Legal
Privacy Policy
Last updated: 10 May 2026
1. Information we collect
When you create an account, we collect your email address and a hashed password. When you connect social accounts (Instagram, TikTok), we store OAuth access tokens, encrypted at rest, solely to publish on your behalf. When you upload a video, the file is stored in our cloud storage and linked to your account.
2. How we use your information
We use your information exclusively to operate CrossPostHub: authenticating you, publishing posts to the platforms you have connected, and showing you the status of those posts. We do not sell, rent, or share your personal data with third parties for advertising purposes.
3. Data storage and security
All data is stored on servers located in the EU / US (depending on your region). Social access tokens are encrypted using AES-256 before being written to the database. Passwords are hashed with bcrypt and never stored in plain text. We use HTTPS for all data in transit.
4. Third-party services
CrossPostHub integrates with Instagram (Meta) and TikTok to publish your content. Your use of those platforms is governed by their respective terms and privacy policies. We also use Cloudflare R2 for video storage, which has its own privacy practices.
5. Your rights
You may request access to, correction of, or deletion of your personal data at any time by contacting us. Deleting your account removes all associated data from our systems within 30 days.
6. Changes to this policy
We may update this policy from time to time. When we do, we will update the date at the top of this page. Continued use of CrossPostHub after changes are posted constitutes your acceptance of the updated policy.
7. Contact
For any privacy-related questions, email privacy@crossposthub.com.