PostSprout legal
Privacy Policy
Last updated: June 18, 2026
PostSprout ("PostSprout," "we," "us," or "our") provides software that helps users research, generate, manage, and publish blog content. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our websites, applications, and related services (the "Service").
1. Information We Collect
We collect information you provide directly, including your name, email address, account credentials, blog or business details, brand settings, author personas, prompts, product information, uploaded images, support messages, and other content or configuration you submit to the Service.
We may collect technical and usage information automatically, including IP address, device and browser information, log data, pages viewed, actions taken, timestamps, authentication events, and diagnostic information used to secure and improve the Service.
If you connect third-party services, such as WordPress, Shopify, Supabase, Stripe, or AI service providers, we collect and process the information needed to provide that integration, such as connection settings, API credentials, tokens, publication status, product data, and related metadata.
2. How We Use Information
We use information to operate the Service, authenticate users, generate and manage content, publish to connected services, import products and images, provide customer support, process payments, prevent abuse, monitor reliability, improve features, and comply with legal obligations.
We may use submitted brand, product, article, and prompt information to generate drafts, metadata, images, and other outputs requested by you. We do not sell your personal information.
3. AI Processing
PostSprout uses third-party AI providers to generate and improve content, images, prompts, and related outputs. Information you submit may be sent to those providers only as needed to provide the requested Service functionality. You are responsible for ensuring you have the rights and permissions needed for content, product data, images, and prompts you provide.
4. Third-Party Services and Processors
We use third-party service providers for hosting, authentication, database storage, payments, email, analytics, error monitoring, AI processing, and integrations. These providers process information on our behalf or as required to provide their services.
When you connect a third-party account, your use of that account remains subject to that third party's terms and privacy policy. PostSprout is not responsible for the privacy practices of third-party websites or services.
5. Google OAuth and Google Sheets Data
PostSprout uses Google OAuth so you can connect a Google Sheet and sync content ideas into your PostSprout workspace. PostSprout requests read-only access to Google Drive and Google Sheets so you can browse existing spreadsheets and sync selected sheet values. PostSprout also requests Google Drive file access for sheets created through PostSprout templates.
When you select a Google Sheet, PostSprout accesses the selected sheet's rows and related spreadsheet metadata needed to read and sync those rows. The selected rows are treated as your content ideas, such as topic names, notes, priority, status, or other columns you maintain in the sheet.
PostSprout uses this Google user data only to provide the Google Sheets sync feature: importing, updating, deduplicating, and organizing selected sheet rows as content ideas in PostSprout. If you use those synced ideas to generate or publish blog content, PostSprout uses the ideas as part of the content workflow you request.
PostSprout does not sell Google user data. PostSprout does not share Google user data for advertising, marketing, resale, or unrelated product purposes. Access is limited to what is necessary to provide and secure the user-facing Google Sheets sync feature, comply with law, or protect against abuse.
You can disconnect Google Sheets from PostSprout at any time in your account settings where the integration is managed. You can also revoke PostSprout's access from your Google Account security settings. After disconnecting, PostSprout will stop future Google Sheets syncs unless you reconnect.
PostSprout's use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.
6. Cookies and Similar Technologies
We use cookies, local storage, and similar technologies for authentication, security, preferences, session management, analytics, and product functionality. You can control cookies through your browser settings, but disabling them may prevent parts of the Service from working.
7. How We Share Information
We may share information with service providers, connected integrations you authorize, payment processors, professional advisors, law enforcement or regulators when required by law, and parties involved in a merger, acquisition, financing, or sale of assets. We may also share information with your organization administrators or team members according to your account settings.
8. Data Retention
We retain information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and support backups and audit logs. You may request deletion of your account or certain data by contacting us.
9. Security
We use reasonable administrative, technical, and organizational safeguards designed to protect information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
10. Your Choices and Rights
You may access, update, export, or delete certain information through the Service or by contacting us. Depending on your location, you may have additional rights to request access, correction, deletion, restriction, objection, portability, or withdrawal of consent.
If you are in California, the European Economic Area, the United Kingdom, or another jurisdiction with privacy rights, you may contact us to exercise applicable rights. We will respond as required by applicable law.
11. Children's Privacy
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, contact us and we will take appropriate steps to delete it.
12. International Data Transfers
We may process and store information in the United States and other countries where we or our service providers operate. Those countries may have data protection laws different from the laws where you live.
13. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will update the date above and may provide additional notice through the Service or by email.
14. Contact Us
Questions or requests about this Privacy Policy can be sent to hello@postsprout.app.