Privacy Policy

Last updated: 28 May 2026

This Privacy Policy explains how Post Pilot ("Post Pilot", "we", "us") collects, uses, stores, and protects information when you use our social media scheduling and content service. Post Pilot is operated by Ace 365 IT Limited (trading as GSAAS), a company registered in England & Wales (registered office: 5 Anderton Street, Morecambe, Lancashire, England, UK. LA4 5DA. ; company number 14740705).

We have written this policy in plain language because we think you should be able to understand what happens to your data without a law degree. If anything is unclear, contact us at gsaas@ace-computers.co.uk.

The short version. We collect only what we need to run the service: your account details, the content you create, and secure tokens that let us post to the social accounts you connect. We send content to third-party AI providers to generate drafts. We never sell your data, and we never use the content of your individual posts to train models or for any purpose other than delivering the service to you.

1. Who this policy covers

This policy applies to people who hold a Post Pilot account and use the service to create, schedule, and publish content to connected social media platforms.

2. Information we collect

We collect the following categories of information:

Account information — your name, email address, and the credentials used to sign in. This is needed to create and secure your account.
Business and brand information — details you provide about your business or brand (such as a description, tone, or website) so that generated content is relevant to you.
Content you create — the ideas, briefs, captions, images, and other material you produce or upload within the service.
Connected-account access tokens — when you connect a social media account (for example Facebook, Instagram, LinkedIn, TikTok, or YouTube), the platform gives us a secure access token. This lets Post Pilot publish on your behalf only the content you schedule. We store these tokens in encrypted form. We do not see or store your social media passwords.
Usage information — basic technical and usage data (such as how often features are used, error logs, and timestamps) needed to operate, secure, and improve the service.

3. How we use your information

We use the information above to:

Provide the service — generate draft content, schedule posts, and publish them to the accounts you have connected;
Keep your account and data secure;
Communicate with you about your account and the service;
Understand how the service is used in aggregate so we can improve it (see Section 5).

4. AI content generation and third-party processing

Post Pilot uses artificial intelligence to help you create content. To do this, the briefs and instructions you provide are sent to third-party AI provider(s) who process them to generate draft text and other content, which is returned to you.

This means some of the content you submit for generation is processed by these providers on our behalf. We choose providers that offer appropriate data-handling terms, and we send only what is needed to produce your content. We do not authorise these providers to use your content to train their models where that option is available to us, and we configure our use accordingly. As our service develops we intend to move generation onto infrastructure we operate directly; we will update this policy when that materially changes how your data is processed.

5. What we do — and do not — do with your content

We think this deserves its own section, because it is where many services are vague.

We do not sell your personal information or your content to anyone.
We do not read, mine, or repurpose the content of your individual posts for advertising, profiling, or any purpose other than providing the service to you.
When we analyse usage to improve the product, we use aggregated and anonymised information (such as counts and patterns) — never the content of an identifiable user's individual posts.
Your data is kept separate from other customers' data, and is not shared across accounts.

6. How we share information

We share information only in these limited circumstances:

With the social platforms you connect — to publish the content you schedule, using the access you have granted.
With service providers who help us run Post Pilot (such as the AI provider(s) described above, and hosting/infrastructure providers), under contracts that require them to protect your data and use it only to provide their service to us.
Where required by law — if we are legally obliged to disclose information.

7. Data retention

We keep your information for as long as your account is active and as needed to provide the service. We apply retention periods appropriate to each type of data — for example, abandoned drafts are cleared sooner than content you have deliberately scheduled or saved. You can ask us to delete your account and associated data at any time (see Section 9).

8. How we protect your information

We protect your data using measures including encryption of sensitive data (such as connected-account tokens), encrypted connections (TLS), access controls, and the principle of collecting only what we need. No system is perfectly secure, but we take reasonable and appropriate steps to safeguard your information.

9. Your rights

Depending on where you live, you have rights over your personal data — including the right to access, correct, export, or delete it, and to withdraw consent. Under UK GDPR these rights apply to users in the UK. To exercise any of these, contact us at gsaas@ace-computers.co.uk and we will respond within the timeframes required by law.

You can disconnect any social media account from Post Pilot at any time, which revokes our access to it. You may also be able to revoke access directly in the settings of the platform concerned.

10. International transfers

Some of our service providers may process data outside the UK. Where that happens, we take steps to ensure your data receives a level of protection consistent with UK data protection law.

11. Children

Post Pilot is intended for use by businesses and adults. It is not directed at children, and we do not knowingly collect personal information from anyone under 18.

12. Changes to this policy

We may update this policy as the service evolves. When we make material changes, we will update the date at the top and, where appropriate, notify you.

13. Contact

For any questions about this policy or your data, contact:

Ace 365 IT Limited (trading as GSAAS)
Email: gsaas@ace-computers.co.uk