Legal

Privacy Policy

Last updated: January 2026

1. Introduction

Welcome to OneSimple. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our social media management platform.

By using OneSimple, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect several types of information for various purposes:

  • Account Information: Name, email address, and password when you create an account.
  • Social Media Data: When you connect your social media accounts, we access data necessary to provide our services, including posts, analytics, and messages.
  • Usage Data: Information about how you use our platform, including features accessed and actions taken.
  • Device Information: Browser type, operating system, and device identifiers.

3. Facebook and Instagram Data

When you connect your Facebook or Instagram account to OneSimple, we may access the following data through Meta's APIs:

  • Profile Information: Your public profile data including name, profile picture, and account ID.
  • Page Information: For Facebook Pages you manage, we access page name, ID, and profile picture.
  • Posts and Content: We access your posts and content to display them in our dashboard and enable scheduling features.
  • Messages: With your permission, we access page messages to provide unified inbox functionality.
  • Analytics: Engagement metrics including likes, comments, shares, and reach statistics.

We only request the minimum permissions necessary to provide our services. Your access tokens are encrypted and stored securely. We never post to your accounts without your explicit action.

4. How We Use Your Information

We use the collected data for the following purposes:

  • To provide and maintain our service
  • To publish and schedule content to your connected social media accounts
  • To display messages and notifications in your unified inbox
  • To provide analytics and insights about your social media performance
  • To notify you about changes to our service
  • To provide customer support
  • To gather analysis to improve our service
  • To detect, prevent, and address technical issues

5. Data Retention

We retain your data only for as long as necessary to provide our services:

  • Account Data: Retained while your account is active and for 30 days after deletion request.
  • Social Media Tokens: Deleted immediately when you disconnect an account or delete your OneSimple account.
  • Scheduled Posts: Retained until published or deleted by you.
  • Analytics Data: Retained for up to 2 years for historical reporting, then anonymized or deleted.
  • Message Data: Synced in real-time and not permanently stored; cleared when you disconnect the account.

6. Data Sharing and Third Parties

We do not sell your personal data. We may share your information only in the following circumstances:

  • Service Providers: We use trusted third-party services for hosting (Vercel), database (Supabase), and authentication. These providers are contractually obligated to protect your data.
  • Social Media Platforms: To provide our services, we send your content to platforms like Facebook, Instagram, Twitter, and LinkedIn through their official APIs.
  • Legal Requirements: We may disclose your data if required by law or to protect our rights.

We do not use your data for third-party advertising or sell it to data brokers.

7. Data Security

The security of your data is important to us. We implement industry-standard security measures including:

  • End-to-end encryption for data in transit (TLS 1.3)
  • Encryption at rest for stored data (AES-256)
  • Secure storage of OAuth tokens with encryption
  • Regular security audits and vulnerability assessments
  • Two-factor authentication support
  • Role-based access control for team features

8. Cookies and Tracking

We use cookies and similar technologies for the following purposes:

  • Essential Cookies: Required for authentication, security, and basic functionality. These cannot be disabled.
  • Preference Cookies: Remember your settings like theme preference and language.
  • Analytics Cookies: Help us understand how you use our service to improve it. You can opt out of these.

We do not use third-party advertising cookies or tracking pixels. We do not sell data collected through cookies.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with all service providers
  • Compliance with applicable data protection laws

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under GDPR as described below.

10. Your Data Rights

You have the following rights regarding your personal data:

  • Access: Request copies of your personal data.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your personal data.
  • Portability: Request transfer of your data to another service.
  • Objection: Object to processing of your personal data.
  • Restriction: Request restriction of processing in certain circumstances.

To exercise any of these rights, please visit our Data Deletion page or contact us at privacy@onesimple.com.

11. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the personal data we collect, use, and disclose.
  • Right to Delete: You can request deletion of your personal data, subject to certain exceptions.
  • Right to Opt-Out: You can opt out of the sale of your personal data. Note: We do not sell personal data.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise your CCPA rights, contact us at privacy@onesimple.com or visit our Data Deletion page.

12. Children's Privacy

OneSimple is not intended for use by children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately at privacy@onesimple.com and we will delete the information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically. Continued use of our service after changes constitutes acceptance of the updated policy.

14. Data Deletion

You can request deletion of your personal data at any time. For detailed information about what data is deleted and how to make a request, please visit our User Data Deletion page.

15. Contact Us

If you have any questions about this Privacy Policy, please contact us: