Privacy Policy

Last updated: May 19, 2026 · Effective immediately

This Privacy Policy describes how the Sojourner7 Creator Dashboard ("the Application") handles data. The Application is a creator productivity tool operated by Richard Brown ("Operator") that enables connected users to schedule, publish, and analyze short-form content across the social platforms to which they have authenticated via OAuth.

1. Information We Collect

The Application stores the following information, supplied by or generated for the connected user:

• OAuth tokens — access and refresh tokens issued by Instagram (Meta), Facebook (Meta), TikTok, YouTube (Google), and Shopify, tied to the connected user's accounts on those platforms.
• Account metadata — username, account ID, profile picture, follower counts, and similar public profile information returned by each platform's API.
• Aggregate analytics — view counts, impressions, reach, saves, engagement, watch time, and similar metrics for the connected user's published content.
• Post drafts and publishing logs — content authored within the Application's composer, including captions, scheduled times, and the resulting platform post IDs.
• Product catalog data — pulled from a connected Shopify store to enrich auto-generated post drafts.
• Audit logs — timestamped records of API calls made by the Application, used for debugging and rate-limit observability.

What we do not collect

The Application does not collect follower-level personal data, DMs, comments, or audience demographics. Scopes such as instagram_manage_comments, instagram_manage_messages, TikTok Business / Content Posting / Research products, and any advertising-related scopes are deliberately not requested.

2. How We Use the Information

All collected information is used solely to operate the Application's analytics, scheduling, and publishing workflows for the connected user's accounts. No information is sold, shared with advertisers, or processed for any third-party purpose.

3. Where the Information Is Stored

Data is stored in a Postgres database on hardware controlled by the Operator. OAuth tokens are encrypted at rest using AES-256-GCM with per-row initialization vectors and authentication tags. The master encryption key (SOJOURNER_TOKEN_KEY) is held in the host's secret store, never committed to source control, and rotated quarterly. The Application's public surface is reachable only over HTTPS, terminated at Cloudflare with TLS 1.2+.

4. Third-Party Sharing

Data is transmitted only to the platforms to which it pertains: posts and media are sent to Instagram, Facebook, TikTok, YouTube, or Shopify as part of fulfilling the Operator's publishing requests. The Application uses no third-party analytics services, advertising networks, error-reporting services, customer-data platforms, or other data processors.

5. Data Retention

• Raw API payloads — 180 days, then automatically purged by a nightly cron job (table social_metrics_raw).
• Aggregate metrics — retained indefinitely for trend analysis (table social_metrics).
• Audit logs — 30 days, then automatically purged.
• OAuth tokens — stored for the lifetime of the connection; deleted immediately when the user disconnects a platform via the Settings → Integrations page.
• Post drafts — retained until manually deleted by the user.

6. Your Rights and Data Deletion

Connected users may request deletion of any data associated with their connected accounts at any time. To do so:

• A connected user can call POST /api/account/delete from within the Application. This revokes long-lived tokens via the relevant platform's API, deletes the corresponding row from oauth_tokens, and truncates social_metrics* rows scoped to that account. Confirmed by HTTP 204 + audit log entry.
• For external requests (e.g., a platform reviewer requesting deletion of test-user data), follow the procedure on the Data Deletion page.

7. Security Incident Response

If the Operator suspects a token leak or other security incident, the response playbook is:

1. Rotate SOJOURNER_TOKEN_KEY — invalidates all stored ciphertext.
2. Force long-lived token re-exchange against each connected platform.
3. Invalidate prior page tokens via DELETE /me/permissions on the Graph API.
4. Audit the publish log for any unauthorized posts and roll them back.

8. Children's Privacy

The Application is not directed to or used by children under 13. No data from children is collected.

9. Changes to This Policy

This Policy may be updated from time to time. The current version is always available at https://legal.s0j0urner7.com/privacy. Material changes will be noted in the "Last updated" line at the top.

10. Contact

Questions about this Policy may be directed to: [email protected]