Privacy Policy

Effective date: November 27, 2025

This Privacy Policy explains how Pochat (“Pochat”, “we”, “us” or “our”) collects, uses, shares and protects personal data when you use our websites, products and services (collectively, the “Services”).

Pochat is a SaaS platform that helps clients centrally manage their social media accounts (for example Facebook) from a single dashboard. After receiving client authorization through the relevant open platforms, we access page information, post content, comments, private messages and basic performance metrics in order to display them inside our system and provide related features such as viewing data, replying, publishing posts and generating basic operational analytics.

      In short: We use data from your connected pages only to provide the features you choose in your Pochat account.
      We do not use this data for advertising, do not build behavioral profiles for unrelated third parties, and do not sell or
      share it with data brokers.
    

If you have any questions about this Policy or wish to exercise your privacy rights, you can contact us at privacy@pochat.com.

Contents

1. Who we are
2. Scope of this Policy
3. How we collect personal data
4. Types of personal data we process
5. How we use personal data
6. How we process social media page data
7. How we share personal data
8. Your rights and choices
9. Data retention
10. International data transfers
11. Children’s privacy
12. Security
13. Changes to this Policy
14. Contact us

1. Who we are

Pochat provides online tools that allow clients to manage social media operations from one central interface. When we decide why and how your personal data is processed for our own purposes (for example, managing your account or running our website), we act as a data controller.

When our clients use the Services to manage their own customers, followers or subscribers, they generally act as the controller of that data and Pochat acts as their data processor, processing data only on their documented instructions.

2. Scope of this Policy

This Policy applies to personal data we process about:

visitors to our websites,
individuals who create or use a Pochat account,
newsletters subscribers and other prospects who interact with our marketing,
contacts at our suppliers, partners and service providers.

When we process social media data on behalf of our clients, our handling of that data is also governed by our agreements with those clients and applicable data protection laws.

3. How we collect personal data

We collect personal data in several ways:

Data you provide directly. When you create an account, fill out forms, subscribe to communications, contact support or otherwise communicate with us.
Data collected automatically. When you visit our websites or use the Services, we may automatically collect technical information such as IP address, device identifiers, browser type, pages visited and usage patterns, often using cookies and similar technologies.
Data from connected platforms and partners. When you connect social media accounts or use integrated services (for example, payment processors or analytics providers), we may receive limited information from them in line with their privacy policies and applicable law.

4. Types of personal data we process

Depending on how you interact with Pochat, we may process the following categories of personal data:

Account information. Name, email address, encrypted login credentials, organization name, role, language preference and account settings.
Contact and communication data. Any details you choose to share when you contact us, such as your phone number or information contained in support conversations.
Customer content and subscriber data. Data that our clients upload to or collect through Pochat, including identifiers, tags, messages and similar information about their own customers or followers.
Usage and technical data. Log data, IP address, device information, browser type, operating system, referring URLs, pages viewed, features used and timestamps.
Billing and payment data. Billing contact details, organization details, tax information and limited payment information (with full card data typically handled directly by payment processors).
Marketing and preference data. Subscription status for our newsletters and updates, and basic engagement statistics (such as email opens and clicks).

We do not intentionally collect sensitive categories of personal data (for example, health, religion or political opinions) via the Services. Please avoid sharing such data unless it is strictly necessary and legally permitted.

5. How we use personal data

We process personal data for the purposes and on the legal bases permitted by applicable data protection laws, including:

To provide and operate the Services. Creating and managing accounts, delivering features, processing content and data, and providing technical and customer support.
To communicate with you. Sending service-related notifications (such as security alerts, technical updates and billing messages) and responding to your enquiries.
To improve our Services. Analyzing how the Services are used, fixing bugs, testing new features and improving performance and usability. When possible, we use aggregated or de-identified data.
To send marketing communications. With your consent where required, we may send newsletters, product news and special offers. You can opt out at any time using the link in our emails.
To ensure security and prevent abuse. Detecting, investigating and preventing fraud, abuse, security incidents and other harmful activities.
To comply with legal obligations. Processing data where necessary to comply with laws, regulations, legal proceedings and to enforce our agreements and protect our legitimate interests.

When you connect a social media account (for example, a Facebook Page) to Pochat, you authorize us – through that platform’s official mechanisms – to access certain categories of data so that we can show it in your dashboard and support the actions you take from within Pochat.

Subject to the precise permissions you grant, this may include:

basic page information (such as page name and ID),
page posts and related engagement (comments, reactions, basic insights),
private or direct messages with your page,
basic performance metrics and similar information exposed by the platform.

Pochat uses this data solely to:

display page information and content in your Pochat dashboard,
allow you and your team to view, reply to and manage comments and private messages,
enable you to create and publish posts via Pochat,
generate basic operational and performance analytics for your own use.

Pochat does not:

use this data for advertising on behalf of third parties,
build independent profiles about individuals for unrelated purposes,
sell or rent this data to data brokers or advertisers.

If you revoke Pochat’s authorization in the underlying social platform or disconnect an account from within Pochat, we stop retrieving new data from that account. At your request, we will delete or anonymize related data stored in our systems, except where we are required to retain certain records for legal, security or accounting reasons.

We do not sell personal data. We may share personal data only in the following limited situations:

Service providers. With trusted third parties who help us operate the Services (for example, hosting providers, analytics tools, customer support platforms and payment processors). They may access personal data only to perform their functions and must protect it appropriately.
Integrated platforms. When you connect Pochat to social networks or other tools, we may share data with those platforms as required to provide the integration, in line with your settings and their policies.
Professional advisors. With legal, financial, tax or security advisors where reasonably necessary to protect our legitimate interests.
Business transfers. If we are involved in a merger, acquisition, restructuring or sale of assets, personal data may be transferred as part of the transaction under suitable safeguards.
Legal and safety reasons. When we believe in good faith that disclosure is reasonably necessary to comply with a law, regulation, legal process or governmental request, or to protect the rights, property or safety of Pochat, our users or others.

We may also share aggregated or de-identified information that does not reasonably identify any individual.

8. Your rights and choices

Depending on where you live and applicable law, you may have some or all of the following rights regarding your personal data:

to request access to personal data we hold about you,
to request correction of inaccurate or incomplete data,
to request deletion of your personal data in certain circumstances,
to object to or request restriction of specific processing activities,
to withdraw consent where processing is based on your consent,
to request data portability, where applicable.

You can exercise some of these rights directly via your Pochat account (for example, by updating your profile or closing your account). You can also submit a request by emailing privacy@pochat.com. We may ask you to verify your identity before fulfilling certain requests.

When we process data on behalf of a client (for example, your data as a follower of their page), we may refer you to contact that client directly, as they are responsible for handling data subject requests for that data.

9. Data retention

We retain personal data only for as long as necessary to achieve the purposes described in this Policy, unless a longer retention period is required or permitted by law (for example, for tax, accounting or legal obligations).

When your account is closed or becomes inactive, we will delete or anonymize your personal data within a reasonable period, unless we need to retain certain information for legitimate business or legal reasons.

10. International data transfers

Pochat may store and process personal data in countries other than your own. These countries may have different data protection laws. Where required, we implement appropriate safeguards for international transfers, such as standard contractual clauses or equivalent mechanisms, to ensure an adequate level of protection.

11. Children’s privacy

Our Services are not directed to children under 16, and we do not knowingly collect personal data from children under 16. If we become aware that we have collected such data, we will take steps to delete it as soon as reasonably possible.

12. Security

We use reasonable technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. However, no method of transmission or storage is completely secure, so we cannot guarantee absolute security.

13. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies or legal requirements. When we make material changes, we will update the “Effective date” at the top of this page and, where appropriate, provide additional notice (for example by email or within the Services).

14. Contact us

If you have any questions, concerns or requests regarding this Privacy Policy or our privacy practices, you can contact us at:

Email: privacy@pochat.com
Subject line: “Privacy Request – Pochat”