Privacy Policy

Last updated July 10, 2026

This policy explains what data Maeve collects, how we use it, the third parties we share it with, and the control you have over it across your connected platforms.

Information We Collect

Maeve Social by LILY DIA PTY LTD (ABN 72 676 064 181) ("Maeve", "we", "us") collects information to provide our editorial and publishing services. This includes data you provide directly and data collected automatically as you use the platform.

  • Account and identity. Your email address, display name, and the account identifiers needed to authenticate and manage your account. If you buy a subscription on the web, our payment processor (Stripe) collects billing details. Purchases made in our mobile apps are processed by Apple through the App Store. We do not store raw credit card numbers.
  • Social credentials. To publish on your behalf, we store OAuth access and refresh tokens for connected platforms. These are encrypted at rest using AES-256-GCM and are never shared with third parties other than the platforms themselves.
  • Editorial content. We process the prompts you send to AI providers and store the resulting drafts, media files, and scheduled posts to manage your content library.
  • Usage and log data. Our servers automatically record information such as your IP address, browser type, referring domain, and pages visited. This helps us prevent abuse and keep the platform stable. Our analytics may include an approximate location derived from your IP address.
  • Mobile devices. If you enable push notifications in our mobile app, we store a device token so we can deliver them.

How We Use Your Data

We process the data described above for the following purposes:

  • Service. Account creation, subscription management, and providing core platform functionality.
  • Publishing. Scheduling, drafting, and publishing content to connected social media platforms on your behalf.
  • Payments. Processing subscription payments and managing billing via Stripe on the web and Apple in our iOS app.
  • Media. Storing and serving images and videos you upload for your content library.
  • Improvement. Analyzing aggregated usage patterns to improve features, navigation, and platform stability.
  • Support. Responding to your inquiries and providing customer support.
  • Communication. Sending administrative notices about service updates, policy changes, and security alerts.
  • Security. Detecting and preventing fraud, abuse, and technical issues to protect you and our platform.

Platform Integrations

Our service acts as a bridge to third-party platforms. By connecting these accounts, you acknowledge that your data is also processed according to their respective policies.

YouTube and Google API Services

We use YouTube API Services to upload videos and retrieve analytics. By using this integration, you agree to be bound by the YouTube Terms of Service. Your data is processed in accordance with the Google Privacy Policy. You can remove our access at any time via the Google Security Settings page.

Meta (Facebook and Instagram)

We access your Page IDs, usernames, and insights via the Meta Graph API to schedule posts and report performance. Please refer to the Meta Privacy Policy. You can manage app permissions in your Facebook Business Integrations.

TikTok

We access your profile information and video metrics to enable publishing and analytics. Refer to the TikTok Privacy Policy.

LinkedIn and Pinterest

We use OAuth tokens to post content to your profile and boards. Data handling is subject to the LinkedIn Privacy Policy and Pinterest Privacy Policy.

Cookies and Processors

We use cookies to maintain your session and improve the service. We do not sell your data. We only share data with the processors necessary to run the application and marketing site:

  • Infrastructure. Railway (application, database, and authentication infrastructure), Vercel (marketing website hosting), and Cloudflare R2 (media storage).
  • Analytics. PostHog, which we use to understand which features are popular. Data is aggregated and anonymized where possible.
  • Payments. Stripe on the web, and Apple for purchases made in our iOS app. Payment data is provided directly to the processor. We do not access or store full card numbers.
  • AI. Anthropic, which processes the prompts and content you send to the AI features in Maeve to generate drafts and suggestions.
  • Push notifications. Google Firebase, which we use to deliver push notifications to our mobile apps.
  • Email. Resend, which we use to send transactional emails such as account notifications, onboarding messages, and security alerts.
  • Error tracking. Sentry, which we use to monitor application errors and performance. Error reports may include technical metadata but not your content or credentials.

Data Sharing and Disclosure

We do not sell your personal data. We only share data in the following limited circumstances:

Service providers

We share data with trusted processors necessary to operate the platform: Railway (application, database, and authentication infrastructure), Vercel (marketing website hosting), Cloudflare R2 (media storage), PostHog (analytics), Resend (transactional email), Sentry (error monitoring), Stripe (web payments), Apple (App Store payments), Google Firebase (push notification delivery), and Anthropic (AI processing). Each provider is contractually bound to process data only on our instructions.

Social media platforms

When you schedule or publish content, your posts and associated media are transmitted to the target platform via their official APIs. This is the core function of the service and occurs only at your direction.

Business transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity. We will provide notice before your data becomes subject to a different privacy policy.

Legal obligations

We may disclose data where required by law, regulation, legal process, or enforceable governmental request, or where necessary to protect the rights, property, or safety of Maeve, our users, or the public.

Security and Retention

Data retention

We retain your content library and connection tokens for as long as your account is active. Upon account deletion, all personal data is removed from our live databases within 30 days. Logs may be retained for up to 90 days for security auditing.

International transfers

Our infrastructure is primarily located in the United States. By using our service, you acknowledge that your data may be transferred to and processed in the US, where data protection laws may differ from those in your local jurisdiction.

Children's Privacy

Our service is not directed to individuals under the age of 18. We do not knowingly collect personal data from children under 18.

If we become aware that we have collected personal data from a child under 18 without parental consent, we will take steps to delete that data promptly. If you believe a child has provided us with personal data, please contact us at moc.laicoseveam@troppus.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Any updates will be posted on this page with a revised "Last Updated" date. For material changes, we will notify you by email or with a prominent notice within the service. We encourage you to review this page periodically.

Contact and Rights

You may request the deletion of your account and all associated data at any time via your account settings. For privacy-related questions, or to exercise your rights (GDPR/CCPA/DPA), please contact our Data Protection Officer at moc.laicoseveam@troppus.