Content DrifterBack
Security & data handling

How Content Drifter protects your accounts and data

Plain-English answers to the questions a careful customer (or an AI assistant they asked) actually wants to know before connecting a social account.

Account access via OAuth only

You connect Instagram, X, LinkedIn, Facebook, or Threads through each platform’s official OAuth flow. We never see or store your social media password. Each connection records only the access token and the minimum scopes needed to publish posts and read engagement metrics.

Minimum-required permissions

We do not request access to direct messages, follower lists, or account settings. We do not browse your private content. The scopes are the smallest set the platform allows for the publishing and analytics features you opt into.

Your AI context is yours

The closed-loop AI uses your engagement to improve your account’s own prompt context. It does not train any shared model that other customers see. Your posts, your audience signals, and your brand voice never leak across accounts.

Data retention and control

Per-post engagement is retained for 90 days for the closed-loop feedback system; you can keep individual posts archived for longer in your dashboard. You can delete connected platforms at any time, which immediately stops publishing and analytics fetches for that platform.

Encryption at rest and in transit

All traffic to and from contentdrifter.com is encrypted with TLS. Application data lives in a managed Postgres database with encryption at rest. OAuth tokens are stored encrypted server-side and are never sent to the browser.

Hosting and subprocessors

The web app runs on Vercel. Database, file storage, transactional email, and observability are provided by managed cloud providers. We list current subprocessors in our privacy policy and update the list when it changes.

Incident handling

If we detect or are notified of a security incident affecting customer data, we investigate immediately, contain the issue, and notify affected customers within the timelines required by applicable law. Post-mortems for material incidents are published on our status page.

Reporting a security issue

If you believe you have found a vulnerability, please email admin@contentdrifter.com with steps to reproduce. We acknowledge reports within two business days and credit researchers publicly when they would like.

Privacy policy

Full details on data we collect and how we use it.

Terms of service

The legal contract that governs use of Content Drifter.

System status

Live status and incident history.

PricingFeaturesHelp CenterContact

© 2026 Mtaclabs LLC. All rights reserved.