Privacy Policy
Last updated: March 24, 2026
FreshPosts, a trading name of Teona Burchuladze, sole trader registered for Self Assessment in the United Kingdom. We operate the freshpostspro.com platform. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform.
1. What We Collect
We collect the following categories of information:
Account Information (via Clerk)
- Name and email address
- Business name, type, and location
- Website URL
WordPress Credentials
- WordPress site URL
- WordPress Application Password (encrypted; see Data Storage below)
Content Preferences
- Business category and target audience
- Preferred topics and writing tone
- Content calendar selections
Payment Information
- Processed entirely by our payment provider. We never store credit card numbers, CVVs, or full card details on our servers.
2. How We Use Your Data
- Account management — Creating and maintaining your FreshPosts account
- Content generation — Using your business information to generate relevant, targeted blog posts
- Publishing — Connecting to your WordPress site to publish and manage posts
- Analytics — Tracking content performance to improve post quality and strategy
- Communication — Sending account-related emails, billing notifications, and platform updates
- Platform improvement — Using anonymized, aggregated data to improve our content pipeline
3. AI Processing
Your business information (business type, location, target audience, and content preferences) is processed by AI language models to generate blog content. Specifically:
- Business context is sent to AI models to write relevant, industry-specific blog posts
- No personal data (your name, email, phone number, or payment details) is included in AI prompts or generated blog posts
- AI models process your business information only for the purpose of content generation
- Generated content is reviewed by automated quality checks before publishing
4. Third-Party Processors
We use the following third-party processors to operate the platform:
| Provider | Purpose | Data Shared |
|---|---|---|
| Clerk | Authentication & user management | Name, email, login sessions |
| Payment provider (currently Paddle) | Payment processing | Billing email, payment method |
| Google Gemini | Content generation | Business type, location, topic context |
| Anthropic Claude | Content generation & quality review | Business type, location, topic context |
| WordPress | Content publishing | Blog post content, Application Password |
Each processor operates under their own privacy policy and data processing agreements. We only share the minimum data required for each processor to perform its function.
5. Data Storage
- Account data is stored in a PostgreSQL database, encrypted at rest
- WordPress Application Passwords are encrypted with AES-256 before storage
- All data transmission uses TLS/HTTPS encryption
- Database backups are encrypted and access-controlled
- Infrastructure is hosted on cloud providers with SOC 2 and ISO 27001 certifications
6. Data Retention
- Account data is retained while your account is active
- After account closure or cancellation, your data is permanently deleted within 30 days
- Generated content that has been published to your WordPress site is not deleted by us — it remains on your website under your control
- Payment records may be retained for up to 7 years as required by tax and financial regulations
- Anonymized, aggregated analytics data may be retained indefinitely
7. Your Rights (GDPR)
Under the General Data Protection Regulation (GDPR) and applicable data protection laws, you have the right to:
- Access — Request a copy of the personal data we hold about you
- Rectification — Request correction of inaccurate or incomplete personal data
- Erasure — Request deletion of your personal data ("right to be forgotten")
- Portability — Receive your personal data in a structured, machine-readable format
- Objection — Object to processing of your data for specific purposes
- Restriction — Request restriction of processing in certain circumstances
- Withdraw consent — Where processing is based on consent, withdraw that consent at any time
To exercise any of these rights, contact us at privacy@freshpostspro.com. We will respond within 30 days.
You also have the right to lodge a complaint with your local data protection supervisory authority.
8. Cookies
FreshPosts uses minimal cookies:
- Clerk session cookies — Required for authentication and keeping you signed in. These are strictly necessary cookies.
We do not use:
- Advertising or tracking cookies
- Analytics cookies (no Google Analytics, no tracking pixels)
- Third-party marketing cookies
Because we only use strictly necessary cookies, no cookie consent banner is required under GDPR.
9. International Transfers
Your data may be processed in the United States or the European Union by our cloud infrastructure providers and third-party processors. Where data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.
10. Children
FreshPosts is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us immediately and we will delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time. For material changes, we will provide at least 30 days notice via email to the address associated with your account. The "Last updated" date at the top of this page reflects the most recent revision.
12. Contact & Data Protection Officer
For privacy-related questions or to exercise your data rights:
- Email: privacy@freshpostspro.com
- Data Protection Officer: dpo@freshpostspro.com
- Website: freshpostspro.com
- FreshPosts, a trading name of Teona Burchuladze, sole trader, United Kingdom.
© 2026 FreshPosts — Teona Burchuladze, United Kingdom