Privacy Policy

1. Data Controller

The data controller responsible for data processing under the General Data Protection Regulation (GDPR) is:

Denise Mayr
Staben 50
39025 Naturns
South Tyrol
Italy

Email: fasmet.app@gmail.com

2. Scope of This Privacy Policy

This Privacy Policy explains how we collect, use, store, and protect personal data when you use FASMET.

3. Age Requirement

Our service is intended for users who are at least 16 years old.
Users under the age of 16 may only use this service with the consent of a parent or legal guardian.

4. Personal Data We Collect

We collect and process the following personal data:

• Email address
• Password (stored in hashed form using bcrypt)
• Profile data voluntarily provided by you, such as:
  • Username
  • Follower count
  • Number of posts
  • Niche
  • Goals

4a. Post Review – Uploaded Images and Videos

When you use Post Review, you upload images or videos together with your caption. This data may contain personal information (e.g. persons, locations).

• Purpose: We process your uploads solely to analyze quality, resolution, and format, and to suggest an improved caption and hashtags.
• Storage: Uploads are stored temporarily (in memory or temporary disk files during processing) for a maximum of 15 minutes. They are deleted immediately after analysis or when they expire.
• No permanent storage: We do not save your images or videos to a database or permanent storage.
• No use for training: Your uploads are not used to train AI models.
• Processing: Analysis uses AI that runs on our own infrastructure (e.g. for caption improvement). No data is sent to OpenAI, Anthropic, Google, or other external AI providers. Captions and media are processed only for the analysis you requested.

By uploading content to Post Review, you confirm that you have the right to use this content and that it does not infringe third-party rights.

5. Purpose of Data Processing

We process your personal data for the following purposes:

• Account creation and authentication
• Providing access to the FASMET service and its features:
  • Content Ideas with personalized scripts
  • Post Review and analysis
  • Content Calendar
  • Competitor Comparison
• Sending transactional emails (e.g. verification, welcome emails)
• Sending marketing emails only if you have given explicit consent

6. Legal Basis for Processing (Art. 6 GDPR)

We process personal data based on the following legal grounds:

• Art. 6(1)(b) GDPR – Performance of a contract (account access and service functionality)
• Art. 6(1)(a) GDPR – Consent (marketing emails, optional features)
• Art. 6(1)(f) GDPR – Legitimate interest (security, fraud prevention, service improvement)

7. Content Ideas & Post Review Processing

• Content Ideas: Generated based on your profile data using our own system. No external AI or third-party services are used for this feature.
• Post Review: May use AI that runs on our own infrastructure. No data is sent to external AI providers (e.g. OpenAI, Anthropic).
• Generated content is for informational and inspirational purposes only. We do not guarantee accuracy, effectiveness, or specific results.

8. Cookies

We use only essential cookies that are required for:

• Authentication
• Session management
• Security

These cookies are necessary for the operation of the service and cannot be disabled.
Cookie preferences can be managed via our cookie banner where applicable.

9. Data Storage and Retention

Your personal data is stored as long as your account exists.
You may delete your account at any time.
Inactive accounts may be deleted after prior notice.

10. Third-Party Services

We use the following third-party services:

• Hosting: Vercel Inc., USA
• Email delivery: Resend, USA
• CAPTCHA / Bot protection: Cloudflare Turnstile (Cloudflare Inc., USA) – used during registration to distinguish humans from bots; may process signals such as IP address and browser data. Cloudflare Privacy

These providers may process personal data on our behalf.

11. Data Transfers to Third Countries

Some of our service providers are located outside the European Union (e.g. United States).

Data transfers are carried out in accordance with GDPR requirements, based on:

• Adequacy decisions of the European Commission (where applicable), or
• Standard Contractual Clauses (SCCs)

12. Your Rights Under GDPR

You have the right to:

• Access your personal data
• Rectification of inaccurate data
• Erasure of your data
• Restriction of processing
• Data portability
• Object to processing
• Withdraw consent at any time

To exercise your rights, please contact:
fasmet.app@gmail.com

13. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence.

Supervisory Authority (Italy):
Garante per la Protezione dei Dati Personali
www.garanteprivacy.it

14. Disclaimer and Limitation of Liability

FASMET is provided "as is" and "as available" without warranties of any kind.

We do not guarantee any specific results, growth, engagement, or success.
All AI-generated content, analytics, and recommendations are provided for informational and inspirational purposes only.

Use of the service is at your own risk.
To the fullest extent permitted by law, we are not liable for any direct or indirect damages resulting from the use of this service.

15. Contact

For privacy-related questions or requests, contact:
fasmet.app@gmail.com