PRIVACY POLICY

TryPost.it - Open Source Social Media Scheduler

Last Updated: January 20, 2026

INTRODUCTION

This Privacy Policy describes how TryPost.it ("TryPost", "we", "us", or "our") collects, uses, and shares information about you when you use our open-source social media scheduling platform.

TryPost is committed to protecting your privacy and ensuring transparency about how we handle your data. As an open-source project, we believe in giving you full visibility and control over your information.

By using TryPost, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our practices, please do not use our Services.

1. DEFINITIONS

1.1. "Personal Data": Information that identifies, relates to, or could reasonably be linked with you or your household.

1.2. "Services": The TryPost platform, including our website at trypost.it, our application at app.trypost.it, and all related features and functionality.

1.3. "User" or "You": Any individual or entity that creates an account and uses TryPost's Services.

1.4. "Content": Any text, images, videos, or other media that you upload, create, or schedule through TryPost.

1.5. "Social Media Channels": Third-party platforms that integrate with TryPost, including:

Instagram (Meta)
Facebook (Meta)
LinkedIn
X (formerly Twitter)
TikTok
YouTube (Google)
Pinterest
Threads (Meta)
Bluesky
Mastodon

2. INFORMATION WE COLLECT

2.1. Information You Provide to Us

2.1.1. Account Information:

Name
Email address
Password (encrypted)
Profile picture (optional)
Company/Organization name (optional)
Time zone preference

2.1.2. Social Media Account Information: When you connect your social media accounts to TryPost, we collect:

Account identifiers and usernames
Access tokens and refresh tokens
Profile information from connected platforms
Page/Channel information you authorize us to access

2.1.3. Content and Media:

Posts, captions, and descriptions you create
Images and videos you upload
Scheduling preferences and settings
Hashtags and mentions

2.1.4. Payment Information: For paid subscriptions (processed by third-party payment providers):

Billing name and address
Payment method details (stored securely by payment processor)
Transaction history

2.1.5. Communications:

Support requests and correspondence
Feedback and surveys
Marketing preferences

2.2. Information We Collect Automatically

2.2.1. Usage Data:

Features and functions used
Actions taken within the platform
Post scheduling and publishing activity
Login and access times

2.2.2. Device and Technical Information:

IP address
Browser type and version
Operating system
Device identifiers
Screen resolution

2.2.3. Log Data:

Access logs
Error logs
Performance data

2.3. Cookies and Similar Technologies

We use cookies and similar tracking technologies to:

Maintain your session and authentication
Remember your preferences
Analyze platform usage
Improve our Services

For details, see Section 8 (Cookies Policy).

3. HOW WE USE YOUR INFORMATION

3.1. To Provide and Maintain the Services

3.1.1. Core Functionality:

Create and manage your account
Connect your social media accounts
Schedule and publish content to your connected Social Media Channels:
- Instagram (posts, stories, reels)
- Facebook (pages, groups, profiles)
- LinkedIn (profiles, company pages)
- X/Twitter (tweets, threads)
- TikTok (videos)
- YouTube (videos)
- Pinterest (pins)
- Threads (posts)
- Bluesky (posts)
- Mastodon (toots)
Store and organize your media
Provide post previews across platforms

3.1.2. Account Management:

Process payments and subscriptions
Send transactional communications
Provide customer support

3.2. To Improve and Develop Services

Analyze usage patterns
Identify and fix bugs
Develop new features
Optimize performance

3.3. To Communicate with You

Send service notifications
Respond to support requests
Send marketing communications (with consent)
Share product updates

3.4. To Ensure Security and Prevent Fraud

Detect and prevent unauthorized access
Monitor for suspicious activity
Protect against security threats

3.5. To Comply with Legal Obligations

Respond to legal requests
Comply with applicable laws
Protect our legal rights

For users in the European Economic Area (EEA), UK, and other jurisdictions that require a legal basis for processing:

4.1. Contract Performance:

Processing necessary to provide our Services
Account creation and management
Payment processing

4.2. Legitimate Interests:

Improving and developing our Services
Security and fraud prevention
Analytics and performance monitoring

4.3. Consent:

Marketing communications
Non-essential cookies
Specific data processing you authorize

4.4. Legal Obligations:

Compliance with applicable laws
Response to legal requests

When you use TryPost to schedule and publish content, we share your Content and necessary authentication data with your connected Social Media Channels:

Instagram/Facebook/Threads (Meta) - To publish posts and access insights
LinkedIn - To publish posts to profiles and company pages
X (Twitter) - To publish tweets and threads
TikTok - To upload and publish videos
YouTube - To upload and schedule videos
Pinterest - To create and schedule pins
Bluesky - To publish posts
Mastodon - To publish toots to your instance

5.2. With Service Providers

We share information with third-party service providers who help us operate our business:

Cloud Infrastructure: We use Hetzner, a German cloud provider, for hosting and data storage in the European Union. See Hetzner Privacy Policy.
CDN, Storage & DNS: We use Cloudflare for content delivery, file storage, DNS, and security services. See Cloudflare Privacy Policy.
Payment Processor: We use Stripe to process subscription payments. See Stripe Privacy Policy.
Email Services: Transactional and marketing emails
Analytics: We use Umami for privacy-focused website analytics. Umami is an open-source, privacy-friendly analytics solution that does not use cookies and does not collect personal data. See Umami Privacy Policy.
Customer Support: Help desk and support tools

All service providers are contractually bound to protect your data.

5.3. For Legal Reasons

We may disclose information when required:

To comply with legal obligations
To respond to valid legal requests
To protect our rights, privacy, safety, or property
To protect users or the public from harm

5.4. Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data becomes subject to a different privacy policy.

We may share information for other purposes when you give us explicit consent.

6. DATA RETENTION

6.1. Active Accounts

We retain your data for as long as your account is active and as needed to provide Services.

6.2. After Account Deletion

Upon account deletion:

Account data: Deleted within 30 days
Scheduled content: Deleted immediately
Media files: Deleted within 30 days
Backup copies: Removed from backups within 90 days
Anonymized analytics: May be retained indefinitely

6.3. Legal Retention

We may retain certain data longer when required by law or to protect our legal interests.

6.4. Data Export

You may request an export of your data before deleting your account. Exports are provided in standard formats (JSON, CSV).

7. DATA SECURITY

7.1. Security Measures

We implement industry-standard security measures to protect your data:

Technical Measures:

Encryption in transit (TLS 1.2+)
Encryption at rest (AES-256)
Secure credential storage
Regular security audits
Vulnerability scanning
DDoS protection

Organizational Measures:

Access controls and authentication
Employee security training
Security incident response procedures
Regular security reviews

7.2. Open Source Transparency

As an open-source project, our code is publicly available for security review. This transparency allows:

Independent security audits
Community vulnerability reporting
Verification of our security practices

7.3. Your Responsibilities

You are responsible for:

Keeping your login credentials secure
Using strong, unique passwords
Logging out from shared devices
Reporting suspected security incidents

7.4. Security Incidents

In the event of a data breach that affects your information, we will:

Notify you within 72 hours (or as required by law)
Describe the nature of the incident
Provide guidance on protective measures

8. COOKIES POLICY

8.1. What Are Cookies

Cookies are small text files stored on your device when you visit our website.

8.2. Types of Cookies We Use

8.2.1. Essential Cookies:

Required for basic functionality
Authentication and session management
Cannot be disabled

8.2.2. Functional Cookies:

Remember your preferences
Customize your experience
Store settings

8.2.3. Analytics: We use Umami for analytics, which is a privacy-focused solution that does not use cookies. This means:

No tracking cookies are placed on your device for analytics purposes
Your browsing is not tracked across websites
We only collect anonymous, aggregated usage data

8.2.4. Marketing Cookies (with consent):

Measure advertising effectiveness
Personalize advertisements

8.3. Managing Cookies

You can manage cookies through:

Browser settings
Our cookie consent banner
Platform privacy settings

Disabling certain cookies may affect functionality.

9. YOUR PRIVACY RIGHTS

9.1. Rights for All Users

Regardless of location, you have the right to:

Access: Request a copy of your personal data
Correction: Update inaccurate or incomplete data
Deletion: Request deletion of your account and data
Data Portability: Export your data in standard formats
Opt-out: Unsubscribe from marketing communications

If you are in the EEA or UK:

Restriction: Request limitation of processing
Objection: Object to processing based on legitimate interests
Withdraw Consent: Revoke previously given consent
Automated Decisions: Right to human review of automated decisions
Lodge Complaint: File a complaint with your local data protection authority

9.3. California Privacy Rights (CCPA)

California residents have additional rights:

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of sale of personal information
Right to non-discrimination for exercising privacy rights

Note: TryPost does not sell personal information.

9.4. How to Exercise Your Rights

To exercise your rights, contact us at:

Email: [email protected]
Account Settings: Use self-service options in your dashboard

We will respond to requests within 30 days (or as required by applicable law).

10. INTERNATIONAL DATA TRANSFERS

10.1. Data Location

TryPost stores data in the European Union. Our infrastructure is hosted by Hetzner, a German cloud provider with data centers in Europe. See Hetzner Privacy Policy and Hetzner DPA.

10.2. Transfer Safeguards

For international transfers outside the EU, we use appropriate safeguards:

Standard Contractual Clauses (SCCs)
Data processing agreements
Compliance with GDPR requirements

10.3. Self-Hosted Option

For users with strict data residency requirements, TryPost is available as self-hosted software, allowing you to keep all data in your chosen location.