Virtual Creator Studio

Effective date: June 19, 2026

Privacy Policy

This Privacy Policy explains how Virtual Creator Studio handles data when creators connect social accounts and use the app to prepare, organize, upload, or publish content.

Information we collect

We may process account identifiers returned by connected platforms, such as TikTok open IDs, Instagram account IDs, Facebook Page IDs, Threads profile IDs, YouTube channel IDs, display names, usernames, avatar URLs, granted scopes, token expiry dates, and authorization or revocation timestamps.

We may also process publishing workflow data, including generated or uploaded media, captions, titles, descriptions, hashtags, thumbnails, scheduled times, privacy settings, comment or interaction settings, platform publish IDs, upload status, error messages, provider job IDs, prompts, reference assets, and audit records needed to operate the service.

OAuth tokens and credentials

The app uses official OAuth flows from each platform. We do not ask for or store social account passwords or two-factor authentication codes. Access tokens and refresh tokens are stored server-side only and are used only to perform actions authorized by the connected account owner.

How we use information

We use the information to authenticate connected accounts, prepare media for publishing, upload drafts or posts, show publishing status, diagnose failed uploads, prevent abuse, comply with platform rules, and respond to support or deletion requests.

Sharing

We share content and account data with the connected platforms only as needed to perform the requested workflow. We may use infrastructure, storage, and AI generation providers to operate the service. We do not sell platform user data, use it for third-party advertising, or use it to train unrelated machine learning models.

Retention and deletion

We keep data only as long as needed for the publishing workflow, account security, platform compliance, support, and legal obligations. When a connected account is disconnected or a verified deletion request is received, we delete or anonymize related OAuth tokens, account identifiers, publishing records, logs, and stored media unless a limited retention period is required for security, fraud prevention, dispute handling, or law.

Your choices

You can revoke platform access in the connected platform's account settings. You can also request deletion of app-held data through the process described on the Data Deletion page.

Security

We use reasonable technical and organizational safeguards, including server-side token handling, secret redaction from logs, access controls, and transport encryption where supported. No internet service can guarantee absolute security.

Contact

For privacy requests, contact support@virtualcreatorstudio.com.