top of page
Privacy Policy
Last updated: February 3, 2026

1. Introduction

Creator Desk ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Personal Information

We may collect personally identifiable information, including:

  • Name and email address

  • Profile information and preferences

  • Billing and payment information

  • Communication preferences

  • Business information (company name, address, tax ID for invoicing)

 

2.2 Financial Information

As a content management platform, we collect information you provide about your income, expenses, clients, projects, and invoices. This information is stored securely and used solely to provide our services.

 

2.3 Social Media Information

When you connect social media accounts (Twitter/X, Instagram, TikTok, YouTube, Facebook), we collect:

  • Access Tokens: Encrypted OAuth tokens to maintain your connection and post on your behalf

  • Profile Information: Username and account identifiers

  • Analytics Data: Engagement metrics and post performance data

  • Post History: Information about scheduled and published posts

Access tokens are encrypted using AES-256-CBC encryption before storage. You can revoke access at any time by disconnecting accounts from your Profile > Integrations settings.

 

2.4 Google Drive Information

When you connect Google Drive, we collect:

  • OAuth access tokens to access your Drive (encrypted at rest)

  • File metadata for files you select for import (name, size, type, creation date)

  • File content only for files you explicitly choose to import

 

2.5 Payment Information

When you use Payment Link Integration features (Stripe, PayPal), we collect:

  • Payment link identifiers and configuration

  • Connection status and account identifiers with payment processors

  • Transaction references for invoices with payment links

We do not store your full payment card details. All payment processing is handled directly by Stripe and PayPal according to their privacy policies.

 

2.6 Content and Digital Assets

We store content you upload to the Digital Content Library (videos, images, documents) and contracts you create with the Smart Contract Builder. This content is stored on secure cloud infrastructure (Amazon S3) and is only accessible to you.

 

2.7 AI-Generated Content

When you use AI-powered features (caption generation, hashtag suggestions, visual descriptions), your input prompts and content ideas are processed by our AI systems. We may use anonymized data to improve our AI features but do not share identifiable content with third parties.

 

2.8 Usage Information

We automatically collect information about how you use our Service, including log data, device information, IP addresses, and analytics data to improve our services and ensure platform security.

 

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve our Service

  • Process transactions and send billing notifications

  • Manage social media integrations and scheduling

  • Send important service updates and communications

  • Provide customer support

  • Analyze usage patterns to enhance user experience

  • Prevent fraud and ensure platform security

 

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

  • Social Media Platforms: When you authorize posting content to your connected accounts

  • Legal Requirements: When required by law or to protect our rights (see Section 4.1 below)

We do not sell, rent, or share your personal information with third-party vendors or for commercial purposes.

 

4.1 Government and Law Enforcement Requests

When we receive requests from public authorities (including government agencies, law enforcement, or regulatory bodies) for the personal data or personal information of our users, we follow these policies and processes:

  • Required Review of Legality: We review the legality of each request before responding. We verify that requests are valid, properly issued, and comply with applicable laws and legal procedures.

  • Provisions for Challenging Unlawful Requests: We reserve the right to challenge requests that we believe are unlawful, overly broad, or otherwise improper. We may seek to narrow the scope of requests or object to them through appropriate legal channels.

  • Data Minimization: When we are legally required to disclose information, we disclose only the minimum information necessary to comply with the request. We do not provide more data than is legally required.

  • Documentation: We document all requests from public authorities, including our responses to those requests, the legal reasoning involved, and the actors involved in the process.

Where legally permitted, we will notify affected users of requests for their data before disclosure. In some cases, we may be legally prohibited from providing such notice.

 

5. Data Security

We implement appropriate technical and organizational measures to protect your information, including encryption, access controls, and regular security assessments. However, no method of transmission over the internet is 100% secure.

 

6. Data Retention

We retain your information according to the following guidelines:

  • Account Data: Retained while your account is active and for up to 30 days after deletion request

  • Financial Records: Retained for 7 years for tax and legal compliance

  • Social Media Tokens: Retained until you disconnect the integration or tokens expire

  • Uploaded Content: Retained until you delete it or close your account

  • Analytics Data: Retained for up to 2 years for service improvement

You may request deletion of your data at any time by contacting us. Some data may be retained as required by law or for legitimate business purposes.

 

7. Third-Party Integrations

Our Service integrates with the following third-party platforms. Each has their own privacy policy, and we encourage you to review them:

  • Social Media Platforms: Twitter/X, Instagram (via Meta), TikTok, YouTube, and Facebook - for content scheduling and analytics

  • Payment Processors: Stripe and PayPal - for payment link generation on invoices

  • Cloud Storage: Google Drive - for file import to Digital Content Library

  • File Storage: Amazon Web Services (S3) - for document and content storage

  • Email Services: SendGrid - for transactional emails and notifications

When you connect these services, your data is transmitted according to their respective privacy policies. You can disconnect any integration at any time from your Profile settings, which will stop future data sharing but may not delete data already stored by those services.

 

8. Google Workspace API Data Usage

Creator Desk integrates with Google Workspace APIs (including Google Drive) to provide file import functionality. We are committed to protecting your Google data and comply with Google's API Services User Data Policy:

  • No AI/ML Training: Google Workspace APIs are not used to develop, improve, or train generalized or non-personalized AI and/or ML models.

  • No Data for AI Development: Google user data is not used to develop, improve, or train any AI and/or ML models.

  • No Third-Party AI Transfers: Google user data is not transferred to any third-party AI tools or services.

Your Google data is used solely to provide the file import functionality you explicitly request and is not shared, sold, or used for any other purpose.

 

9. Your Rights and Choices

You have the right to:

  • Access, update, or delete your personal information

  • Opt out of marketing communications

  • Disconnect social media accounts and revoke access tokens

  • Disconnect Google Drive and payment processor integrations

  • Delete uploaded content from your Digital Content Library

  • Export your data in standard formats

  • Request information about how your data is processed

To exercise these rights, visit your Profile settings or contact us at info@thecreatordesk.com. We will respond to requests within 30 days.

 

10. Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately.

 

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through our Service. Your continued use after changes indicates acceptance of the updated policy.

 

12. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:
Email: info@thecreatordesk.com
Website: app.thecreatordesk.com

bottom of page