Synomila
Open app

Privacy Policy

This policy explains how Synomila handles account data, media, linked social account data, publishing information, and engagement data, including data received from Google and YouTube API Services.

Last updated 24 June 2026

Sections

Information collected How it is used Google and YouTube Data protection Social platforms Media files Data sharing Retention Deletion and revocation Contact
Account data

Information we collect

Synomila collects information needed to provide the service. This may include account email addresses, authentication data, profile names, profile settings, uploaded media, linked social account identifiers, publishing records, engagement metrics, service usage data, and platform-specific publishing options selected by you.

Synomila only requests social platform permissions when you choose to connect an account or use a related feature. We do not ask for social platform passwords.

How we use information

Synomila uses information to provide account login, profile management, media libraries, publishing workflows, social account linking, engagement summaries, security, support, and service maintenance.

We use social platform data only for the user-facing features you enable, such as connecting an account, preparing a post, publishing content you choose, scheduling posts, displaying publishing status, and showing engagement summaries.

Google API data

Google and YouTube data

Synomila uses YouTube API Services. If you connect a YouTube account, Synomila uses Google OAuth to request permission to access your YouTube channel information, upload videos you choose to publish, and view YouTube analytics for connected channel content.

Synomila uses Google user data only to provide user-facing features such as account linking, publishing, scheduling, and engagement analytics inside your Synomila profile.

Synomila requests only the Google and YouTube permissions needed for the features you choose to use. We do not use Google user data for advertising, data brokerage, credit or lending decisions, or training general artificial intelligence models. We do not sell Google user data.

Synomila's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy , including the Limited Use requirements.

Your use of YouTube through Synomila is also subject to the YouTube Terms of Service and the Google Privacy Policy.

Security

How we protect data

We protect personal data and Google user data using HTTPS and TLS for data in transit, application-level encryption at rest for stored OAuth tokens, and backend-controlled storage for sensitive credentials. OAuth credentials are stored server-side and are not stored in browser local storage.

Synomila limits access to account and social platform data using authenticated sessions, profile-level access checks, role-based controls for administrative functionality, and least-privilege access for internal service operations.

We maintain security-relevant application logs and operational monitoring to help detect errors, abuse, unauthorized access, and platform integration failures. We restrict secrets and OAuth client credentials to backend systems and rotate or invalidate credentials when needed.

When a connected social account is disconnected, revoked, or definitively fails authorization, Synomila removes or invalidates the stored OAuth token material for that account and stops using that connection until it is reconnected by an authorized user.

Social platform data

If you connect third-party platforms such as LinkedIn, Instagram, YouTube, Reddit, Snapchat, Threads, TikTok, or X, Synomila stores the account identity and authorization data needed to provide the selected integration.

For TikTok, Synomila may request creator information such as avatar, username, nickname, available visibility options, interaction settings, and maximum video duration so the posting workflow can show the settings available for that account. Synomila may store the TikTok publishing options you select, including visibility, comment, Duet, Stitch, commercial content disclosure, AI-generated content disclosure, publish identifiers, provider errors, provider log IDs, and engagement metrics where authorised.

For Snapchat, Synomila may request Public Profile API access through Snap Business OAuth to identify your Public Profile, store the authorised Public Profile ID, username, display name, avatar, profile URL, subscriber count where available, encrypted OAuth tokens, and publishing records. When you publish to Snapchat, Synomila may encrypt and upload the media you selected and store provider publication IDs, provider errors, and status information.

Access is requested only when you explicitly connect an account. Synomila does not collect social platform passwords. OAuth tokens used for connected social accounts are stored in encrypted form.

Media files

Media uploaded to Synomila is used to support your global media library, profile media libraries, publishing workflows, previews, thumbnails, and related product features.

Data sharing

Synomila does not sell personal data. Data may be processed by infrastructure providers where necessary to run the service, store media, send emails, operate authentication, or provide linked social platform features.

We may share data with a connected social platform only when it is necessary for the feature you requested, such as publishing a post to a selected destination or retrieving engagement data from a connected account. We may also disclose data if required by law or to protect Synomila, our users, or the public from fraud, abuse, or security threats.

Retention

Synomila keeps account, profile, media, publishing, sales, and social platform data only for as long as needed to provide the service, maintain security, comply with legal obligations, and support operational records.

OAuth access tokens are kept only while needed for a connected account and are removed or invalidated when you disconnect the account, revoke access, delete your account, or when Synomila determines that reauthorization is required. Stored YouTube API data is refreshed, removed, or replaced when it is no longer needed for the connected feature.

Deleted data may remain temporarily in encrypted backups or security logs until those records expire through normal operational processes, unless we must keep it longer for legal, security, or abuse-prevention reasons.

Deletion and revocation

You may delete your Synomila account from Account Settings. You may also disconnect linked social accounts from the Social Media Linking page.

You can revoke Synomila's Google and YouTube access from your Google Account security settings at https://myaccount.google.com/permissions . You can also disconnect YouTube from Synomila in the Social Links area. After disconnection or revocation, Synomila stops using that YouTube connection and removes or invalidates the stored OAuth token material for that account.

Account deletion removes account data according to Synomila's deletion workflow, subject to limited retention for service security, legal compliance, fraud prevention, backup expiry, or operational records.

Contact

For privacy questions, contact Synomila at support@synomila.com.

Synomila Privacy Policy · Terms of Service · Social media management platform