← The Content Farm

Privacy Policy

Last updated: April 2026

The Content Farm ("we", "our", or "us") operates the The Content Farm iOS application. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

By using the app you agree to the practices described in this policy.

1. Information We Collect

Account Information

Connected Social Accounts

When you connect your Instagram or TikTok accounts we collect and store:

Gmail Integration

If you connect your Gmail account we access your inbox with read-only scope to identify brand partnership emails. We store:

We never store your Gmail password and never send emails without your explicit action.

Content You Save

Business Data

Usage and Technical Data

2. How We Use Your Information

We do not sell your personal data. We do not use your data to train AI models beyond generating insights displayed to you within the app.

3. Third-Party Services

We use the following third-party services to operate the app:

Each of these services operates under their own privacy policies and data processing agreements.

4. Platform-Specific Data Usage

The following describes exactly what data we access from each connected platform, why we access it, and how it is handled.


Instagram (Meta)

Permissions requested: instagram_business_basic, instagram_business_manage_insights

Data accessed:

Purpose: display your Instagram performance statistics on the Home screen, generate weekly Pulse briefings comparing your top and bottom performing posts, populate your public media kit, and enable AI analysis of post content and trends.

Storage: synced to our Supabase database. OAuth access and refresh tokens are stored encrypted. Historical post data is retained to support trend analysis within the app.

We do not post to Instagram, modify your account, manage your ads, or access your direct messages. Your Instagram data is never sold or used to train AI models. It is shared only with Supabase (storage) and OpenAI (post analysis, at your request).


TikTok

Permissions requested: user.info.basic, video.list, video.insights

Data accessed:

Purpose: display TikTok performance on the Home screen, generate Pulse briefings, populate your media kit, and enable AI analysis of content trends.

Storage: synced to Supabase. OAuth tokens stored encrypted. Historical video data retained for trend analysis.

We do not post to TikTok, modify your account, or access your direct messages. Your TikTok data is never sold or used to train AI models.


Google (Gmail)

Permissions requested: https://mail.google.com/ (Mail.ReadWrite — required to read brand emails, create reply drafts, send replies, and delete draft messages after sending)

Data accessed:

Purpose: identify and surface brand partnership and sponsorship emails in your Deals pipeline; enable you to read those emails and draft and send replies from within the app.

Storage: message IDs and snippets are stored to display your inbox in the app. Full message bodies are fetched on demand and not stored. Reply drafts are created in your Gmail Drafts folder (POST), sent only when you explicitly tap Send, and then deleted from your Drafts folder (DELETE). Mail.ReadWrite access is required for these draft creation and deletion operations — Mail.Read alone is insufficient.

We never send any email without your explicit action. We do not read personal emails beyond what you choose to open. Google user data is not sold, not shared with any third party except Supabase (message metadata storage) and OpenAI (generating suggested reply text, only when you request it), and is never used to train AI models.

You can disconnect Gmail at any time in Settings → Connected Accounts, which immediately revokes our access token.


Microsoft (Outlook)

Permissions requested: User.Read, Mail.ReadWrite, Mail.Send, offline_access

Data accessed:

Purpose: identical to Gmail integration above — surface brand partnership emails in your Deals pipeline and enable you to draft and send replies from within the app.

Storage: message IDs and snippets stored in Supabase. Full bodies fetched on demand, not stored. Reply drafts created in your Outlook Drafts folder and deleted after sending. Mail.ReadWrite is required because the app creates a draft (POST to /messages), may attach files (POST to /attachments), sends it (POST to /sendMail), and deletes the draft on cancel (DELETE to /messages/{id}). Mail.Read alone does not permit these write operations.

We never send email without your explicit action. Microsoft user data is not sold and is shared only with Supabase (storage) and OpenAI (draft generation, at your request). It is never used to train AI models.

You can disconnect Outlook at any time in Settings → Connected Accounts.

5. Data Retention

We retain your data for as long as your account is active. Social post data and AI-generated insights are refreshed on each sync but historical data is retained to support trend analysis within the app.

OAuth tokens are stored securely and refreshed automatically. Revoking app access from your Instagram, TikTok, or Google account settings will prevent future syncing but will not automatically delete stored data from our systems — to request full deletion, see Section 6.

6. Data Security

All data is stored in Supabase with row-level security policies enforced at the database level — your data is only accessible to your own authenticated session. OAuth tokens are stored encrypted. All communications between the app and our servers use HTTPS.

7. Your Rights & Data Deletion

You have the right to access, correct, export, or delete your personal data at any time.

To request deletion of your account and all associated data, visit our Data Deletion page or email us at privacy@thecontentfarm.co.

We will process deletion requests within 30 days.

You can also disconnect your Instagram, TikTok, or Gmail accounts from within the app at any time in Settings.

8. Children's Privacy

The Content Farm is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via the app or by email. Continued use of the app after changes constitutes acceptance of the updated policy.

10. Contact

For any privacy-related questions or requests, contact us at:

privacy@thecontentfarm.co