Privacy Policy

ZippityOne is a social-media content portal operated by Peter Luke Digital (“ZippityOne”, “we”, “us”, “our”). This Privacy Policy explains what information we collect when you use ZippityOne, how we use it, who we share it with, and the choices you have. It applies to our website and the ZippityOne portal.

We collect only what we need to provide the service:

• Account information — your name, email address, password (stored as a one-way hash by our auth provider), and basic profile details associated with your portal.
• Brand and content data — the brand assets, references, prompts, and finished content packs prepared for you, along with any notes or approvals you submit through the portal.
• Connected social accounts — when you choose to link a social media account (for example Instagram, Facebook, TikTok, or Google Business Profile), we receive an access token from that platform along with basic profile information (such as account name, ID, and avatar) so we can show your connection status and, with your approval, publish content you have reviewed. We do not receive or store your social media password.
• Usage and device information — basic technical logs such as IP address, browser type, pages visited, and error events, used to keep the service working, secure, and improving over time.
• Communications — if you email or message us, we keep that correspondence so we can respond and follow up.

• To deliver your content portal and the posts prepared for you.
• To connect your chosen social accounts and publish content that you have reviewed and approved.
• To respond to your requests and provide support.
• To send transactional emails (account, content-ready, security notices).
• To keep ZippityOne secure, prevent abuse, and meet our legal obligations.

We never post anything to a connected account without your approval, and we do not sell your personal information or use it for third-party advertising.

ZippityOne is built on top of a small number of well-known service providers. Each of them processes data only on our instructions and only to provide their part of the service. The main ones are:

• Supabase — authentication, database, and file storage for your portal data.
• Vercel — hosting and content delivery for the ZippityOne web app.
• Cloudflare — edge networking and storage for generated images and video clips.
• OpenAI — generation of images and caption text from prompts that describe your brand and post topic.
• fal.ai — generation of short AI video clips from approved images.
• Resend — sending transactional emails (for example “your content is ready” notifications).
• Meta (Facebook / Instagram), TikTok, Google, and other social platforms — only if you choose to connect one of those accounts, and only to read your basic profile and publish content you have approved.

AI prompts and reference content you submit may be sent to the AI providers above to generate your post packs. We do not send your personal account credentials or your connected-account access tokens to AI providers.

Access tokens for your connected social accounts are stored on our servers, scoped to your account, and are never exposed in your browser or shared with other clients. You can disconnect any account at any time from your ZippityOne dashboard, which removes our ability to access that account going forward. We follow each platform’s API rules (for example Meta’s Platform Terms) for handling tokens and user data.

ZippityOne uses a small number of cookies and similar browser storage strictly to operate the service:

• Authentication — to keep you signed in and to remember your session between visits.
• Security — to protect against cross-site request forgery and other common attacks.
• Preferences — to remember small UI choices (for example which view you last used).

We do not use third-party advertising cookies. You can clear cookies and local storage at any time from your browser settings; doing so will sign you out and reset your portal preferences.

Your data is processed by us and by the providers listed above, primarily in the United States and in regions chosen by those providers. By using ZippityOne you understand that your data may be transferred to, stored, and processed in countries other than the one in which you live.

We keep your account and portal data for as long as your account is active so that we can provide the service. If you close your account or disconnect a social account, we delete the related connection data within a reasonable period (typically within 30 days), except where we are required to keep certain records for legal, accounting, or security reasons. Server backups containing your data are rotated and expire on a normal schedule.

• Disconnect any linked social account at any time from your dashboard.
• Request a copy of the personal information we hold about you, ask us to correct inaccurate information, or ask us to delete it.
• Object to or restrict certain processing of your information, where applicable law gives you that right (for example, residents of the EU/UK under GDPR or California under CCPA).

To exercise any of these rights, email peterluke101@gmail.com. We may need to verify your identity before responding.

ZippityOne is intended for businesses and adults. It is not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can remove it.

We use industry-standard safeguards (encrypted connections, scoped access tokens, role-based access, and reputable infrastructure providers) to protect your information. No online service can be guaranteed perfectly secure, but we work hard to limit risk and will notify affected users without undue delay if we become aware of a security incident that materially affects them.

We may update this policy from time to time. When we do, we will revise the “Last updated” date above and, where the changes are material, take reasonable steps to notify you.

For any privacy questions, requests, or complaints, contact Peter Luke Digital at peterluke101@gmail.com.

This Privacy Policy is provided for general informational purposes only and does not constitute legal advice. ZippityOne is operated by a small business, not a law firm. You should have this policy reviewed by qualified legal counsel before relying on it for your own business or jurisdiction, especially if you are subject to GDPR, CCPA, HIPAA, or other sector-specific regulations.