Privacy Policy | MydropAI

1. Overview

This Privacy Policy applies to MydropAI, Mydrop, the mydropai.com website, the app, public approval links, forms, brand portals, link-in-bio pages, reports, demos, communications, and related services. The service is operated by ADB International LLC, a United States limited liability company. In this policy, "MydropAI", "Mydrop", "we", "us", and "our" refer to ADB International LLC.

We collect and use information to provide social media operations software: accounts, workspaces, team collaboration, social profile connections, content creation, scheduling, approvals, publishing, public sharing, forms, link pages, client portals, inbox workflows, automations, analytics, reports, AI-assisted features, billing, support, security, and product improvement.

We do not sell personal information for money. We do not use private workspace content to train a general MydropAI model without permission. We only process connected platform data, uploaded files, prompts, and workspace content as described in this policy, as configured by authorized users, or as needed to provide and protect the service.

2. Our Role and Your Role

For account, billing, website, marketing, support, security, and product analytics data, we generally act as the business or controller responsible for deciding how that data is used.

For workspace content and personal data that customers upload, import, collect, or process through MydropAI on behalf of their own clients, employees, followers, creators, customers, or prospects, the workspace owner or customer is usually the business or controller, and we process the data to provide the service. If you are a public form submitter, approval recipient, report viewer, brand portal guest, or link-in-bio visitor, the workspace or brand that sent you the link may also control how your submission or interaction is used.

3. Information We Collect

The exact information depends on how you use the service, which plan you use, which features are enabled, which third-party services you connect, and what content you or your workspace choose to provide.

3.1 Account and Identity Information

name, email address, profile image, login method, account identifiers, and password-related authentication data;
registration, beta access, onboarding, referral, campaign, survey, language, timezone, and preference information;
workspace membership, roles, permissions, invitations, notification settings, and account status;
support requests, feedback, contact history, review prompt interactions, and communication preferences.

3.2 Workspace, Brand, and Team Data

workspace names, brand names, profile groups, brand identity fields, colors, fonts, logos, websites, contact details, services, products, folders, campaigns, notes, reminders, and operating preferences;
team members, client collaborators, external recipients, portal configuration, permissions, comments, messages, reactions, assignments, statuses, tags, and internal notes;
billing plan state, quotas, usage counters, subscription status, product limits, and customer portal references.

3.3 Content, Media, Files, and Public Submissions

posts, captions, hashtags, mentions, links, first comments, platform-specific settings, media, thumbnails, alt text, campaign links, UTM parameters, drafts, approvals, suggested edits, and publishing status;
uploaded or imported images, videos, audio, PDFs, documents, ZIP files, folders, brand assets, generated media, previews, extracted text, transcripts, metadata, and download activity;
form questions, form submissions, submitted files, locations, captions, email capture data, portal uploads, approval comments, report viewing activity, and public conversation messages;
link-in-bio page settings, public blocks, buttons, feeds, social links, email captures, custom HTML added by authorized users, soundtrack settings, and page analytics.

3.4 Connected Platform and Integration Data

authorization tokens, refresh tokens, permission scopes, account IDs, page IDs, channel IDs, usernames, profile photos, profile metadata, account type, token expiry state, and connection health;
social posts, comments, direct messages, thread data, likes, replies, public profile data, analytics, benchmarks, rankings, public monitoring data, and available media or account lists returned by connected services;
files, folders, photos, design assets, calendar events, reminders, import metadata, and service settings from tools you authorize, such as Google services, Canva, and other supported integrations.

3.5 AI, Automation, and Report Data

prompts, chat messages, instructions, selected brand context, uploaded attachments, extracted file context, AI-generated drafts, generated media, artifacts, saved prompts, and feedback on outputs;
automation rules, trigger settings, field mappings, scheduling choices, rule execution logs, generated drafts, AI summaries, report templates, report runs, shared report links, report passwords, expiration settings, and delivery recipients.

3.6 Billing and Transaction Data

billing name, billing email, plan, subscription status, checkout activity, customer IDs, invoices, taxes, cancellation status, access keys, and payment processor references;
payment card and bank details are handled by payment processors. We do not need to store full card numbers in the service.

3.7 Device, Usage, Cookies, and Security Data

IP address, approximate location, browser, device type, operating system, language, referring pages, UTM parameters, pages viewed, buttons clicked, feature usage, timestamps, logs, errors, and performance information;
cookies, local storage, session identifiers, security signals, bot checks, abuse prevention data, and similar technologies used to keep you logged in, remember preferences, measure product usage, and protect the service.

4. Sources of Information

We collect information from:

you, when you create an account, upload content, configure a workspace, submit a form, connect a profile, use AI tools, contact support, or interact with public pages;
workspace owners, admins, team members, clients, guests, and external recipients who invite you, assign work, mention you, approve content, message you, or submit information involving you;
third-party services you or your workspace authorize, including social networks, calendars, storage providers, media services, design tools, billing services, email services, analytics tools, and authentication providers;
your browser, device, network, cookies, and similar technologies;
publicly available sources when you use monitoring, competitive intelligence, profile discovery, public previews, or similar features.

5. How We Use Information

We use information to:

create accounts, authenticate users, manage sessions, secure access, and operate workspaces;
provide calendars, media libraries, post composers, approvals, public portals, forms, link-in-bio pages, reports, inboxes, conversations, notifications, reminders, campaigns, automations, and analytics;
connect, sync, import from, publish to, reply through, or read data from third-party services that you authorize;
generate, edit, summarize, classify, preview, translate, score, or otherwise assist with content through AI features you choose to use;
process payments, manage subscriptions, enforce quotas, prevent abuse of paid features, and provide customer portals;
send transactional emails, approval requests, reminders, report deliveries, profile-expiry notices, workspace invites, support messages, and service updates;
measure product usage, diagnose errors, improve features, test changes, understand marketing attribution, and develop new functionality;
protect users, clients, public submitters, third parties, and the service from fraud, spam, security incidents, misuse, and policy violations;
comply with law, enforce terms, respond to legal requests, resolve disputes, and protect rights, safety, and property.

6. AI Data Handling

When you use AI features, the service may process prompts, selected workspace context, brand guidance, profile data, media, attachments, extracted text, transcripts, previous chat context, automation inputs, report data, inbox content, and other information you choose or are permitted to use. This data is used to generate the requested draft, media, summary, recommendation, report, automation output, or other AI-assisted result.

AI outputs should be reviewed before use. You are responsible for checking accuracy, rights, compliance, tone, disclosures, and platform suitability before publishing, sending, or relying on AI output.

We may use third-party AI and media providers to deliver AI features. We do not use private workspace content to train a general MydropAI model without permission. We also do not use Google Workspace API data to develop, improve, or train generalized AI or machine learning models.

7. Google API Data

If you connect Google services, MydropAI may access Google account, profile, calendar, storage, photo, business profile, or related data only to provide the features you authorize, such as sign-in, imports, calendar sync, profile management, publishing, analytics, or reporting.

MydropAI's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not sell Google user data, use it for unrelated advertising, or use Google Workspace API data to train generalized AI or machine learning models.

You can disconnect Google services through the app or through your Google account permissions. Disconnecting may stop imports, calendar sync, analytics, publishing, or other features that depend on that authorization.

8. How We Share Information

We share information only as needed for the purposes described in this policy:

with workspace owners, admins, members, invited users, clients, approval recipients, report recipients, portal guests, form owners, and public page visitors according to workspace settings and feature configuration;
with third-party platforms and integrations you authorize, including social networks, calendars, media services, design tools, storage providers, messaging channels, and business profile services;
with service providers that help with hosting, storage, authentication, security, payments, subscriptions, email, notifications, analytics, customer support, AI features, media generation, logging, monitoring, and product operations;
with payment processors to complete checkout, manage subscriptions, process taxes, prevent fraud, and provide billing portals;
with public viewers when you publish link-in-bio pages, brand portals, public reports, public forms, public approvals, or social posts;
with professional advisers, auditors, insurers, and legal authorities when needed for compliance, disputes, security, safety, or legal obligations;
with a successor or potential successor in a merger, acquisition, financing, reorganization, bankruptcy, asset sale, or similar business transaction, subject to appropriate protections.

9. Cookies, Analytics, and Marketing Technologies

We use cookies, local storage, pixels, tags, and similar technologies to keep you signed in, remember preferences, secure the service, understand how the website and app are used, measure campaigns, improve onboarding, and diagnose problems.

Some analytics or advertising-related technologies may involve third parties receiving device, usage, or interaction information. Depending on where you live, this may be considered targeted advertising, sharing, or similar activity under privacy law. We do not sell personal information for money. You can reduce or block many tracking technologies through browser settings, device controls, privacy extensions, and available cookie or consent tools.

10. Legal Bases for Processing

Where privacy law requires a legal basis, we process personal data based on one or more of the following: performance of a contract, legitimate interests, consent, compliance with legal obligations, protection of vital interests, or another legal basis available under applicable law.

Our legitimate interests include operating and improving the service, securing accounts, preventing abuse, supporting users, measuring product performance, communicating about the service, and protecting legal rights. Where we rely on consent, you may withdraw it where applicable, but withdrawal does not affect processing that occurred before withdrawal.

11. Retention

We keep information for as long as reasonably needed to provide the service, comply with legal obligations, resolve disputes, enforce agreements, maintain security, prevent abuse, support backups, and operate legitimate business records.

Account, workspace, brand, content, media, form, portal, report, inbox, automation, and connected platform data are generally kept while the account or workspace is active or until deleted by an authorized user.
Connected service tokens and profile data are generally kept until disconnected, expired, replaced, deleted, or no longer needed for the authorized feature.
Billing, tax, invoice, and transaction records may be retained as required for accounting, tax, fraud prevention, chargeback, and legal purposes.
Security logs, audit records, analytics, and abuse-prevention data may be retained for a reasonable period to protect the service and investigate issues.
Deleted data may remain for a limited time in backups, logs, caches, provider systems, emails, exports, downloads, or third-party platforms before it is overwritten or no longer needed.
Published social content, emailed content, downloaded files, public reports, public pages, or data sent to third-party services may remain available outside MydropAI even after deletion from the service.

12. Your Rights and Choices

Depending on where you live, you may have rights to request access, correction, deletion, portability, restriction, objection, withdrawal of consent, opt-out of certain sharing or targeted advertising, opt-out of marketing, and an appeal of certain privacy decisions.

You can update some information in account settings, workspace settings, or connected service settings. You can disconnect integrations, delete selected content, disable public links, change report sharing, unsubscribe from marketing emails, or request help by contacting us.

To exercise privacy rights, email contact@mydropai.com. We may need to verify your identity and authority before responding. If your request concerns data controlled by a workspace, agency, brand, or customer, we may direct you to that organization or coordinate with them.

13. Regional Privacy Notices

13.1 European Economic Area, United Kingdom, and Switzerland

Users in these regions may have rights under GDPR-style laws, including access, rectification, erasure, restriction, portability, objection, and the right to lodge a complaint with a data protection authority. International transfers may rely on adequacy decisions, standard contractual clauses, data processing agreements, or other lawful transfer mechanisms.

13.2 California and Similar U.S. State Laws

California and other U.S. state privacy laws may provide rights to know, access, correct, delete, obtain a copy, opt out of sale or sharing, opt out of targeted advertising, limit certain sensitive personal information uses, and avoid discrimination for exercising privacy rights. We do not sell personal information for money. If our use of analytics or advertising technologies is considered sharing or targeted advertising under applicable law, you may contact us to opt out where required.

14. International Transfers

We are based in the United States and may process information in the United States and other countries where we or our service providers operate. These countries may have privacy laws different from those where you live. When required, we use appropriate safeguards for international transfers.

15. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, alteration, and disclosure. Safeguards may include access controls, encryption where appropriate, monitoring, logging, backups, security reviews, and incident response procedures.

No system is perfectly secure. You are responsible for strong passwords, secure devices, appropriate workspace permissions, careful sharing of public links and passwords, and prompt reporting of suspicious activity.

16. Children

MydropAI is not directed to children under 13 and is not intended for users under 18 to create accounts. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, contact us and we will take appropriate steps to delete it unless we are legally required to retain it.

17. Third-Party Websites and Services

The service may link to or integrate with third-party websites, platforms, apps, APIs, and services. Their privacy practices are governed by their own policies. We are not responsible for the privacy, security, content, or practices of third parties that we do not control.

18. Changes to This Policy

We may update this policy as the service, law, or our business changes. When changes are material, we will take reasonable steps to notify users, such as by updating this page, sending an email, or showing an in-app notice. Continued use after the effective date means the updated policy applies.

Effective date: June 12, 2026. Last updated: June 12, 2026.