Privacy Policy

1. Introduction

Social Methods ("Company", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our digital marketing services (collectively, the "Services"). Please read this Privacy Policy carefully. By using our Services, you consent to the practices described in this policy.

This policy applies to all users of our Services, regardless of location. If you are located in the European Economic Area (EEA) or the United Kingdom, additional rights and protections apply to you under the General Data Protection Regulation (GDPR), as described in Section 10 below.

2. Data Controller

Social Methods is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data practices, you can contact us through our Support page or by email at [email protected].

3. Information We Collect

3.1 Account Information

When you create an account, we collect your email address and, optionally, a display name you choose during onboarding. We use a passwordless authentication system (magic links), so we do not collect or store passwords.

3.2 Payment Information

All payment processing is handled securely by PayPal. We do not collect, process, or store your full credit or debit card numbers, CVV codes, or card expiration dates. PayPal may collect billing information directly from you during checkout. We receive and store only the following from PayPal: your PayPal transaction ID, payment status, and payer email address. For more information on how PayPal handles your data, please refer to PayPal's Privacy Policy.

3.3 Order and Service Data

When you place an order, we collect information necessary to fulfil your campaign, including: the services selected, quantities, pricing, social media usernames or profile URLs you provide, and any special instructions. We also generate and store order reference numbers, timestamps, and delivery status records.

3.4 Automatically Collected Data

When you access our Services, we automatically collect certain technical information, including:

• —IP address and approximate geolocation
• —Browser type, version, and language preferences
• —Operating system and device type
• —Referring URLs and pages visited
• —Date, time, and duration of your visits
• —Screen resolution and viewport size

3.5 Fraud Prevention and Chargeback Evidence Data

4. Legal Basis for Processing (GDPR)

If you are located in the EEA or the United Kingdom, we process your personal data on the following legal bases:

• •Contract Performance: Processing your account data and order information is necessary to provide our Services and fulfil your purchases (Article 6(1)(b) GDPR).
• •Legitimate Interests: We process fraud prevention data, analytics, and chargeback evidence under our legitimate interest in protecting our business, preventing fraud, and improving our Services (Article 6(1)(f) GDPR). We have conducted a balancing test and determined that these interests do not override your fundamental rights.
• •Consent: Where required, we obtain your consent before processing data for marketing communications or non-essential cookies (Article 6(1)(a) GDPR). You may withdraw consent at any time.
• •Legal Obligation: We may process your data to comply with applicable laws, regulations, or legal proceedings (Article 6(1)(c) GDPR).

5. How We Use Your Information

We use the information we collect for the following purposes:

• —To provide, operate, and maintain our Services
• —To process your orders and manage your account
• —To communicate with you about your orders, support requests, and service updates
• —To send you magic link authentication emails
• —To improve, personalise, and expand our Services
• —To detect, prevent, and address fraud, abuse, and technical issues
• —To defend against chargebacks and payment disputes using collected evidence
• —To comply with legal obligations and enforce our Terms of Service
• —To analyse usage patterns and optimise our website performance

6. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

• •PayPal: We share necessary transaction details with PayPal to process your payments securely. PayPal acts as an independent data controller for payment data. PayPal may also collect data directly from you during the checkout process.
• •Service Delivery Partners: We share limited order information (such as your social media username or profile URL) with our service delivery partners to fulfil your campaigns. We never share your email address, password, or login credentials with delivery partners.
• •Payment Dispute Resolution: In the event of a chargeback or payment dispute, we may share transaction evidence (including IP address, device information, TOS acceptance timestamps, and delivery records) with PayPal and relevant financial institutions to defend against the dispute.
• •Legal Requirements: We may disclose your information if required to do so by law, in response to valid requests by public authorities (e.g., a court or government agency), or to protect our rights, property, or safety.
• •Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal data.

7. Cookies and Tracking Technologies

We use the following types of cookies and similar technologies:

• •Essential Cookies: Required for the operation of our website. These include session cookies that maintain your login state and shopping cart. You cannot opt out of essential cookies as our Services will not function without them.
• •Functional Cookies: Used to remember your preferences and settings, such as your selected currency or display preferences. These enhance your experience but are not strictly necessary.
• •Analytics Cookies: Help us understand how visitors interact with our website by collecting and reporting information anonymously. We use this data to improve our Services and user experience.

You can control cookie settings through your browser preferences. Most browsers allow you to refuse cookies or alert you when a cookie is being sent. Please note that disabling cookies may affect the functionality of certain features of our Services.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

• —Encryption of all data in transit using TLS/SSL
• —Secure, passwordless authentication via time-limited magic links
• —Encrypted session tokens with automatic expiration
• —Role-based access controls limiting data access to authorised personnel
• —Regular security assessments and monitoring
• —Secure cloud infrastructure with automated backups

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

9. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our Services. Specific retention periods are as follows:

• •Account Data: Retained for the lifetime of your account. Deleted within 30 days of account deletion request, subject to legal retention requirements.
• •Order and Transaction Records: Retained for a minimum of 6 years from the date of the transaction to comply with financial record-keeping obligations and to defend against potential disputes.
• •Fraud Prevention and Chargeback Evidence: Retained for a minimum of 540 days from the transaction date (the maximum chargeback window), or longer if an active dispute is in progress. This includes IP addresses, device information, and TOS acceptance timestamps.
• •Authentication Tokens: Magic link tokens expire automatically after 15 minutes. Session tokens expire after the configured session duration.
• •Analytics and Usage Data: Retained in anonymised or aggregated form for up to 24 months for service improvement purposes.

When your data is no longer needed for the purposes described above, we will securely delete or anonymise it in accordance with our data retention procedures.

10. Your Rights (GDPR and UK Data Protection)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018:

• •Right of Access: You have the right to request a copy of the personal data we hold about you. We will provide this information in a commonly used electronic format within 30 days of your request.
• •Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
• •Right to Erasure: You have the right to request that we delete your personal data, subject to certain exceptions (e.g., where we need to retain data for legal compliance or to defend against disputes).
• •Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
• •Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format (e.g., JSON or CSV) and to transmit that data to another controller.
• •Right to Object: You have the right to object to our processing of your personal data where we rely on legitimate interests as our legal basis. We will cease processing unless we can demonstrate compelling legitimate grounds.
• •Right to Withdraw Consent: Where we process your data based on consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

To exercise any of these rights, please contact us through our Support page or email us at [email protected]. We will respond to your request within 30 days. If we are unable to comply with your request, we will explain the reasons.

You also have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk.

11. International Data Transfers

Your personal data may be transferred to and processed in countries outside the EEA or the United Kingdom. Where we transfer your data internationally, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, or reliance on the recipient's participation in an approved data transfer framework. By using our Services, you acknowledge that your data may be processed in jurisdictions with different data protection laws than your own.

12. Third-Party Services

Our Services integrate with or link to the following third-party services, each of which has its own privacy policy:

• •PayPal: Payment processing. PayPal collects and processes payment information directly. See PayPal's Privacy Policy. View policy

We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. We encourage you to review the privacy policies of any third-party services you access through our platform.

13. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal data from a child under 18, we will take steps to delete that information promptly. If you believe we have inadvertently collected data from a minor, please contact us immediately.

14. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals. Our website does not currently respond to DNT signals, as there is no industry-wide standard for how to handle such signals. We will update this policy if a standard is established in the future.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by updating the "Last updated" date at the top of this page. For significant changes, we may also notify you by email or through a notice on our website. We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes constitutes your acceptance of the updated policy.

16. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your data protection rights, please contact us:

We aim to respond to all privacy-related enquiries within 30 days.