Privacy notice
Last updated 24 May 2026. This page explains what data we collect, why we collect it, where it lives, and how to remove it. We aim for plain English — if anything is unclear, email [email protected].
1. Who we are
SocialMediaBucket is a service for brands to share content with their ambassadors. It is owned and operated by Openremote Ltd, Abuja, Nigeria, who is the data controller for the purposes of this notice. Reachable at [email protected] for any privacy enquiry.
2. What we collect, and why
Account data
Email, name, password hash (Argon2, never the plaintext), display avatar initial, locale, optional phone number. Collected because it's required to sign you in and identify you to your brand.
Org data
Brand name, address, founded year, logo, social handles, employee/revenue band. Collected because you typed them in — used to render your bucket and your public org profile if you publish it.
Artefacts
Files (images, videos), captions, platform tags, classes. Stored encrypted at rest on Cloudflare R2. Used to render your bucket and to feed your ambassadors' share feeds.
Ambassador activity
Which artefacts an ambassador viewed/shared, timestamps, IP at sign-in (truncated to /24 for IPv4, /48 for IPv6), user-agent. Used to power your aggregate stats — never sold, never shared.
Billing
Card details are NEVER stored on our servers. We use Paystack for card handling; we only store the last 4 digits, brand (Visa, Mastercard or AMEX — the three brands we accept), and the authorization token they give us. Card holder name, full PAN, CVV — none of these touch our infrastructure.
Logs
HTTP access logs (method, path, status, duration, truncated IP) for 30 days. Audit logs (admin actions inside an org) for 12 months. Used for debugging and abuse-prevention.
3. Where data lives
- Database — managed PostgreSQL, EU/Africa region. Encrypted at rest. Nightly backups retained 30 days.
- Object storage — Cloudflare R2, multi-region replicated, encrypted at rest.
- Email transport — sent through our SMTP relay; the recipient's inbox provider stores the content afterwards. We don't retain copies beyond the audit-log entry confirming "sent".
- Payment processing — Paystack (paystack.com). Subject to their own privacy notice.
4. Who can see your data
- You. Always.
- Other admins on your org. Same view as you, scoped to that org.
- Ambassadors in your brand. Only the artefacts you've classified them into — never your billing, never audit logs, never other admins' data.
- SocialMediaBucket staff. Only when (a) you raise a support ticket and explicitly grant access, or (b) we're legally compelled to access. All access is audit-logged.
- Sub-processors: Cloudflare (storage/CDN), Paystack (payments), the database host (Postgres), our SMTP relay provider. Each has signed a data-processing agreement with us.
5. Your rights
You can, at any time:
- Access — download a JSON export of your org's data via Account → Export.
- Correct — edit any field via the relevant settings page.
- Delete — Account → Delete account (14-day grace, then 30-day retention, then permanent removal). For an org: Organization → Danger zone → Register deletion intent.
- Portability — request a machine-readable export by emailing [email protected].
- Object — opt out of any non-essential email via Account → Notifications. Transactional emails (password reset, billing failure) can't be opted out of while the account is active.
6. Cookies & storage
We use four pieces of browser storage:
- smb_at (httpOnly, Secure cookie) — your signed-in access token. JavaScript cannot read it; the browser attaches it automatically to authenticated API calls. Lifetime: 30 min, then refreshed.
- smb_rt (httpOnly, Secure cookie scoped to
/api/v1/auth) — the refresh token. Only sent on the refresh endpoint, never on regular API calls. Lifetime: 30 days. - smb_session (readable cookie) — a presence flag carrying only your user reference, no token data. Used to render the "signed in" state in the SPA. Lifetime: matches the access cookie.
- Theme preference + display metadata (localStorage) — your light/dark/system choice and a cached copy of your name/avatar/org. No credentials.
No third-party trackers, no advertising cookies, no analytics that fingerprint visitors. Signing out clears the auth cookies; clearing your browser data clears everything.
7. Children
SocialMediaBucket is for brands and adult ambassadors. We don't knowingly collect data from anyone under 16. If you believe a minor is using the service, email [email protected] and we'll remove the account.
8. Changes to this notice
If we materially change how we process data, we'll email every active admin at least 14 days before the change takes effect, and update the "last updated" date at the top of this page.
Questions? [email protected]