PostFuse

Privacy policy

How PostFuse handles your data

Last updated: May 2, 2026

PostFuse (“PostFuse”, “we”, “us”) is a B2B SaaS at postfuse.ai. This policy explains what data we collect when you use PostFuse, how we use it, who we share it with, how long we keep it, and how you can exercise your rights over it.

1. What we collect

  • Account data: name, email address, phone number, country, and company name you provide at signup.
  • LinkedIn authentication data: when you connect your LinkedIn account, we receive your member URN (a unique LinkedIn identifier) and an OAuth access token. We do not retain a copy of your full LinkedIn profile.
  • LinkedIn Lead Gen Form data: when you connect a LinkedIn ad account, PostFuse retrieves Lead Gen Form submissions on your behalf via the LinkedIn Lead Sync API. This includes the lead's name, email address, company, headline, and any other fields you configured on the form, along with the source ad and campaign. PostFuse acts as a data processor for these records on behalf of you, the LinkedIn ad account holder.
  • Campaign and topic data: the keywords, hashtags, target authors, and engagement preferences you configure, plus the publicly visible LinkedIn posts our discovery pipeline surfaces for you.
  • Engagement activity: AI-generated comment drafts, your edits, and a record of comments you approve and post.
  • Billing data: the subscription tier, billing email, and Stripe customer ID. Card details are handled directly by Stripe and are never stored on PostFuse servers.
  • Operational telemetry: basic usage logs (request paths, timestamps, IP addresses) retained for security monitoring and debugging.

2. How we use it

  • To run the product (find posts, draft engagement, sync leads, post comments you authorize).
  • To bill you and manage your subscription.
  • To send you transactional emails (sign-in codes, billing receipts, account notices).
  • To debug, secure, and improve the product.
  • To respond to your support requests and rights requests.

We do not sell your data. We do not share your data with advertising or marketing third parties. We do not use your LinkedIn lead data to train any AI model.

3. Data retention

  • Account data: retained while your account is active and for 30 days after you delete it (for backup rotation), then permanently deleted.
  • LinkedIn auth tokens: retained until you disconnect LinkedIn or delete your account; revoked immediately on disconnect.
  • LinkedIn Lead Gen Form data: retained for the life of your subscription. Deleted within 30 days of you disconnecting the ad account, deleting the lead, or terminating your subscription. Subject to LinkedIn's own retention policies which take precedence.
  • Campaign / topic / engagement records: retained while your account is active.
  • Operational logs: retained 90 days, then auto-purged.
  • Billing records: retained for 7 years to comply with tax and accounting obligations.

4. Data security

Data is encrypted in transit (TLS 1.2+) and at rest (managed encryption by our hosting providers). Each customer's data is isolated at the database level using PostgreSQL row-level security. Access to production systems is restricted to authorized personnel using multi-factor authentication.

5. Your rights

Depending on where you live (e.g. under GDPR or CCPA), you have the right to:

  • Access a copy of the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data (subject to legal retention obligations like billing records).
  • Receive an export of your data in a portable format.
  • Object to or restrict certain processing.
  • Withdraw consent (e.g. by disconnecting LinkedIn at any time from your dashboard).

To exercise any of these, email hello@postfuse.ai. We will respond within 30 days.

6. International transfers

Our infrastructure is hosted primarily in the United States. If you access PostFuse from outside the US, your data will be transferred to and processed in the US. Where required by law, we rely on Standard Contractual Clauses or equivalent safeguards with our sub-processors for such transfers.

7. Children's privacy

PostFuse is a B2B product not intended for individuals under 18. We do not knowingly collect data from minors.

8. Changes to this policy

We'll update the “last updated” date above whenever we make changes. For material changes that affect how we use your personal data, we'll email you in advance.

9. Contact

Privacy questions, data requests, or anything else: hello@postfuse.ai.

Terms of serviceContactHome