KeepPostdKeepPostd

Privacy Policy

Last updated: January 2026

KeepPostd ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data when you use our service.

We comply with the General Data Protection Regulation (GDPR) and applicable Italian data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

KeepPostd
Italy
Email: support@keeppostd.com

2. Data We Collect

Information You Provide

  • Account information: name, email address, password
  • Billing information: payment details processed via Stripe (we do not store full card numbers)
  • Profile information: company name, profile picture, preferences
  • Project content: client hubs, projects, updates, attachments you create
  • Communications: messages you send to us

Information Collected Automatically

  • Usage data: pages visited, features used, actions taken
  • Device information: browser type, operating system, IP address
  • Log data: access times, referring URLs, error logs

Information from Third Parties

  • Payment processor (Stripe): transaction confirmations, billing status
  • Analytics (Google Analytics): aggregated usage statistics

3. How We Use Your Data

We use your personal data to:

  • Provide the service: create accounts, manage projects, deliver features
  • Process payments: handle subscriptions and billing via Stripe
  • Send communications: transactional emails, updates, support responses
  • Send marketing emails: newsletters and product updates via Brevo (with your consent)
  • Improve the service: analyze usage, fix bugs, develop new features
  • Ensure security: prevent fraud, detect abuse, protect users
  • Comply with legal obligations: respond to legal requests, enforce Terms

4. Legal Basis for Processing (GDPR)

We process your data based on:

  • Contract performance: to provide the service you signed up for
  • Legitimate interests: to improve and secure our service
  • Consent: for marketing communications (you can withdraw anytime)
  • Legal obligation: to comply with applicable laws

5. Data Sharing

We share your data only with:

Service Providers

  • Stripe: payment processing (USA, EU data processing)
  • Google Analytics: usage analytics (anonymized)
  • Brevo: email marketing and transactional emails (EU)
  • OpenAI: AI features for content assistance (data minimized, not used for training)

Legal Requirements

We may disclose data if required by law, court order, or to protect our rights and safety.

Business Transfers

In case of merger, acquisition, or sale, your data may be transferred to the new entity.

We do NOT sell your personal data to third parties.

6. Data Retention

We retain your data for:

  • Account data: as long as your account is active, plus 30 days after deletion
  • Billing data: as required by tax and accounting laws (typically 10 years)
  • Usage logs: up to 24 months
  • Marketing data: until you unsubscribe

You can request data deletion at any time (see Your Rights below).

7. Data Security

We implement appropriate security measures including:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Access controls and authentication
  • Regular security assessments
  • Secure data centers in the European Union

While we strive to protect your data, no system is 100% secure. Use strong passwords and keep your credentials safe.

8. Cookies

We use only essential cookies necessary for the service to function:

  • Session cookies: to keep you logged in
  • Security cookies: to prevent fraud and protect your account
  • Preference cookies: to remember your settings

We do NOT use advertising or tracking cookies.

Google Analytics uses cookies for aggregated statistics. You can opt out using Google's browser plugin.

9. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate data
  • Erasure: request deletion of your data ("right to be forgotten")
  • Restriction: limit how we process your data
  • Portability: receive your data in a structured format
  • Objection: object to certain processing activities
  • Withdraw consent: for marketing communications at any time

To exercise your rights, contact us at support@keeppostd.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali).

10. International Transfers

Your data is stored and processed in the European Union.

Some of our service providers (Stripe, Google, OpenAI) may process data in the USA. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

11. Children's Privacy

KeepPostd is not intended for users under 18 years old. We do not knowingly collect data from minors. If you believe a minor has provided us data, contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the service. The "Last updated" date at the top indicates the latest revision.

13. Contact Us

For questions, concerns, or to exercise your rights:

Email: support@keeppostd.com

Questions about this policy?

Contact us at support@keeppostd.com

Related: Terms of Service