Privacy Policy
NaiPost values your privacy. This Policy explains how we collect, use, store, share, and protect your information, and your rights.
Last updated: 2026-06-15
This document follows your site language. When using X, Meta (Facebook/Instagram), LinkedIn, or TikTok features, you must also comply with each platform's applicable terms. If any discrepancy arises, the English version prevails; other languages are for reference only.
1. Introduction
This Privacy Policy applies to https://naipost.com and services provided by NaiPost.
We process personal information in accordance with applicable laws, including PIPL and related regulations in China, and with reference to international standards such as GDPR where applicable.
By using the Service, you acknowledge this Policy. If you disagree, please stop using the Service.
2. Data Controller
Data controller: NaiPost Operations Team
Privacy contact: privacy@naipost.com
General support: support@naipost.com
3. Information We Collect
We may collect the following categories of information:
- Account data: email, nickname, password hash, third-party login identifiers (e.g., Google OAuth);
- Connected social accounts (where available): platform account IDs, OAuth tokens (stored encrypted), public profile fields, and publish records for X, Facebook, Instagram, LinkedIn, and similar platforms you authorize;
- Usage data: scenarios, input text, generation history, one-click publish job status, feature logs, device type, browser, IP address, access times;
- Media content: audio, video, images you upload and related metadata;
- Transaction data: order ID, plan type, payment status (payment card data is processed directly by payment providers; we do not store full card numbers);
- Cookies and similar technologies: session IDs, language preference, login state;
- Support communications: tickets, emails, or feedback you submit.
4. Purposes and Legal Bases
We process personal information for the following purposes:
- Provide, maintain, and improve the Service (contract / legitimate interests);
- Account registration, authentication, and security (contract / legal obligation);
- Process VIP orders and support (contract);
- Invoke AI and media services to fulfill your creation requests (contract / consent);
- Analytics and service optimization (legitimate interests, with de-identification or aggregation where feasible);
- Send important notices, policy updates, or security alerts (legal obligation / legitimate interests);
- Other purposes with your explicit consent.
6. AI Processing Notice
To provide AI generation, link extraction, voice synthesis, image generation, and video processing, your inputs may be transmitted to third-party LLM or cloud providers we integrate.
We transmit only data necessary for the requested feature and contractually require appropriate safeguards. Avoid submitting unnecessary sensitive personal data in inputs.
AI outputs are stored under your account for viewing, download, or deletion, except where retention is required by law.
7. Cross-Border Transfers
Our servers or third-party services may be located inside or outside China. Where cross-border transfer is required, we comply with applicable laws, including security assessments, standard contractual clauses, or separate consent where required.
Contact privacy@naipost.com for details on cross-border transfers and safeguards.
8. Retention
We retain personal information only as long as necessary for the purposes described:
- Account data: for the life of the account; deleted or anonymized after deletion unless retention is legally required;
- Generation and media records: until you delete them or close your account, generally up to 24 months unless legally required otherwise;
- Logs and security data: typically up to 12 months;
- Transaction records: as required for accounting, tax, and regulatory purposes.
9. Security Measures
We implement reasonable technical and organizational safeguards, including HTTPS/TLS, access controls, password hashing, least privilege, logging, and backups.
No method of transmission or storage is 100% secure. If a personal data incident occurs, we will respond as required by law and notify you where appropriate.
10. Your Rights
Depending on applicable law, you may have the following rights:
- Access and obtain a copy of your personal information;
- Correct or supplement inaccurate information;
- Delete personal information where legally applicable;
- Withdraw consent (without affecting prior lawful processing);
- Close your account;
- Obtain a copy or transfer data where technically feasible;
- Restrict or object to certain non-essential processing;
- Lodge a complaint with a supervisory authority.
11. How to Exercise Your Rights
Email privacy@naipost.com with your request and identity verification details. We will respond within 15 business days or as required by law.
We may verify account ownership for security. We may refuse manifestly unfounded, excessive, or technically infeasible requests as permitted by law.
12. Children
The Service is intended primarily for users aged 18 or older. If you are under 18, use the Service only with guardian consent and supervision.
If we learn that we collected a minor's personal information without guardian consent, we will delete it promptly.
14. Policy Updates
We may update this Policy and publish changes on our website. Last updated: 2026-06-15. Material changes will be notified by reasonable means.
5. Social Platform Binding and Publishing
X, Facebook, Instagram, LinkedIn, TikTok, and their logos are trademarks or service marks of their respective owners. We are not affiliated with, endorsed by, or an agent of these platforms.
When you connect social accounts or initiate publishing, we process platform account IDs, access tokens, publish payloads, and status callbacks on a need-to-know basis. Platforms may process data outside your country under their own policies; see each platform's privacy center for details.
You may revoke authorization in the Service or on each platform. After revocation, we stop new publish requests and delete or invalidate related tokens within a reasonable period, except logs we must retain by law.
We are not responsible for third-party platform data practices, account enforcement, or regional unavailability. You must ensure binding and publishing comply with local law and platform rules in your region.