Privacy Policy
Last updated: July 1, 2026
1. Who we are
Autoplugg is an AI marketing automation platform (a marketing operating system) for solopreneurs, vibe coders, and small businesses. Autoplugg is operated by Royce & Company LLC(“Autoplugg,” “we,” “us,” or “our”), the data controller for the personal information described in this policy.
This Privacy Policy explains what information we collect, how we use and share it, and the rights and choices you have. It applies to the Autoplugg website at autoplugg.ai, our web application, and related services (together, the “Service”).
If you have questions or want to exercise a privacy right, contact us at support@autoplugg.ai.
2. Information we collect
Account and profile data
When you create an account we collect your name, email address, and a password (authentication is handled by our infrastructure provider, Supabase; we do not store plaintext passwords). We also store the profile, brand, and voice configuration you set up.
Content you create and generate
We store the content you create and the content our AI helps you generate, including social posts, images, videos, whitepapers and documents, blog posts, landing pages, and emails, along with related settings, schedules, and metadata.
Connected social platform data
When you connect a social account, you authorize Autoplugg via OAuth to act on your behalf. Depending on the platform and the permissions you grant, this lets us post content on your behalf and read your content and analytics. Supported platforms include LinkedIn, X (Twitter), Google/YouTube, Facebook and Instagram (Meta), TikTok, Discord, Reddit, and others. We store the OAuth access and refresh tokens for these connections encrypted at rest.
Through a feature we call Platform Content Intelligence, we read data you have access to on connected platforms — your own posts, your engagement and analytics, your audience insights, and public trends — and use it to inform content ideas and recommendations for you. You control which platforms are connected and can disconnect any of them at any time.
Your own API and service keys (BYOK)
You may choose to store your own AI-provider API keys (for example OpenAI, Anthropic, Google, xAI, Mistral, or OpenRouter) and third-party service keys (for example ElevenLabs, video providers, or Resend). These keys are stored encrypted at rest and are used only to call those services on your behalf to provide the features you request.
Billing data
Payments are processed by Stripe. We receive limited billing information (such as your subscription status, plan, and the last four digits and brand of your card). We do not collect or store your full payment card number.
Usage, log, and device data
We collect standard log and usage data, such as IP address, browser and device information, pages viewed, actions taken in the Service, and timestamps, to operate, secure, and improve the Service.
Cookies and local storage
We use first-party cookies and browser local storage for essential functions such as keeping you signed in (session/auth), and a first-party visitor identifier used for attribution analytics on the owned-media websites published through Autoplugg. See “Cookies and tracking” below.
3. How we use your information
- To provide, operate, and maintain the Service and your account.
- To generate content and marketing assets you request, and to publish, schedule, and distribute them to the platforms you connect.
- To read your platform content and analytics (where you authorize it) in order to power Platform Content Intelligence, ideation, reporting, and recommendations.
- To process payments, manage subscriptions, and prevent fraud and abuse.
- To secure the Service, enforce our Terms, and comply with legal obligations.
- To communicate with you about the Service, including transactional messages and, where permitted, product updates. You can opt out of marketing messages.
- To analyze, troubleshoot, and improve the Service.
We do not use content or data received from connected platform APIs to train general-purpose AI models. Where AI features process your content, they do so to produce the outputs you request.
4. Legal bases for processing (EEA/UK)
If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR:
- Contract— to provide the Service you sign up for and manage your account and billing.
- Consent— for connecting your social/AI accounts, certain cookies, and optional marketing communications. You may withdraw consent at any time.
- Legitimate interests— to secure, maintain, and improve the Service and prevent abuse, where not overridden by your rights.
- Legal obligation— to comply with applicable laws, such as tax and accounting requirements.
5. Data from Google APIs and YouTube
When you connect a Google or YouTube account, Autoplugg accesses data through Google APIs and YouTube API Services in order to provide user-facing features — for example uploading and managing videos on your channel and reading your channel, video, and analytics data to power reporting and content ideas. We only access this data with your authorization and only to provide features you request.
Limited Use disclosure
Autoplugg’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. In particular, we do not use Google user data for serving advertisements, we limit our use of the data to providing or improving user-facing features that are prominent in the Autoplugg interface, we do not transfer or sell this data, and we do not allow humans to read it except as permitted by that policy (for example, with your affirmative consent, for security or to comply with law, or in aggregated/anonymized form).
YouTube API Services
Autoplugg uses YouTube API Services. By using the YouTube-connected features of Autoplugg, you agree to be bound by the YouTube Terms of Service. Your use of data through these features is also subject to the Google Privacy Policy.
You can revoke Autoplugg’s access to your Google and YouTube data at any time by disconnecting the account in Autoplugg, or through the Google security settings page at myaccount.google.com/permissions (also reachable at security.google.com/settings).
6. Data from other connected platforms
For Meta platforms (Facebook and Instagram), we access data through the Meta APIs to publish content and read insights and analytics you authorize, and we comply with the applicable Meta Platform Terms and developer policies. You can find data-deletion instructions on our Data Deletion page.
For LinkedIn, X (Twitter), TikTok, Discord, Reddit, and other connected platforms, we access data via OAuth strictly according to the permissions (scopes) you grant — to post on your behalf and to read your content and analytics — and we comply with each platform’s API and developer terms. You can revoke access at any time by disconnecting the account in Autoplugg or by removing Autoplugg from the connected-apps settings on the platform itself.
7. How we share information; subprocessors
We do not sell your personal data.We do not share it for cross-context behavioral advertising. We share information only as needed to run the Service, with the following categories of service providers (“subprocessors”):
- Supabase— database, authentication, and file storage.
- Google Cloud Platform— application hosting and infrastructure.
- AI providers you select, or OpenRouter— to generate content at your request. When you use your own keys (BYOK), the provider you chose receives the request under your account with that provider.
- Resend— to send transactional and, where permitted, marketing email.
- Stripe— to process payments.
- Connected social platforms(LinkedIn, X, Google/YouTube, Meta, TikTok, Discord, Reddit, and others) — to publish and read content you authorize.
We may also disclose information to comply with law or valid legal process, to protect the rights, safety, and security of Autoplugg, our users, or the public, and in connection with a merger, acquisition, or sale of assets (subject to this policy).
8. Data retention
We keep your personal information for as long as your account is active and as needed to provide the Service. When you delete your account, we delete or anonymize your personal data as described on our Data Deletion page, except where we must retain certain records (such as billing and tax records) to comply with legal obligations, resolve disputes, or enforce our agreements. Aggregated or anonymized data that no longer identifies you may be retained.
9. Your rights and choices
EEA/UK (GDPR)
Subject to applicable law, you have the right to access, rectify, and erase your personal data; to data portability; to object to or restrict certain processing; to withdraw consent (without affecting prior processing); and to lodge a complaint with your local data protection authority.
California (CCPA/CPRA) and other US states
Subject to applicable law, you have the right to know and access the personal information we collect, to delete it, and to correct it. You also have the right to opt out of the “sale” or “sharing” of personal information and of certain profiling — but as noted above, we do not sell your personal information and do not share it for cross-context behavioral advertising. We will not discriminate against you for exercising your rights.
How to exercise your rights
You can access and update much of your information directly in the Service under Settings(including exporting your data with “Export my data” and deleting your account). You can also email us at support@autoplugg.ai. We may need to verify your identity before acting on a request, and you may use an authorized agent where permitted by law.
10. Data deletion
You can delete your account and associated data at any time. For step-by-step instructions on deleting your data and revoking each platform’s access, see our Data Deletion Instructions.
11. Security
We take reasonable technical and organizational measures to protect your information. OAuth tokens and stored API/service keys are encrypted at rest, and data is transmitted over encrypted connections (TLS) in transit. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.
12. Cookies and tracking
We use strictly necessary first-party cookies and local storage to keep you signed in and to operate core features. On owned-media websites published through Autoplugg, a first-party visitor identifier is used for attribution analytics (measuring which content leads to sign-ups or conversions). We do not use these for cross-site advertising. You can control cookies through your browser settings, though disabling essential cookies may break the Service.
13. International data transfers
Autoplugg is operated from the United States, and our infrastructure and subprocessors may process your information in the United States and other countries. Where required, we rely on appropriate safeguards (such as the European Commission’s Standard Contractual Clauses) for cross-border transfers.
14. Children
The Service is not directed to, and is not intended for use by, anyone under the age of 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us personal information, contact us at support@autoplugg.ai and we will delete it.
15. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice or ask you to re-accept the policy. Your continued use of the Service after an update means you accept the revised policy.
16. Contact us
Royce & Company LLC
Email: support@autoplugg.ai