Privacy Policy

Last Updated: 23rd Oct 2025

1. INTRODUCTION

[Company Name] ("Company," "we," "us," or "our") is committed to protecting the privacy and security of personal data. This Privacy Policy ("Policy") explains how we collect, use, disclose, store, and protect personal data when you access our website at freelancesocialmediamanagers.com (the "Website") and use our freelance social media management services (the "Services").

This Policy applies to:

(a) Visitors to our Website;

(b) Clients who create accounts and use our Services ("Clients" or "Users");

(c) Individuals whose personal data may be accessed through Client social media accounts or platforms we manage on their behalf ("End Users").

[Company Name] is registered in Singapore and operates in compliance with the Personal Data Protection Act 2012 (PDPA) of Singapore. Where applicable, we also adhere to the General Data Protection Regulation (GDPR) for individuals located in the European Economic Area (EEA) and the United Kingdom.

By accessing our Website or using our Services, you acknowledge that you have read and understood this Privacy Policy.

2. DEFINITIONS

"Client Data" means all data, content, social media account credentials, analytics, and materials provided by or accessed through Clients in connection with the Services.

"Data Controller" means the entity that determines the purposes and means of processing personal data. With respect to Client account information, we act as the Data Controller. With respect to End User data accessed through Client social media accounts, the Client acts as the Data Controller.

"Data Processor" means the entity that processes personal data on behalf of the Data Controller. With respect to End User data accessed through Client social media platforms, we act as the Data Processor.

"Personal Data" means any information that identifies or can be used to identify an individual, directly or indirectly.

"Processing" means any operation performed on personal data, including collection, recording, storage, retrieval, use, disclosure, transmission, and deletion.

"End User" means any individual whose personal data is accessible through a Client's social media accounts or platforms that we manage.

"Social Media Platforms" means third-party platforms including but not limited to Facebook, Instagram, LinkedIn, X (formerly Twitter), TikTok, Pinterest, YouTube, and other social networking services.

3. DATA CONTROLLER AND DATA PROCESSOR ROLES

3.1 Our Role as Data Controller

We act as the Data Controller for the personal data we collect directly from:

  • Website visitors
  • Clients who create accounts and use our Services
  • Individuals who contact us for inquiries or support

As Data Controller, we determine the purposes and means of processing this personal data and are responsible for compliance with applicable data protection laws.

3.2 Our Role as Data Processor

We act as the Data Processor for personal data accessed through Client social media accounts and platforms. In this capacity:

  • The Client remains the Data Controller for End User data
  • We process End User data only in accordance with Client instructions and for the purposes of providing our Services
  • We implement appropriate technical and organizational security measures
  • We assist Clients in fulfilling their obligations under applicable data protection laws

Clients are solely responsible for ensuring they have appropriate authorization to grant us access to their social media accounts and for complying with the terms of service of each Social Media Platform.

4. PERSONAL DATA WE COLLECT

4.1 Information You Provide Directly

We collect personal data that you voluntarily provide to us, including:

Account Registration Data:

  • Full name
  • Business name
  • Email address
  • Telephone number
  • Billing address
  • Password (stored in encrypted form)

Payment Information:

  • Payment card details (processed and stored by our payment processor; we do not store complete card numbers)
  • Billing history
  • Transaction records

Social Media Account Access:

  • Login credentials or OAuth tokens for Social Media Platforms you authorize us to manage
  • Account settings and preferences
  • Platform API access permissions

Communication Data:

  • Correspondence via email, contact forms, or support tickets
  • Content briefs, brand guidelines, and creative direction
  • Feedback and approval communications

4.2 Information Collected Automatically

When you access our Website or use our Services, we automatically collect certain information, including:

Technical Data:

  • IP address
  • Browser type and version
  • Operating system
  • Device identifiers
  • Screen resolution

Usage Data:

  • Pages visited and features used
  • Time and date of access
  • Referring website addresses
  • Click patterns and navigation paths
  • Session duration

Cookie Data:

  • Information collected through cookies, pixels, and similar tracking technologies (see Section 10)

4.3 Client Data and Social Media Information

Through our management of Client social media accounts, we may access and process:

  • Social media account analytics and performance metrics
  • Follower and audience demographic data
  • Comments, messages, and engagement data
  • Content performance statistics
  • User-generated content and interactions
  • Advertising campaign data and audience insights

We process this data solely on behalf of and under the instructions of our Clients. End Users with questions about how their data is used should contact the Client (the business whose social media account they interacted with) directly.

4.4 Information from Third Parties

We may receive personal data from third-party sources, including:

  • Payment processors (transaction confirmations and fraud detection data)
  • Social Media Platforms (account analytics and insights via authorized APIs)
  • Publicly available sources (for business verification purposes)

5. PURPOSES OF PROCESSING

5.1 Personal Data of Clients and Website Visitors

We process your personal data for the following purposes:

Service Delivery:

  • Creating and managing your account
  • Providing access to our social media management Services
  • Creating, scheduling, and publishing social media content
  • Managing community engagement and responding to comments and messages
  • Generating analytics reports and performance insights
  • Delivering customer support and responding to inquiries

Payment Processing:

  • Processing service fees and charges
  • Managing billing and invoicing
  • Detecting and preventing payment fraud

Communication:

  • Sending transactional emails (account confirmations, password resets, service notifications)
  • Providing service updates and announcements
  • Responding to your requests and inquiries

Service Improvement:

  • Analyzing usage patterns to improve our Services
  • Developing new features and functionalities
  • Conducting internal research and analytics

Legal and Compliance:

  • Complying with applicable laws and regulations
  • Enforcing our Terms and Conditions
  • Protecting our rights, property, and safety
  • Responding to legal requests and preventing fraud

Marketing (with consent):

  • Sending promotional communications about our Services
  • Providing personalized recommendations

5.2 Social Media Data (Processed on Behalf of Clients)

We process social media data accessed through Client accounts solely to:

  • Create and publish content on behalf of Clients
  • Manage community engagement and respond to audience interactions
  • Provide audience insights and analytics reports
  • Optimize content strategy based on performance data
  • Comply with Client instructions

6. LEGAL BASES FOR PROCESSING

We process personal data based on the following legal grounds:

6.1 Contractual Necessity

We process personal data necessary to perform our contract with you, including providing access to your account and delivering the Services you have requested.

6.2 Legitimate Interests

We process personal data for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. Our legitimate interests include:

  • Operating and improving our Services
  • Ensuring network and information security
  • Preventing fraud and unauthorized access
  • Conducting business analytics
  • Marketing our Services to existing Clients

6.3 Legal Obligations

We process personal data to comply with legal obligations, including tax requirements, anti-money laundering laws, and responses to lawful requests from authorities.

6.4 Consent

Where required by law, we obtain your consent before processing personal data for specific purposes, such as sending marketing communications. You may withdraw consent at any time without affecting the lawfulness of processing performed prior to withdrawal.

7. DATA SHARING AND DISCLOSURE

7.1 Service Providers

We share personal data with trusted third-party service providers who assist us in operating our business and delivering the Services, including:

  • Payment Processing: Our payment processor handles all payment transactions on our behalf.
  • Social Media Management Tools: We may use third-party scheduling, analytics, and management tools to deliver our Services.
  • Cloud Infrastructure Providers: We use cloud hosting services to store and process data securely.
  • Analytics Providers: We use analytics services to understand Website usage and improve our Services.

All service providers are contractually obligated to protect personal data and process it only for specified purposes.

7.2 Social Media Platforms

When we manage your social media accounts, data is transmitted to and processed by the respective Social Media Platforms in accordance with their privacy policies and terms of service. We encourage you to review the privacy policies of each platform you use.

7.3 Legal Requirements

We may disclose personal data if required to do so by law or in response to valid legal requests, including:

  • Court orders and subpoenas
  • Government or regulatory agency requests
  • Law enforcement inquiries

We will notify you of such requests where legally permitted.

7.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, personal data may be transferred to the acquiring entity. We will provide notice before personal data becomes subject to a different privacy policy.

7.5 Protection of Rights

We may disclose personal data when necessary to:

  • Enforce our Terms and Conditions
  • Protect our rights, property, or safety
  • Protect the rights, property, or safety of our Clients or others
  • Investigate potential violations of our policies

7.6 No Sale of Personal Data

We do not sell, rent, or trade personal data to third parties for their marketing purposes.

8. INTERNATIONAL DATA TRANSFERS

8.1 Cross-Border Transfers

As a Singapore-based company serving international Clients and using Social Media Platforms that operate globally, personal data may be transferred to and processed in countries outside your country of residence. These countries may have data protection laws that differ from those in your jurisdiction.

8.2 Safeguards for Transfers

When transferring personal data internationally, we implement appropriate safeguards, including:

  • Standard Contractual Clauses approved by relevant authorities
  • Data Processing Agreements with service providers
  • Transfers to countries recognized as providing adequate data protection
  • Certification mechanisms where applicable

8.3 EEA and UK Transfers

For transfers of personal data from the European Economic Area (EEA) or United Kingdom, we rely on:

  • Standard Contractual Clauses adopted by the European Commission
  • Adequacy decisions where applicable
  • Other lawful transfer mechanisms recognized under GDPR

9. DATA RETENTION

9.1 Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Account Data: Retained for the duration of your account and for seven (7) years thereafter to comply with legal and regulatory requirements.
  • Transaction Records: Retained for seven (7) years to comply with tax and accounting obligations.
  • Communication Records: Retained for three (3) years from the date of communication.
  • Usage Data: Retained for two (2) years for analytics and service improvement purposes.
  • Client Data (including social media access): Retained for the duration of the Client's account. Upon account termination, Client Data is retained for thirty (30) days to allow for data export, after which it is deleted unless retention is required by law or requested by the Client. Social media account access credentials are revoked immediately upon termination.

9.2 Deletion

When personal data is no longer required, we securely delete or anonymize it in accordance with our data retention and disposal procedures.

9.3 Backup Systems

Residual copies of personal data may remain in backup systems for a limited period. Such data is protected by the same security measures and is permanently deleted according to our backup rotation schedule.

10. COOKIES AND TRACKING TECHNOLOGIES

10.1 Types of Cookies We Use

Our Website uses cookies and similar tracking technologies to enhance your experience. We use the following categories of cookies:

  • Strictly Necessary Cookies: Essential for Website functionality, including authentication, security, and session management. These cookies cannot be disabled.
  • Performance Cookies: Collect information about how visitors use our Website, including pages visited, traffic sources, and error messages. This data is aggregated and anonymized.
  • Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences and settings.
  • Analytics Cookies: Help us understand Website usage patterns and improve our Services. We may use third-party analytics services that set their own cookies.

10.2 Cookie Management

You can manage cookie preferences through your browser settings. Most browsers allow you to:

  • View cookies stored on your device
  • Delete all or specific cookies
  • Block cookies from specific or all websites
  • Set preferences for first-party and third-party cookies

Please note that disabling certain cookies may affect Website functionality and your ability to use some features of our Services.

10.3 Do Not Track

Our Website does not currently respond to "Do Not Track" browser signals. However, you can manage tracking preferences through cookie settings as described above.

11. DATA SECURITY

11.1 Security Measures

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

Technical Safeguards:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Secure password hashing
  • Secure storage of social media credentials and access tokens
  • Regular security assessments and vulnerability testing
  • Access logging and monitoring

Organizational Safeguards:

  • Role-based access controls
  • Confidentiality obligations
  • Incident response procedures
  • Vendor security assessments

11.2 Social Media Account Security

We take special precautions to protect access to Client social media accounts, including using OAuth authentication where available, limiting access to authorized personnel only, and implementing secure credential management practices.

11.3 No Absolute Security

While we take reasonable measures to protect personal data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security of personal data.

11.4 Security Incident Response

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

  • Notify affected individuals without undue delay where required by law
  • Notify relevant supervisory authorities within required timeframes
  • Take immediate steps to contain and remediate the breach
  • Document the breach and our response measures

12. YOUR RIGHTS

12.1 Rights Under PDPA (Singapore)

If you are located in Singapore, you have the following rights under the Personal Data Protection Act 2012:

  • Right of Access: You may request access to your personal data held by us and information about how it has been used or disclosed within the past year.
  • Right to Correction: You may request correction of any personal data that is inaccurate or incomplete.
  • Right to Withdraw Consent: You may withdraw consent for the collection, use, or disclosure of your personal data at any time, subject to legal and contractual restrictions.

12.2 Rights Under GDPR (EEA and UK)

If you are located in the European Economic Area or United Kingdom, you have the following additional rights under the General Data Protection Regulation:

  • Right of Access: You may request confirmation of whether we process your personal data and obtain a copy of such data.
  • Right to Rectification: You may request correction of inaccurate personal data or completion of incomplete data.
  • Right to Erasure: You may request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes collected.
  • Right to Restriction: You may request restriction of processing in certain circumstances, such as when you contest the accuracy of the data.
  • Right to Data Portability: You may request to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
  • Right to Object: You may object to processing based on legitimate interests, direct marketing, or processing for research or statistical purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.
  • Right to Lodge a Complaint: You may lodge a complaint with a supervisory authority in your country of residence.

12.3 Rights for End Users

End Users whose personal data is accessed through Client social media accounts should direct requests regarding their data to the Client (the business whose social media account they interacted with). Clients are the Data Controllers for End User data and are responsible for responding to such requests.

We will assist Clients in fulfilling End User requests as required by our Data Processor obligations.

12.4 Exercising Your Rights

To exercise any of your rights, please contact us at:

Email: [email protected]

We will respond to your request within the timeframes required by applicable law:

  • PDPA: Within thirty (30) days of receiving your request
  • GDPR: Within one (1) month of receiving your request (extendable by two additional months for complex requests)

We may request verification of your identity before processing your request to protect against unauthorized access.

12.5 Fees

We generally do not charge fees for exercising your rights. However, we may charge a reasonable fee for manifestly unfounded or excessive requests, particularly repetitive requests, as permitted by applicable law.

13. MARKETING COMMUNICATIONS

13.1 Promotional Communications

With your consent, we may send you promotional communications about our Services, new features, special offers, and industry insights.

13.2 Opting Out

You may opt out of receiving marketing communications at any time by:

  • Clicking the "unsubscribe" link in any promotional email
  • Updating your communication preferences in your account settings
  • Contacting us at [email protected]

Please note that even if you opt out of marketing communications, we will continue to send you transactional and service-related messages necessary for the operation of your account.

13.3 Third-Party Marketing

We do not share your personal data with third parties for their direct marketing purposes without your explicit consent.

14. CHILDREN'S PRIVACY

Our Services are not directed to individuals under the age of eighteen (18) years. We do not knowingly collect personal data from children.

If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete such information promptly.

If you believe we have collected personal data from a child, please contact us immediately at [email protected].

15. THIRD-PARTY LINKS AND SERVICES

15.1 External Links

Our Website and Services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third-party services.

We encourage you to review the privacy policies of any third-party services you access through our Website.

15.2 Social Media Platforms

Our Services involve integration with third-party Social Media Platforms. Your use of these platforms is governed by their respective privacy policies and terms of service. We are not responsible for the privacy practices of Social Media Platforms.

15.3 Disclaimer

We are not responsible for the privacy practices, content, or security of third-party websites or services.

16. CLIENT RESPONSIBILITIES

16.1 Authorization and Compliance

Clients are solely responsible for:

  • Ensuring they have proper authorization to grant us access to their social media accounts
  • Complying with the terms of service and community guidelines of each Social Media Platform
  • Providing appropriate disclosures to their audience regarding content management by third parties
  • Responding to End User requests regarding their personal data
  • Ensuring their social media practices comply with applicable laws

16.2 Content Compliance

Clients must ensure that all content they provide or approve for publication complies with applicable advertising standards, intellectual property laws, platform guidelines, and data protection regulations.

16.3 Indemnification

Clients agree to indemnify us against any claims, damages, or liabilities arising from their failure to comply with data protection obligations, platform terms of service, or applicable laws regarding their social media activities.

17. DATA PROCESSING AGREEMENT

17.1 Availability

For Clients who require a formal Data Processing Agreement (DPA) to comply with GDPR or other data protection regulations, we offer a DPA upon request.

17.2 Request

To request a Data Processing Agreement, please contact us at [email protected].

18. CHANGES TO THIS PRIVACY POLICY

18.1 Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

18.2 Notification

We will notify you of material changes by:

  • Posting the updated Policy on our Website with a revised "Last Updated" date
  • Sending notice to the email address associated with your account (for material changes)
  • Displaying a prominent notice on our Website

18.3 Review

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

18.4 Continued Use

Your continued use of the Website or Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

19. CONTACT INFORMATION

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us at:

Email: [email protected]

Website: freelancesocialmediamanagers.com

Data Protection Inquiries: For data protection-specific inquiries or to exercise your rights under applicable data protection laws, please email [email protected] with the subject line "Data Protection Inquiry."

We will respond to all inquiries within a reasonable timeframe and in accordance with applicable legal requirements.

BY USING OUR WEBSITE OR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.