Legal

Privacy Policy

Effective date: May 8, 2026

Paymetopost ("Company", "we", "our", or "us") operates paymetopost.com and app.paymetopost.com (collectively, the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit or use the Platform. Please read it carefully. By using the Platform you agree to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide Directly

  • Account information: name, email address, password (hashed), and profile details you provide when registering.
  • Payout information: bank account details, PayPal address, or other payment identifiers necessary to process your earnings.
  • Communications: messages you send us via support tickets, email, or live chat.
  • Tax information: where required by law (e.g., W-9 or equivalent forms for US-based Creators).

1.2 Information We Collect from TikTok

When you connect your TikTok account to the Platform via the TikTok for Developers Login Kit and Content Posting API, we request the following data with your explicit consent:

  • Public profile information: TikTok username, display name, profile picture URL, and account bio.
  • Post/video metrics: like count, view count, comment count, and share count for content you have submitted as part of a task.
  • Account metrics: follower count and following count, used to assess creator eligibility and rank.
  • Access and refresh tokens: stored securely and used exclusively to query the TikTok API on your behalf. Tokens are refreshed automatically and are revocable at any time from your TikTok account settings.

We do not access your TikTok inbox, contacts, payment data, or any data beyond the scopes listed above.

1.3 Information We Collect from Instagram / Meta

When you connect your Instagram account to the Platform via the Instagram Basic Display API or Instagram Graph API, we request the following data with your explicit consent:

  • Public profile information: Instagram username, display name, and profile picture URL.
  • Media and metrics: like count, comment count, impressions, and reach for media you have submitted as part of a task.
  • Account metrics: follower count, used to assess creator eligibility and rank.
  • Access tokens: stored securely, used solely to retrieve post performance data, and revocable at any time from your Instagram/Meta account settings.

We do not access your Instagram direct messages, Stories (beyond what is explicitly submitted), or any other data beyond the approved scopes.

1.4 Automatically Collected Information

  • Log data: IP address, browser type, operating system, pages visited, referring URL, and timestamps.
  • Device information: device type, screen resolution, and general geographic region (country/city level).
  • Cookies and similar technologies: session cookies for authentication, preference cookies to remember your settings, and analytics cookies to understand Platform usage (see Section 8).

2. How We Use Your Information

We use the information we collect to:

  • Create and manage your account and provide the Platform's core services.
  • Verify post submissions and calculate earnings based on authenticated engagement metrics from TikTok and Instagram.
  • Process payouts and maintain financial records as required by law.
  • Assess creator rank, eligibility, and compliance with platform standards.
  • Send transactional communications (e.g., payout confirmations, task updates, account alerts).
  • Send marketing communications where you have given consent or where permitted by law. You may opt out at any time.
  • Detect and prevent fraud, abuse, and violations of our Terms of Service.
  • Comply with legal obligations, resolve disputes, and enforce our agreements.
  • Improve and develop the Platform through aggregate, anonymised analytics.

3. Legal Basis for Processing (EEA / UK Users)

If you are located in the European Economic Area or the United Kingdom, our legal basis for processing your personal data includes:

  • Contract performance: processing necessary to fulfil our obligations to you (e.g., account management, payouts).
  • Consent: where you have given explicit consent (e.g., linking your social media accounts, receiving marketing emails).
  • Legitimate interests: fraud prevention, platform security, and service improvement, where these do not override your rights.
  • Legal obligation: where processing is required to comply with applicable law (e.g., tax reporting).

4. How We Share Your Information

We do not sell your personal information. We may share it in the following limited circumstances:

  • Service providers: trusted third-party vendors who process data on our behalf (e.g., cloud hosting, payment processors, email delivery). These providers are contractually bound to protect your data and use it only as directed by us.
  • Brands / advertisers: aggregate and anonymised campaign performance data may be shared with the Brand that funded a task (e.g., total likes generated). We do not share your name, contact details, or individual account information with Brands without your consent.
  • Legal requirements: when required by law, court order, or governmental authority, or to protect the rights, property, or safety of Paymetopost, our users, or the public.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

5. Third-Party Social Media Platforms

The Platform integrates with TikTok (ByteDance Ltd) and Instagram (Meta Platforms, Inc.). When you connect these accounts:

  • Your data is also subject to those platforms' privacy policies: TikTok Privacy Policy and Instagram Privacy Policy.
  • We request only the minimum scopes necessary to operate the Platform and verify post performance.
  • You can disconnect your TikTok or Instagram account at any time from your Platform settings or directly from within the social media platform's app/website. Disconnecting will stop all future data retrieval from that account.
  • We delete stored access tokens within 30 days of account disconnection or account termination.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Platform's services. Specifically:

  • Account data is retained for the duration of your account, plus up to 3 years after account closure for legal and audit purposes.
  • Financial and payout records are retained for 7 years as required by applicable tax and financial regulations.
  • Social media access tokens are deleted within 30 days of disconnection or account termination.
  • Server logs are retained for up to 90 days for security and debugging purposes.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: request a copy of the personal information we hold about you.
  • Correction: request correction of inaccurate or incomplete information.
  • Deletion: request deletion of your personal information, subject to legal retention obligations.
  • Portability: receive your data in a structured, machine-readable format.
  • Objection / Restriction: object to or request restriction of processing in certain circumstances.
  • Withdraw consent: where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
  • Opt out of marketing: use the unsubscribe link in any marketing email or contact us directly.

To exercise any of these rights, please contact us at hello@paymetopost.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

8. Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential cookies: required for the Platform to function (e.g., authentication sessions). These cannot be disabled.
  • Preference cookies: remember your settings and preferences to improve your experience.
  • Analytics cookies: help us understand how visitors interact with the Platform (e.g., pages visited, time on page). We use privacy-first analytics that do not fingerprint individual users across sites.

You can manage cookie preferences through your browser settings. Disabling essential cookies may affect Platform functionality.

9. Data Security

We implement industry-standard security measures to protect your personal information, including:

  • Encryption in transit (TLS 1.2+) and at rest for sensitive data.
  • Hashed and salted storage of passwords — we never store plaintext passwords.
  • Encrypted storage of social media access tokens with strict access controls.
  • Regular security reviews and vulnerability assessments.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. In the event of a data breach that affects your rights and freedoms, we will notify you and relevant authorities as required by law.

10. International Data Transfers

Paymetopost operates primarily from the United States. If you are accessing the Platform from outside the US, your information may be transferred to and processed in the US or other countries that may not have the same data protection laws as your jurisdiction. Where required, we implement appropriate safeguards (such as Standard Contractual Clauses) to protect cross-border data transfers.

11. Children's Privacy

The Platform is not directed to children under 18. We do not knowingly collect personal information from anyone under 18. If you believe a child has provided us with personal information, please contact us immediately at hello@paymetopost.com and we will take steps to delete such information.

12. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to know what personal information we collect, disclose, and sell (we do not sell personal information). You may also request deletion of your personal information and opt out of sharing for cross-context behavioural advertising. To submit a verifiable consumer request, contact us at hello@paymetopost.com.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective date" at the top of this page. For material changes, we will provide a more prominent notice (such as an in-app notification or email). Your continued use of the Platform after the revised policy takes effect constitutes your acceptance of the changes.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: