Privacy Policy

Last updated: March 6, 2026

Introduction

Holdfast ("we," "us," or "our") operates the SocialScheduler application and the website at holdfast.band. This Privacy Policy explains how we collect, use, and protect your information when you use our services.

Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored securely using industry-standard hashing).

Social Media Account Data

When you connect your social media accounts (Instagram, Facebook, YouTube, TikTok), we collect and store:

  • OAuth access tokens and refresh tokens (used to post content on your behalf)
  • Your public profile information (username, profile name, account ID)
  • Page or channel identifiers needed for publishing

We do not collect or store your social media passwords.

Content You Create

We store the content you create within our app, including:

  • Post captions and hashtags
  • Uploaded images and videos
  • Scheduling preferences and platform selections

Automatically Collected Information

We may collect basic usage data such as:

  • Log data (IP address, browser type, access times)
  • Device information
  • App usage patterns

How We Use Your Information

We use your information to:

  • Provide and maintain the SocialScheduler service
  • Publish and schedule content to your connected social media accounts on your behalf
  • Authenticate your identity and manage your account
  • Improve and optimize our service
  • Communicate with you about your account or service updates

Third-Party Services

Our app connects to the following third-party platforms via their official APIs:

  • Meta (Instagram & Facebook): We use the Instagram Graph API and Facebook Graph API to publish content to your accounts. Meta's privacy policy applies to your use of their platforms.
  • Google (YouTube): We use the YouTube Data API to upload videos. Google's privacy policy applies to your use of YouTube.
  • TikTok: We use the TikTok Content Posting API to publish videos. TikTok's privacy policy applies to your use of their platform.
  • Cloudinary: We use Cloudinary to process and host media files for publishing. Cloudinary's privacy policy applies to media processed through their service.

We only share the minimum data necessary with these services to perform the actions you request (such as publishing a post).

Data Storage and Security

  • Your data is stored on secure servers using encrypted connections
  • Social media tokens are stored in our database and used only to perform actions you authorize
  • We use HTTPS for all data transmission
  • Passwords are hashed and never stored in plain text

Data Retention

  • Your account data is retained as long as your account is active
  • Social media tokens are stored until you disconnect the platform or delete your account
  • Uploaded media files are retained until you delete them or your account
  • You can request deletion of your data at any time by contacting us

Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Disconnect your social media accounts at any time through the app's Settings page
  • Withdraw consent for data processing

Children's Privacy

Our service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: holdfastbandco@gmail.com Website: https://holdfast.band

Cart (0)