Information we collect
Synomila collects information needed to provide the service. This may include account email addresses, authentication data, profile names, profile settings, uploaded media, linked social account identifiers, publishing records, engagement metrics, service usage data, and platform-specific publishing options selected by you.
Synomila only requests social platform permissions when you choose to connect an account or use a related feature. We do not ask for social platform passwords.
How we use information
Synomila uses information to provide account login, profile management, media libraries, publishing workflows, social account linking, engagement summaries, security, support, and service maintenance.
We use social platform data only for the user-facing features you enable, such as connecting an account, preparing a post, publishing content you choose, scheduling posts, displaying publishing status, and showing engagement summaries.
Google and YouTube data
Synomila uses YouTube API Services. If you connect a YouTube account, Synomila uses Google OAuth to request permission to access your YouTube channel information, upload videos you choose to publish, and view YouTube analytics for connected channel content.
Synomila uses Google user data only to provide user-facing features such as account linking, publishing, scheduling, and engagement analytics inside your Synomila profile.
Synomila requests only the Google and YouTube permissions needed for the features you choose to use. We do not use Google user data for advertising, data brokerage, credit or lending decisions, or training general artificial intelligence models. We do not sell Google user data.
Synomila's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy , including the Limited Use requirements.
Your use of YouTube through Synomila is also subject to the YouTube Terms of Service and the Google Privacy Policy.
How we protect data
We protect personal data and Google user data using HTTPS and TLS for data in transit, application-level encryption at rest for stored OAuth tokens, and backend-controlled storage for sensitive credentials. OAuth credentials are stored server-side and are not stored in browser local storage.
Synomila limits access to account and social platform data using authenticated sessions, profile-level access checks, role-based controls for administrative functionality, and least-privilege access for internal service operations.
We maintain security-relevant application logs and operational monitoring to help detect errors, abuse, unauthorized access, and platform integration failures. We restrict secrets and OAuth client credentials to backend systems and rotate or invalidate credentials when needed.
When a connected social account is disconnected, revoked, or definitively fails authorization, Synomila removes or invalidates the stored OAuth token material for that account and stops using that connection until it is reconnected by an authorized user.
Social platform data
If you connect third-party platforms such as LinkedIn, Instagram, YouTube, Reddit, Snapchat, Threads, TikTok, or X, Synomila stores the account identity and authorization data needed to provide the selected integration.
For TikTok, Synomila may request creator information such as avatar, username, nickname, available visibility options, interaction settings, and maximum video duration so the posting workflow can show the settings available for that account. Synomila may store the TikTok publishing options you select, including visibility, comment, Duet, Stitch, commercial content disclosure, AI-generated content disclosure, publish identifiers, provider errors, provider log IDs, and engagement metrics where authorised.
For Snapchat, Synomila may request Public Profile API access through Snap Business OAuth to identify your Public Profile, store the authorised Public Profile ID, username, display name, avatar, profile URL, subscriber count where available, encrypted OAuth tokens, and publishing records. When you publish to Snapchat, Synomila may encrypt and upload the media you selected and store provider publication IDs, provider errors, and status information.
Access is requested only when you explicitly connect an account. Synomila does not collect social platform passwords. OAuth tokens used for connected social accounts are stored in encrypted form.
Media files
Media uploaded to Synomila is used to support your global media library, profile media libraries, publishing workflows, previews, thumbnails, and related product features.
Retention
Synomila keeps account, profile, media, publishing, sales, and social platform data only for as long as needed to provide the service, maintain security, comply with legal obligations, and support operational records.
OAuth access tokens are kept only while needed for a connected account and are removed or invalidated when you disconnect the account, revoke access, delete your account, or when Synomila determines that reauthorization is required. Stored YouTube API data is refreshed, removed, or replaced when it is no longer needed for the connected feature.
Deleted data may remain temporarily in encrypted backups or security logs until those records expire through normal operational processes, unless we must keep it longer for legal, security, or abuse-prevention reasons.
Deletion and revocation
You may delete your Synomila account from Account Settings. You may also disconnect linked social accounts from the Social Media Linking page.
You can revoke Synomila's Google and YouTube access from your Google Account security settings at https://myaccount.google.com/permissions . You can also disconnect YouTube from Synomila in the Social Links area. After disconnection or revocation, Synomila stops using that YouTube connection and removes or invalidates the stored OAuth token material for that account.
Account deletion removes account data according to Synomila's deletion workflow, subject to limited retention for service security, legal compliance, fraud prevention, backup expiry, or operational records.
Contact
For privacy questions, contact Synomila at support@synomila.com.