Privacy Policy

Last updated: February 2026

1. Who we are

VoxBurst is a social media management platform operated by FORTHEAN LABS LLC ("we", "us", "our"). This Privacy Policy describes how we collect, use, and protect information when you use VoxBurst at voxburst.io (the "Service").

2. Information we collect

Account information

When you create an account, we collect your name, email address, and a hashed password. If you sign up via OAuth (Google, etc.), we receive your email and name from that provider.

Social platform credentials

When you connect a social account, we store OAuth access tokens (and refresh tokens where applicable) to publish on your behalf. We do not store your passwords for any social platform. Tokens are encrypted at rest.

Content you create

Post drafts, scheduled posts, media uploads, and analytics data you generate while using the Service are stored on our servers.

Usage and log data

We automatically collect IP addresses, browser type, pages visited, and actions taken within the Service for security and product improvement purposes.

Payment information

Billing is handled by Stripe. We do not store credit card numbers. We receive a payment confirmation and subscription status from Stripe.

3. How we use your information

  • To provide and operate the Service, including scheduling and publishing your social media posts
  • To authenticate your identity and protect your account
  • To process payments and manage your subscription
  • To send transactional emails (account confirmation, password reset, post failure notifications)
  • To improve and debug the product using aggregated analytics
  • To comply with applicable laws and regulations

We do not sell your personal data. We do not use your content to train AI models unless you explicitly opt in.

4. Third-party services

We share data with third parties only as necessary to operate the Service:

  • Stripe — payment processing
  • Amazon Web Services (AWS) — cloud infrastructure and data storage
  • Social media platforms — data is shared with the platforms you connect (Twitter, Instagram, LinkedIn, etc.) when publishing posts on your behalf
  • OpenAI / Anthropic — only if you configure your own API key for AI content suggestions; your key is used directly and we do not proxy or log AI requests

5. Data retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required by law to retain it longer. Post content and analytics may be retained in anonymized, aggregated form.

6. Security

We use industry-standard security practices including TLS encryption in transit, AES-256 encryption at rest for sensitive credentials, and access controls. For more detail, see our Security page.

7. Your rights

Depending on your location, you may have rights to access, correct, delete, or export your personal data. To exercise these rights, contact us.

  • GDPR (EU residents): Right of access, rectification, erasure, portability, and objection
  • CCPA (California residents): Right to know, delete, and opt-out of sale (we do not sell data)

8. Cookies

We use essential cookies to keep you logged in and to maintain session state. We do not use advertising or tracking cookies. You can disable cookies in your browser settings, but some features of the Service may not work correctly.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by displaying a notice in the Service. Continued use of the Service after changes constitutes your acceptance of the updated policy.

10. Contact

Questions about this Privacy Policy? Contact us.