Privacy Policy

Last updated: March 22, 2026

Donivo ("we", "us", or "our") operates a social media scheduling platform that allows you to create, schedule, and publish posts to multiple social media platforms. This Privacy Policy explains how we collect, use, store, and protect your information when you use our service.

By using Donivo, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our service.

1. Information We Collect

Account Information

When you register for Donivo, we collect your name, email address, and password. If you sign up through a social login provider, we receive your name, email address, and profile information from that provider.

Social Media Account Data

To schedule and publish posts on your behalf, we request access to your social media accounts through OAuth authentication. We store the access tokens and refresh tokens necessary to interact with these platforms:

  • Instagram — account ID, access token, username, and profile picture
  • TikTok — open ID, access and refresh tokens, username, and avatar
  • Facebook — page IDs, page access tokens, page names, and profile pictures
  • YouTube — channel ID, access and refresh tokens, channel name, and thumbnail
  • X (Twitter) — user ID, access and refresh tokens, username, and profile image

We only request the minimum permissions (scopes) necessary to publish content on your behalf. We do not read your private messages, followers lists, or analytics data.

Post Content & Media

We store the text, images, and videos you upload to create posts. Media files are stored on Cloudflare R2 object storage. We process media to generate optimized versions and thumbnails for display within the application.

Billing Information

If you subscribe to a paid plan, your payment information is processed directly by Stripe. We do not store your credit card number. We retain your Stripe customer ID, subscription status, and billing history to manage your account.

2. How We Use Your Information

We use the collected information to:

  • Provide, operate, and maintain the Donivo service
  • Schedule and publish posts to your connected social media accounts
  • Process payments and manage subscriptions
  • Send transactional emails (account verification, password resets, scheduling confirmations)
  • Monitor and improve the reliability and performance of our service
  • Detect, prevent, and address technical issues

We do not sell your personal information to third parties. We do not use your data for advertising purposes.

3. Cookies & Sessions

Donivo uses session cookies to keep you logged in and to protect against cross-site request forgery (CSRF). These are essential for the service to function and cannot be disabled. We do not use advertising or tracking cookies.

4. Third-Party Services

We share data with the following third-party services only as necessary to operate Donivo:

  • Stripe — payment processing and subscription management
  • Cloudflare R2 — media file storage
  • Sentry — error tracking and performance monitoring (may receive anonymized usage data)
  • Instagram, TikTok, Facebook, YouTube, and X (Twitter) APIs — to publish scheduled content to your accounts

Each third-party service operates under its own privacy policy. We encourage you to review their policies.

5. Data Retention

We retain your account data and post content for as long as your account is active. When you delete a post, it is permanently removed from our database and storage. If you delete your account, all associated data — including posts, media files, connected social accounts, and billing data — is permanently deleted.

6. Data Security

We take reasonable measures to protect your information, including:

  • Encrypting all data in transit using TLS/SSL
  • Storing passwords using bcrypt hashing
  • Encrypting OAuth tokens at rest
  • Restricting access to production infrastructure

Your data is protected using industry-leading encryption, secure transmission protocols, and rigorous access controls. As with any technology platform, no solution can provide a absolute guarantee of security — but we hold ourselves to the highest standards and continually review our practices to stay ahead of emerging threats.

7. Your Rights

You have the right to:

  • Access your personal data stored in your account
  • Update your profile information at any time
  • Disconnect social media accounts, revoking our access tokens
  • Delete your account and all associated data
  • Export your data by contacting us

To exercise any of these rights, you can use the settings within your account or contact us at [email protected].

8. Children's Privacy

Donivo is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email. Your continued use of Donivo after changes are posted constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us at [email protected].

See also our Terms of Service.