Public policy draft · v1.0

Privacy policy

Setup notice: Operator identity and contact fields are deployment-configured. Review submission remains disabled until the owner supplies every required value.

PosterOps Console is a private, single-owner application. It has no public users and does not sell personal data.

Information handled

The application processes the owner's identity and secure session data, canonical listing records, uploaded artwork and evidence, encrypted platform authorization credentials, scoped service-account metadata, and redacted operational logs. Buyer or customer data is not requested by default.

Purpose and processors

Data is used only to prepare, review, publish, reconcile, and secure the owner's product listings. Hosting, database, asset storage, authentication, print production, and selected publishing providers process only the data needed for their function.

Retention and security

Canonical versions and audit records are retained for operational integrity. Short-lived OAuth state, remote caches, leases, and publication envelopes expire on documented schedules. Credentials are encrypted at rest; service tokens are stored only as keyed verifiers; access is owner-restricted and audited.

Choices

The owner can disconnect providers, purge tokens and remote caches, delete canonical content and assets, or initiate full deletion from the protected console. Limited security, audit, or legal records may be retained when necessary.

Contact

The monitored support address is configured by the operator before review submission.