AkuCRM iconAkuCRM
Terms of Service

AkuCRM Privacy Policy

Effective date: January 1, 2025

1. Overview

AkuCRM ("we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard data when you use our CRM and social media scheduling platform.

2. Information We Collect

We collect information you provide directly, including:

  • Account details (name, email address, organisation name)
  • Contact and pipeline data you enter into the CRM
  • Social media account credentials (OAuth tokens — never passwords)
  • Content you create and schedule for publishing

3. Social Media Data

When you connect a social media account (including TikTok), we receive an OAuth access token issued by that platform. We use this token solely to publish content on your behalf when you explicitly instruct us to do so. We do not access your followers, messages, or any data beyond what is required to post content. We store only the access token, your platform username, and the token expiry date. We never store your social media password.

For TikTok specifically, we request the following scopes:

  • user.info.basic — to display your TikTok username in the dashboard after connecting
  • video.publish — to upload and publish videos to your TikTok account when you schedule or post content

TikTok data is used exclusively for the purpose of posting content you have explicitly scheduled or approved within AkuCRM. We do not sell, share, or use TikTok data for any other purpose.

4. How We Use Your Information

  • To provide and operate the CRM and scheduling features
  • To post content to social media platforms on your instruction
  • To send transactional emails (e.g., account invites, notifications)
  • To improve the Service

5. Data Sharing

We do not sell your personal data. We share data only with:

  • Supabase — database and authentication provider
  • Social media platforms — only the content you choose to publish
  • Resend — transactional email delivery

6. Data Retention

We retain your data for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us. Social media OAuth tokens are deleted immediately when you disconnect an account.

7. Security

We implement industry-standard security measures including encrypted connections (HTTPS), hashed credentials, and restricted access to production systems. OAuth tokens are stored encrypted in our database.

8. Your Rights

You have the right to access, correct, or delete your personal data. To exercise these rights, contact us at support@akucrm.com. You may disconnect any social media account at any time from the Social Scheduler page, which immediately revokes our access to that account.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify users of material changes via email or an in-app notice. Continued use of the Service constitutes acceptance.

10. Contact

For privacy questions or data requests, contact: support@akucrm.com