Privacy Policy

1. Introduction

News Agent ("we," "our," or "us") operates the website configure.news and provides an AI-powered social media automation platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant privacy regulations worldwide.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Email address, full name, and password (stored as a secure hash) when you create an account
• Profile Information: Preferences such as preferred topics, default platforms, timezone, and content style settings
• Payment Information: When you subscribe, payment processing is handled by LemonSqueezy. We receive confirmation of your subscription status but do not store credit card numbers
• Social Media Credentials: When you connect social media accounts, we store encrypted OAuth tokens to post on your behalf
• Content: Topics, keywords, and preferences you provide for content generation
• Communications: Information you provide when contacting our support team

2.2 Information Collected Automatically

• Usage Data: Posts created, platforms used, content topics, scheduling patterns, and feature usage
• Device Information: Browser type, operating system, device type, and screen resolution
• Log Data: IP address, access times, pages viewed, and referring URLs
• Cookies and Similar Technologies: Session identifiers, preferences, and analytics data (see Section 7)

2.3 Information from Third Parties

• Google OAuth: If you sign in with Google, we receive your name, email address, and profile picture
• Social Media Platforms: When you connect accounts, we receive your username, profile information, and posting permissions
• Payment Provider: LemonSqueezy provides us with subscription status, billing dates, and transaction confirmations

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Delivery

• Create and manage your account
• Generate AI-powered social media content based on your preferences
• Publish content to your connected social media platforms
• Process subscriptions and payments
• Provide customer support

3.2 Service Improvement

• Analyze usage patterns to improve our Service
• Develop new features and functionality
• Monitor and prevent technical issues
• Conduct research and analytics

3.3 Communications

• Send service-related notifications (e.g., account verification, security alerts)
• Respond to your inquiries and support requests
• Send promotional communications (with your consent, where required)

3.4 Security and Compliance

• Detect, prevent, and address fraud and abuse
• Enforce our Terms of Service
• Comply with legal obligations

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

• Contract: Processing necessary to provide you with our Service as agreed in our Terms of Service
• Consent: Processing based on your explicit consent (e.g., cookies, marketing communications)
• Legitimate Interests: Processing necessary for our legitimate business interests, such as security, fraud prevention, and service improvement, where these interests do not override your rights
• Legal Obligation: Processing necessary to comply with applicable laws and regulations

5. Data Sharing and Third Parties

We share your information with the following categories of third parties:

5.1 Service Providers

5.2 Social Media Platforms

When you connect your social media accounts, we interact with the following platforms on your behalf:

• Twitter/X - For posting tweets and accessing trends
• LinkedIn - For posting to your profile or pages
• Reddit - For posting to subreddits
• Facebook - For posting to pages
• Telegram - For posting to channels
• Instagram, TikTok, YouTube (depending on subscription tier)

Each platform has its own privacy policy governing their use of your data.

5.3 News and Content Sources

We use news aggregation services (NewsAPI, GNews, Google Custom Search) to fetch trending content. No personal information is shared with these services.

5.4 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law:

• Account Data: Retained while your account is active and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce agreements
• Posts and Content: Retained for the maximum period allowed by applicable law to provide service history and analytics
• Usage Analytics: Retained for the maximum period allowed by applicable law for service improvement purposes
• Payment Records: Retained as required by tax and financial regulations
• OAuth Tokens: Retained until you disconnect the platform or revoke access

Upon account deletion request, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

7.1 Types of Cookies We Use

7.2 Local Storage

We use browser local storage to store authentication tokens and user preferences for a seamless experience.

7.3 Managing Cookies

You can manage your cookie preferences through our cookie consent banner or your browser settings. Note that disabling essential cookies may affect the functionality of our Service.

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

8.1 Rights Under GDPR (EEA Residents)

• Right of Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Lodge a Complaint: File a complaint with a supervisory authority

8.2 Rights Under CCPA (California Residents)

• Right to Know: Request information about data collection, use, and sharing
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale of personal information (Note: We do not sell personal information)
• Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights

8.3 Exercising Your Rights

To exercise any of these rights, please contact us at or@ailead.work. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we use appropriate safeguards including:

• Standard Contractual Clauses approved by the European Commission
• Ensuring recipients are in countries with adequate data protection (adequacy decisions)
• Other legally approved transfer mechanisms

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption: OAuth tokens are encrypted using AES-256-GCM; passwords are hashed using bcrypt
• Secure Transmission: All data is transmitted over HTTPS/TLS
• Access Controls: Strict access controls and authentication requirements
• Security Headers: Implementation of security headers (CSP, HSTS, etc.)
• Rate Limiting: Protection against brute force and abuse
• Regular Updates: Regular security patches and updates

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

11. Children's Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at or@ailead.work.

12. Do Not Track Signals

Some browsers have a "Do Not Track" feature that signals to websites that you do not want your online activity tracked. Our Service currently does not respond to "Do Not Track" signals. However, you can manage your cookie preferences through our cookie consent banner.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may also send you an email notification.

We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our Service after any modifications indicates your acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 30 days or as required by applicable law.