Privacy Policy

NoimaFlow is a social media operations platform operated by RECHYNY CORP S.R.L.. The platform helps agencies create, review, schedule, and publish social media posts for their clients.

For privacy questions, contact us at contact@simplysocial.ro.

We collect account information such as name, email address, password hash, workspace membership, and role.

We collect workspace and client information entered by users, including business names, websites, brand profiles, content preferences, generated post drafts, schedules, review actions, and publishing status.

When a user connects Meta accounts, we collect the Facebook Page ID, Page name, available Page tasks, Instagram Business account ID where available, and access tokens needed to publish approved posts.

We use information to provide authentication, workspace access, client management, website analysis, AI-assisted content generation, review workflows, scheduling, and publishing.

Meta account data is used only to display selectable Facebook Pages and Instagram Business accounts, store the selected connection for a client, and publish content that an authorized user approves or publishes from the platform.

Website text, brand memory, post history, and user-provided prompts may be sent to AI providers such as OpenAI or Google Gemini to generate structured summaries, captions, image prompts, and images. We use service-provider integrations to operate the product and do not sell this information.

If you connect Facebook or Instagram through Meta, NoimaFlow requests permissions required to list Pages, identify linked Instagram Business accounts, and publish approved single-image posts.

We do not use Meta data for advertising profiling. We do not sell Meta data. We do not publish unless a post is approved, scheduled, or manually published by an authorized workspace user.

We may process information through infrastructure and service providers that help operate the platform, including hosting, database, storage, AI generation, website scraping, and publishing APIs. These providers process data on our behalf for product functionality.

We use workspace isolation, server-side validation, access-controlled routes, HTTPS hosting, and encrypted storage for provider tokens. No online service can guarantee perfect security, but we use reasonable technical and organizational safeguards.

We retain account, workspace, client, post, and publishing records while the workspace is active or as needed to provide the service, comply with legal obligations, resolve disputes, and maintain audit history. Connected social account tokens are deleted when the account connection is removed or when deletion is requested and verified.

Depending on your location, you may request access, correction, deletion, restriction, portability, or objection to processing. Contact contact@simplysocial.ro with your request. We may need to verify your identity and workspace authority before acting.

You can request deletion of account, workspace, client, or Meta connection data by following our Data Deletion Instructions at /data-deletion.

We may update this Privacy Policy as the product evolves. The updated version will be posted on this page with a new last updated date.