Privacy Policy

ModeratorX ("we," "our," or "us") is an AI-powered social media comment moderation platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at moderatorx.com and any associated applications (the "Service").

By using ModeratorX, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2.1 Account Information

• Name, email address, and password when you register
• Billing information processed securely through Stripe (we do not store your full card details)

2.2 Social Media Account Data

When you connect a social media platform, we receive:

• Facebook & Instagram — Page/account IDs, access tokens, page names
• YouTube — Channel ID, access and refresh tokens
• Threads — User ID, access token
• Twitter/X — Account ID, OAuth 2.0 tokens
• LinkedIn — Organization ID, access token

We store OAuth tokens securely to maintain your platform connections. Tokens are encrypted at rest and automatically cleaned up upon expiry.

2.3 Comment Data

• Comments and replies from your connected social media accounts, received via platform webhooks or polling
• Comment metadata including author name, timestamp, and platform identifiers
• AI moderation results: decision (show/hide), toxicity score, sentiment analysis, and flagged keywords

2.4 API Keys (BYOA — Bring Your Own API Key)

If you choose to provide your own AI provider API keys (OpenAI, Anthropic, or Google), these keys are encrypted using AES-256 before storage and are never logged or exposed in plaintext. You can delete your keys at any time through your dashboard.

2.5 Usage Data

• Moderation action history (approve, hide, delete)
• Dashboard analytics and report data
• Feature usage patterns for service improvement

We use the information we collect to:

• Provide AI-powered comment moderation on your connected social media accounts
• Analyze comments for toxicity, spam, sentiment, and policy violations using AI models
• Execute moderation actions (hide, show, delete comments) on your behalf via platform APIs
• Display moderation analytics, reports, and keyword trends in your dashboard
• Process payments and manage your subscription via Stripe
• Send transactional emails (verification, password reset, token expiry alerts)
• Maintain and improve the Service

We do not sell, rent, or trade your personal information. We share data only with the following third parties, strictly to provide the Service:

• AI Providers (OpenAI, Anthropic, Google) — Comment text is sent to your selected AI provider for moderation analysis. If you use BYOA, comments are processed under your own API key and provider agreement.
• Social Media Platforms (Meta, Google, Twitter, LinkedIn) — To execute moderation actions (e.g., hiding a comment) on your connected accounts
• Stripe — To process subscription payments. Stripe handles all payment data under its own privacy policy.
• Email Provider — To deliver transactional and notification emails

We do not use your comment data to train AI models. Your data is never shared across different customer accounts.

We implement industry-standard security measures to protect your data:

• All connections encrypted via HTTPS/TLS
• API keys encrypted at rest using AES-256
• JWT-based authentication with secure token rotation
• Rate limiting on all API endpoints
• Role-based access control for admin operations
• Audit logging of all administrative actions
• Automatic cleanup of expired tokens and sessions

While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

• Account data — Retained for as long as your account is active
• Comment data — Retained for the duration of your subscription. Older comments may be archived for analytics purposes.
• Moderation logs — Retained for audit and reporting purposes during your subscription
• Payment records — Retained as required by applicable tax and accounting laws

Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law.

Depending on your jurisdiction, you may have the right to:

• Access — Request a copy of the personal data we hold about you
• Rectification — Update or correct inaccurate personal data
• Deletion — Request deletion of your personal data
• Portability — Receive your data in a structured, machine-readable format
• Disconnect — Revoke platform connections at any time through your dashboard
• Withdraw Consent — Where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us at privacy@moderatorx.com.

For users in the European Economic Area (EEA), we process personal data under the following legal bases:

• Contract — Processing necessary to provide the Service you signed up for
• Legitimate Interest — Analytics and service improvement
• Consent — Marketing communications (where applicable)

We support platform-specific data deletion requests, including Threads/Instagram GDPR callback endpoints for data deletion and deauthorization.

ModeratorX does not use tracking cookies. We use browser local storage solely to store your authentication tokens (JWT) for session management. No third-party tracking scripts or advertising cookies are used.

ModeratorX is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected information from a child, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, contact us at:

• Email: privacy@moderatorx.com