Privacy Policy

1. Scope

This policy applies to the public website at rebrandos.com and to BrandOS services made available to approved organizations and their operators. It covers information we collect directly, information provided by connected third-party platforms, and information generated through use of the service.

2. Information we collect

• Basic account and workspace information such as names, email addresses, usernames, role assignments, and workspace identifiers.
• Connected platform data such as social account identifiers, public profile metadata, authorization tokens, and connection status.
• Content operations data such as briefs, captions, scripts, assets, post metadata, scheduled times, publish logs, and workflow approvals.
• Performance data such as post URLs, impressions, views, engagement counts, and platform analytics made available to us.
• Technical data such as device, browser, IP address, system logs, and security events needed to operate and protect the service.

3. How we use information

• To provide, secure, maintain, and improve BrandOS and the related website.
• To connect, authenticate, and manage authorized social publishing accounts.
• To generate, review, schedule, publish, and measure content inside approved workflows.
• To investigate incidents, enforce service rules, prevent abuse, and maintain auditability.
• To communicate about service access, support requests, policy updates, and security issues.

4. Legal bases

Where applicable data protection law requires a legal basis, we typically process information to perform our contract with customers, to comply with legal obligations, with consent where required, and based on legitimate interests in operating, securing, and improving the service.

5. Sharing

We do not sell personal data. We may share information with:

• Infrastructure, hosting, email, storage, and security providers that support operation of the service.
• Connected social platforms when actions are requested through authorized integrations.
• Professional advisers, regulators, or law enforcement where disclosure is required or reasonably necessary.
• Successors in connection with a merger, acquisition, financing, or sale of all or part of the business.

6. Retention

We retain information for as long as needed to provide the service, maintain operational records, resolve disputes, comply with legal obligations, and protect the platform. Retention periods vary based on the type of data and the customer relationship.

7. Security

We use administrative, technical, and physical safeguards designed to protect information, including encryption in transit, restricted access, credential handling controls, logging, and incident response procedures. No system is perfectly secure, but we work to reduce risk and respond quickly when issues arise.

8. International transfers

Depending on how the service is accessed and which vendors are used, information may be processed in countries other than the country where it was collected. When required, we use contractual or technical measures intended to protect transferred data.

9. Your rights

Depending on your location, you may have rights to request access, correction, deletion, restriction, objection, portability, or withdrawal of consent. Requests can be sent to hello@rebrandos.com.

10. Children

BrandOS is intended for business and professional use. It is not directed to children, and we do not knowingly design the service for use by children.

11. Changes and contact

We may update this policy from time to time. Material updates will be reflected on this page with a revised effective date. For privacy questions, contact hello@rebrandos.com. For security matters, contact security@rebrandos.com.