Privacy Policy

Last updated: June 1, 2026

CampaignCadet is a product of JLMG Solutions. This policy explains what data we collect when you use CampaignCadet, how we use it, and the choices you have. If anything here is unclear, email support@jlmgsolutions.com and we will explain it in plain language.

1. What we collect

Account information

When you sign up, we collect your name, email address, and a hashed password. If you sign in through a third party such as Google or Facebook, we receive your name, email, and a profile identifier from that provider.

Brand and content data

You give us the content you want to publish. This includes brand voice descriptions, draft captions, images and videos you upload, hashtags, and any notes or instructions you write inside the app. We store this to do the work you asked us to do.

Connected platform tokens

When you connect a Facebook Page, Instagram Business account, YouTube channel, or other platform, that provider gives us an access token. We store this token encrypted at rest using Fernet (AES-128 in CBC mode with HMAC). The token lets us publish on your behalf only after you approve a draft. We never use it to read content you did not give us.

Usage data

We log technical events like which features you use, what time you log in, which posts you approve, and how the AI calls perform. We use this to fix bugs, plan features, and bill you accurately. We do not sell this data.

Payment information

If you pay for a paid tier, our payment processor handles your card. We receive a confirmation that payment succeeded and the last four digits of the card. We do not store full card numbers.

2. How we use the data

  • To run the service you signed up for (drafting, scheduling, publishing)
  • To bill you and send transactional emails about your account
  • To improve the product (which features are working, which are not)
  • To respond to your support questions
  • To meet legal obligations like tax records and platform compliance

We do not sell your data. We do not train third-party AI models on your private content. When we call an AI provider to draft a post on your behalf, that call sends the prompt and brand voice we need for the task. We work with providers who commit in writing to not retain or train on inputs from API customers.

3. Who we share data with

We share data only with the following kinds of partners:

  • Platform APIs you connect. When you approve a post for Facebook, we send the post content to Meta. Same for Instagram, YouTube, and any other platform you connect.
  • AI providers. We call providers like Anthropic to draft posts and analyze content. The provider sees the prompt content for that call only.
  • Infrastructure providers. Our hosting, database, and email services see encrypted data in transit and at rest.
  • Payment processors. They see what is needed to charge your card.
  • Legal requests. We respond to valid legal process when required by law.

4. How long we keep your data

We keep your account data while your account is active and for a short period after you cancel, in case you change your mind. After that period, we delete most of it. We keep records required for tax, accounting, and platform compliance for as long as the law requires. Specific timelines:

  • Drafts and brand voice profiles: deleted within 30 days of account closure
  • Published post history: deleted within 30 days of account closure
  • Platform access tokens: deleted immediately when you disconnect a platform
  • Payment records: kept 7 years for tax compliance

5. Your rights

You can do the following at any time:

  • Export your data (drafts, brand voice, post history) from inside the app
  • Disconnect any connected platform with one click
  • Delete your entire account through the in-app settings page
  • Request a complete data deletion by emailing support@jlmgsolutions.com. See our Data Deletion Instructions for full steps.
  • Ask us what we have on you. We will respond within 30 days.

If you live in the EU, UK, California, or another region with specific data protection laws, you have additional rights such as the right to correction, the right to portability, and the right to lodge a complaint with a regulator. We honor those rights for everyone, not only people who live in those regions.

6. Children

CampaignCadet is built for businesses and creators, not children. We do not knowingly collect data from anyone under 13. If you believe a child has used CampaignCadet, contact us and we will remove their data. Note: Family Brands customers publish content for kids; the customer is the adult brand owner, not the audience.

7. Security

We take reasonable steps to protect your data. Tokens are encrypted at rest. Connections to our service use TLS. Access to production systems is limited and logged. No system is perfectly secure, and we will tell you within 72 hours if we discover a breach that affects your data.

8. Changes to this policy

We may update this policy. When we make a material change, we will notify you by email and post a notice in the app. The date at the top of this page tells you when it last changed.

9. Contact

Email support@jlmgsolutions.com with any privacy question. We answer within two business days.

CampaignCadet is operated by JLMG Solutions, a JP Solutions company.