Karoliz logoKaroliz

    Privacy Policy

    Last updated: February 14, 2026

    1. Introduction

    Karoliz ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our social media management platform and related services.

    2. Information We Collect

    Account Information

    When you create an account, we collect your name, email address, and password. If you join a workspace via invitation, we also associate your account with that workspace.

    Social Media Account Data

    When you connect social media accounts (LinkedIn, Facebook, Instagram, Threads, TikTok, X/Twitter), we receive and store OAuth tokens and basic profile information (display name, account ID). We use these tokens solely to perform actions you authorize, such as publishing posts and retrieving analytics.

    Content & Usage Data

    We store content you create within the platform (briefs, posts, media, designs), scheduling data, approval workflows, and analytics. We also collect standard usage data such as pages visited, features used, and browser/device information.

    3. How We Use Your Information

    • Provide, maintain, and improve our services
    • Publish and schedule content to your connected social media accounts
    • Generate analytics and performance insights
    • Send transactional emails (invitations, approvals, notifications)
    • Ensure platform security and prevent abuse
    • Comply with legal obligations

    4. Data Sharing

    We do not sell your personal data. We share information only in these cases:

    • Social media platforms: Content you publish is sent to the platforms you have connected.
    • Service providers: We use third-party services for hosting, email delivery, payment processing, and AI features. These providers access data only as needed to perform their services.
    • Legal requirements: We may disclose information when required by law or to protect our rights.
    • Workspace members: Content and activity within a workspace is visible to other members based on their role and permissions.

    5. Data Security

    We implement industry-standard security measures including encrypted data storage, secure OAuth token handling, HTTPS-only communication, and role-based access controls. Social media tokens are encrypted at rest using AES-256 encryption.

    6. Data Retention

    We retain your data for as long as your account is active. When you delete your account or disconnect a social media integration, we remove the associated tokens and data within 30 days. Aggregated, anonymized analytics may be retained indefinitely.

    7. Your Rights

    Depending on your jurisdiction, you may have the right to:

    • Access and export your personal data
    • Correct inaccurate information
    • Delete your account and associated data
    • Disconnect social media integrations at any time
    • Object to or restrict certain processing activities

    8. Cookies

    We use essential cookies to maintain your session and authentication state. We do not use third-party tracking cookies. You can manage cookie preferences through your browser settings.

    9. Changes to This Policy

    We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

    10. Contact Us

    If you have questions about this Privacy Policy or your data, please contact us at privacy@karoliz.com.