Skip to main content
Flamly

Privacy Policy

Last updated: March 26, 2026

1. Introduction

Flamly ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered carousel generation platform ("the Service").

2. Information We Collect

2.1 Information You Provide

  • Account Data: Name, email address, and password when you create an account.
  • Profile Data: Profile picture and display name.
  • Project Data: Brand information, niche, target audience, visual preferences, and content you configure for your projects.
  • Content: Images, text, and other assets you upload to the Service.
  • Performance Data: Post metrics (views, likes, comments, shares, saves) that you input or that are fetched from connected platforms.

2.2 Information from Third-Party Platforms

When you connect your TikTok or other social media accounts, we receive:

  • TikTok Profile Data: Username, display name, profile picture, follower count, following count, likes count, and video count.
  • Authentication Tokens: OAuth access tokens and refresh tokens to maintain your connection. These are stored securely and used solely to interact with the platform on your behalf.
  • Video Data: Information about your published videos including titles, view counts, and engagement metrics when you use the analytics features.

We only access the data scopes you explicitly authorize during the connection flow.

2.3 Automatically Collected Data

  • Usage Data: Pages visited, features used, generation requests, and interaction patterns.
  • Device Data: Browser type, operating system, IP address, and device identifiers.
  • Cookies: Session cookies for authentication and preference cookies for your settings (theme, etc.).

3. How We Use Your Information

  • Service Delivery: To generate carousel content, manage your projects, and provide analytics.
  • AI Improvement: Your performance data is used to improve content generation quality for your account. Generated content and performance data may be used in aggregated, anonymized form to improve our AI models.
  • Publishing: To publish content to your connected social media accounts when you explicitly request it.
  • Communication: To send you account-related notifications, password reset emails, and service updates.
  • Security: To detect and prevent fraud, abuse, and unauthorized access.

4. Data Storage and Security

  • Database: Your data is stored in PostgreSQL databases hosted on Neon (EU region).
  • File Storage: Uploaded images and generated carousel slides are stored on Amazon S3.
  • Authentication: Passwords are hashed using bcrypt. OAuth tokens are encrypted at rest.
  • Transport: All data is transmitted over HTTPS/TLS.
  • Access: Access to production data is restricted to authorized personnel only.

5. Data Sharing

We do not sell your personal data. We may share data with:

  • Third-Party Platforms: When you publish content to TikTok or other connected platforms, your content and metadata are sent to those platforms per their own privacy policies.
  • Service Providers: We use third-party services including OpenAI (content generation), Amazon Web Services (storage), and Neon (database hosting). These providers process data on our behalf under data processing agreements.
  • Legal Requirements: We may disclose data if required by law, court order, or governmental authority.

6. TikTok Data Usage

When you connect your TikTok account to Flamly:

  • We access your TikTok data only within the scopes you authorize (profile info, video stats, content publishing).
  • Your TikTok access tokens are stored securely and are never shared with third parties.
  • We automatically refresh expired tokens to maintain your connection. Refresh tokens are valid for up to 365 days.
  • You can revoke access at any time by disconnecting your TikTok account in Settings or through TikTok's own app management settings.
  • If you revoke access from TikTok directly, we receive a webhook notification and automatically remove your stored tokens.
  • We do not access your TikTok direct messages, contacts, or any data beyond the scopes listed during authorization.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Deletion: Request deletion of your data. You can delete your account at any time from Settings, which removes all your projects, carousels, assets, and connected accounts.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to certain processing activities.
  • Withdraw Consent: Withdraw consent for optional data processing at any time.

To exercise these rights, contact us at privacy@flamly.com.

8. Data Retention

  • Account data is retained for the duration of your account.
  • Upon account deletion, personal data is removed within 30 days. Some data may be retained in encrypted backups for up to 90 days.
  • Aggregated, anonymized analytics data may be retained indefinitely.
  • TikTok authentication tokens are deleted immediately when you disconnect your account or when TikTok sends a deauthorization webhook.

9. Cookies

We use essential cookies for authentication and session management. We use preference cookies to store your theme and display settings. We do not use third-party advertising or tracking cookies. For more details, see our Cookie Policy.

10. Children's Privacy

The Service is not directed to children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

11. International Data Transfers

Your data may be processed in the European Union and the United States through our service providers (AWS, Neon, OpenAI). We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. The "Last updated" date at the top indicates the most recent revision.

13. Contact Us

For any privacy-related questions, concerns, or data requests, contact us at:

← Back to FlamlyTerms of Service →