Privacy Policy
ASOP-WCC Social Media Integration
1. Introduction
This Privacy Policy describes how ASOP-WCC ("we", "our", or "the application") collects, uses, stores, and protects information when you use our social media integrations for automated content publishing. ASOP-WCC is a content automation system designed to help users schedule and publish content to multiple social media platforms.
This policy covers integrations with:
Pinterest
LinkedIn
Instagram (Meta)
Threads (Meta)
Twitter/X
2. Information We Collect
2.1 Account Authentication Information
When you authorize ASOP-WCC to access your social media accounts, we collect and store the following for each connected platform:
| Data Type |
Purpose |
Storage Location |
| Access Token |
Authenticate API requests on your behalf |
Local .env file |
| Refresh Token |
Maintain continuous authorized access |
Local token files |
| User ID |
Identify your account for API calls |
Local configuration |
| Account Username |
Display account information |
Local configuration |
2.2 Platform-Specific Data
Pinterest:
- Board IDs for pin destination selection
- Pin creation responses (IDs, URLs)
LinkedIn:
- Person URN (unique identifier)
- Organization IDs (if company page access granted)
- Post creation responses
Instagram/Threads (Meta):
- Instagram Business/Creator Account ID
- Connected Facebook Page ID (required by Meta)
- Media container IDs during publishing
- Post creation responses
Twitter/X:
- User ID
- Tweet IDs and URLs from published content
2.3 Content Data
We process the following content data for publishing purposes:
- Text content: Post captions, descriptions, titles you create
- Image data: Images you provide for posts (temporarily processed during upload)
- Link URLs: Destination URLs associated with your posts
- Hashtags: Tags included in your content
- Alt text: Accessibility descriptions for images
2.4 Usage and Operational Data
We may collect:
- Publishing timestamps: When posts are created or scheduled
- API response data: Success/failure status of publishing operations
- Error logs: Technical information for troubleshooting
- Schedule data: Planned posting times in
schedule.json
3. How We Use Your Information
We use the collected information solely for the following purposes:
| Purpose |
Description |
| Content Publishing |
Create and publish posts to your authorized social media accounts |
| Authentication |
Maintain authorized access to your connected accounts |
| Token Management |
Automatically refresh access tokens to maintain functionality |
| Scheduling |
Track and execute scheduled post publishing |
| Error Handling |
Diagnose and resolve publishing issues |
| Service Improvement |
Improve the reliability of our publishing system |
We do NOT use your data for:
- Advertising or marketing purposes
- Selling to third parties
- User profiling or behavioral analysis
- Any purpose not directly related to content publishing
4. Data Storage and Security
4.1 Local Storage Only
All data is stored locally on your system. Specifically:
| Data |
Location |
Format |
| API Credentials |
ASOP-WCC/.env |
Environment variables |
| Platform Tokens |
ASOP-WCC/.{platform}_tokens.json |
JSON files |
| Publishing Schedule |
ASOP-WCC/output/*/schedule.json |
JSON files |
| Logs |
ASOP-WCC/logs/app.log |
Plain text |
We do NOT store your credentials on any external servers.
4.2 Security Measures
- Access tokens are used only for authorized API calls to official platform endpoints
- Refresh tokens are stored separately and used only for token renewal
- All API communications use HTTPS encryption
- We recommend:
- Keeping your installation directory secure
- Not sharing credential files
- Not committing
.env files to version control
- Regularly rotating tokens when possible
4.3 Data Retention
- Credentials: Retained until you revoke access or delete them manually
- Publishing logs: Retained locally for troubleshooting; you may delete at any time
- Schedule data: Retained until you delete the output folders
- No automatic cloud backup: Data exists only on your local system
4.4 Data Deletion
To delete all stored data:
- Remove
.env file or clear credential values
- Delete any
.{platform}_tokens.json files
- Delete
logs/ directory contents
- Delete
output/ directory contents
5. Data Sharing and Third Parties
5.1 We Do Not Share Your Data
We do not share your data with any third parties. Specifically:
- We do not sell your data
- We do not share your data with advertisers
- We do not share your data with analytics services
- We do not share your data with data brokers
- Your credentials are never transmitted to external servers
5.2 Direct Platform Communication Only
The only data transmission occurs directly between:
Your Local ASOP-WCC Installation <--> Official Platform API Servers
| Platform |
API Endpoint |
| Pinterest | api.pinterest.com |
| LinkedIn | api.linkedin.com |
| Instagram | graph.facebook.com |
| Threads | graph.threads.net |
| Twitter/X | api.twitter.com |
6. Platform-Specific Privacy Considerations
6.1 Pinterest
6.2 LinkedIn
- Data accessed: Profile info for posting, organization pages (if authorized)
- Permissions:
w_member_social, openid, email
- Token expiry: 60 days (auto-refresh implemented)
- LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy
6.3 Instagram (Meta)
- Data accessed: Business/Creator account info, media publishing
- Permissions:
instagram_basic, instagram_content_publish, pages_read_engagement
- Requirement: Must be Business/Creator account linked to Facebook Page
- Meta Privacy Policy: https://www.facebook.com/privacy/policy/
6.4 Threads (Meta)
6.5 Twitter/X
7. Your Rights and Choices
You have the right to:
| Right |
How to Exercise |
| Access |
View stored data in local .env and token files |
| Delete |
Remove credential files from your system |
| Revoke |
Disconnect the app from each platform's settings |
| Export |
Copy your stored credentials for backup |
| Withdraw Consent |
Stop using the application at any time |
7.1 How to Revoke Platform Access
Pinterest:
- Go to Pinterest.com → Settings → Security
- Find ASOP-WCC in "Connected apps"
- Click "Remove"
LinkedIn:
- Go to LinkedIn.com → Settings → Data privacy
- Find "Permitted services"
- Remove ASOP-WCC
Instagram/Threads (Meta):
- Go to Facebook.com → Settings → Apps and Websites
- Find ASOP-WCC
- Click "Remove"
Twitter/X:
- Go to Twitter.com → Settings → Security → Apps
- Find ASOP-WCC
- Click "Revoke access"
8. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your data based on:
- Consent: You explicitly authorize each platform connection
- Contract: Processing is necessary to provide the publishing service you requested
- Legitimate Interest: Maintaining logs for troubleshooting and service improvement
9. International Data Transfers
When you use ASOP-WCC:
- Your data is stored locally on your system
- API calls are made directly to platform servers (may be in various countries)
- We do not transfer your data to any third-party international servers
10. Children's Privacy
ASOP-WCC is not intended for use by children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children under these ages.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be reflected in the "Last Updated" date at the top of this document.
- Material changes will be documented in the application's changelog
- Continued use of the application after changes constitutes acceptance of the updated policy
12. Compliance
This application is designed to comply with:
- Pinterest API Terms of Service
- LinkedIn API Terms of Use
- Meta Platform Terms (Instagram/Threads)
- Twitter/X Developer Agreement
- General Data Protection Regulation (GDPR) principles
- California Consumer Privacy Act (CCPA) principles
- Platform-specific community guidelines
14. Consent
By using ASOP-WCC's social media integrations, you acknowledge that you have read, understood, and agree to this Privacy Policy.
When you authorize ASOP-WCC to access your social media accounts, you consent to:
- The collection of authentication tokens as described above
- The use of these tokens to publish content on your behalf
- The local storage of credentials and operational data
You may withdraw consent at any time by revoking platform access and deleting local data.