Privacy Policy

Last updated: April 2025

1. Introduction

CMO-Copilot (“we”, “our”, or “us”) operates an AI-powered content generation and publishing platform. This Privacy Policy explains what information we collect, how we use it, and your rights in relation to it. By using our service, you agree to the practices described in this policy.

2. Information We Collect

We collect the following categories of information:

  • Account data: name, email address, and password when you register.
  • Brand assets: documents, guidelines, and files you upload to build your knowledge base.
  • Integration credentials: API keys and tokens for third-party services (WooCommerce, WordPress, Buffer, Google Ads, Meta Ads). These are encrypted at rest.
  • Usage data: pages visited, features used, content generated, and publishing activity.
  • Performance data: analytics from connected platforms (e.g. WooCommerce sales, social reach via Buffer) used to generate reports and improve your content plan.

3. How We Use Your Information

  • To generate, schedule, and publish content on your behalf.
  • To build and maintain your brand knowledge base.
  • To provide performance analytics and monthly content planning.
  • To operate, maintain, and improve the platform.
  • To send transactional emails (account setup, publishing confirmations, alerts).
  • To comply with legal obligations.

We do not sell your data to third parties.

4. Third-Party Services

CMO-Copilot integrates with third-party platforms including WordPress, Buffer, WooCommerce, Google Ads, and Meta Ads. When you connect these services, relevant data is exchanged to perform publishing and analytics functions. Each third-party service is governed by its own privacy policy, and we encourage you to review those policies.

We use AI providers (including Anthropic and OpenAI) to generate content. Prompts and brand context may be transmitted to these providers strictly for content generation purposes. We do not permit these providers to train on your data.

5. Data Security

We implement industry-standard security measures including encryption at rest (via pgcrypto), encrypted connections (TLS), and row-level security on all tenant data. Access to your data is restricted to your account only. Despite these measures, no system is completely secure and we cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active. If you close your account, we will delete your personal data within 30 days, except where retention is required by law or legitimate business purposes (e.g. billing records).

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Object to or restrict certain processing activities.
  • Data portability.

To exercise any of these rights, contact us at privacy@cmo-copilot.com.

8. Cookies

We use essential cookies for authentication and session management. We also use analytics cookies (PostHog) to understand how the platform is used. You can disable non-essential cookies in your browser settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notice. Continued use of the service after changes take effect constitutes your acceptance of the updated policy.

10. Contact

For any privacy-related questions, contact us at privacy@cmo-copilot.com.