for individuals under 18. We do not knowingly collect personal data from minors.
8. International Transfers
Your data may be processed or stored in countries outside your own.
We ensure appropriate safeguards consistent with applicable laws.
When transferring data internationally, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) where required.
9. Updates to This Policy
We may update this Policy periodically.
Material changes will be communicated via email or dashboard notifications.
Continued use of the Service after changes constitutes acceptance of the updated Policy.
10. Contact Us
If you have questions or wish to exercise your rights:
Email:
pavel@brandvoice-ai.com
Subject: Privacy Request
Last updated: July 6, 2026