Privacy Policy — Uncommon Sense Content Studio

Uncommon Sense Content Studio

Effective Date: March 30, 2026

1 Overview

This Privacy Policy describes how the Uncommon Sense Content Studio ("the Tool") handles information when you use it. The Tool is a self-hosted, locally operated social media automation system designed for personal and business use. It does not operate as a public-facing web service and is not intended for use by third parties.

2 Information We Collect

2.1 Information You Provide

When configuring the Tool, you may provide the following:

X (Twitter) API credentials (Consumer Key, Consumer Secret, Access Token, Access Token Secret)
Anthropic API key for AI content generation
OpenAI API key for image generation and editing
Postiz API key and integration ID for cross-platform posting
Supabase credentials for database and file storage
Account handles, brand voice documents, and content preferences
Social media account identifiers for connected platforms

2.2 Data Generated by the Tool

The Tool automatically generates and stores the following operational data:

Content queues and scheduled posts per account
Post history including text, timestamps, and platform post IDs
Weekly posting schedules per platform per account
AI-generated content and image files
Content rotation logs and performance metadata

2.3 Data We Do Not Collect

The Tool does not collect, transmit, or store any of the following:

Personal information about your audience or followers
Payment or financial information
Device identifiers, IP addresses, or browser fingerprints
Usage analytics or behavioral tracking data
Any data from third-party users who interact with your social media posts

3 How We Use Your Information

All information provided to the Tool is used exclusively to:

Authenticate with connected third-party APIs (X, Anthropic, OpenAI, Postiz, Supabase)
Generate, schedule, and publish social media content on your behalf
Store and retrieve your content queue, post history, and account configurations
Manage your image library for slideshow and carousel generation
Operate the autopilot scheduling system across connected platforms

No information is used for advertising, sold to third parties, or shared outside the systems you explicitly configure.

4 Data Storage and Security

4.1 Local Storage

When running locally, all account configurations, API keys, queues, and schedules are stored on your own machine in local files (.env, accounts.json, queue.json, etc.). You are solely responsible for the security of these files.

4.2 Cloud Storage (Railway + Supabase)

When deployed to Railway and Supabase, your data is stored in:

Railway environment variables — for API keys and server configuration
Supabase PostgreSQL database — for account data, queues, schedules, and post history
Supabase Storage buckets — for raw, edited, and assembled image files

Supabase encrypts data at rest and in transit. Railway applies industry-standard security practices. You are responsible for managing access controls within your Supabase and Railway projects.

4.3 API Key Security

API keys are stored server-side only and are never exposed to the browser interface. All API calls are made from your server, not from client-side JavaScript.

5 Third-Party Services

The Tool integrates with the following third-party services. Each has its own privacy policy governing how they handle data:

X (Twitter)x.com/privacy ↗

Anthropicanthropic.com/privacy ↗

OpenAIopenai.com/privacy ↗

Postizpostiz.app/privacy ↗

Supabasesupabase.com/privacy ↗

Railwayrailway.app/legal/privacy ↗

TikToktiktok.com/legal/privacy-policy ↗

Instagram / Metaprivacycenter.instagram.com ↗

Pinterestpolicy.pinterest.com/privacy-policy ↗

The Tool acts as an intermediary between you and these services. Your use of the Tool is subject to the terms and privacy policies of each connected platform.

6 Data Retention

The Tool retains data for as long as you choose to keep it. You may delete any account, queue entry, post history record, or image file at any time through the studio interface or directly through your Supabase dashboard. Deleting an account from the Tool does not delete your social media accounts or any posts already published to those platforms.

7 Your Rights and Controls

As the operator of a self-hosted tool, you have full control over your data:

Access

View all stored data directly in your Supabase dashboard.

Correction

Edit any account configuration, schedule, or queue entry through the studio.

Deletion

Remove any data at any time, including a full account wipe.

Portability

Export your data directly from Supabase in JSON or CSV format.

Revocation

Disconnect any platform at any time by removing its API credentials.

8 Children's Privacy

The Tool is intended for use by adults operating social media accounts for business or personal brand purposes. It is not directed at children under the age of 13, and no information is knowingly collected from minors.

9 Changes to This Policy

This Privacy Policy may be updated as new features are added to the Tool. The effective date at the top of this document will reflect the most recent revision. Continued use of the Tool after any update constitutes acceptance of the revised policy.

10 Contact

This Tool is privately operated. For questions about this Privacy Policy or your data, contact the operator directly through your connected social media accounts or project repository.