Privacy Policy

Last updated: March 17, 2026

1. Data Controller

Andrej Vysny
Contact: vysnyandrej@gmail.com

2. Service Access

OhMyByte is a private, invite-only platform. Only registered users approved by the operator may access the service. This privacy policy applies to all authorized users.

3. Data We Collect

• Social platform OAuth tokens (TikTok, Instagram, X)
• Profile information from connected platforms (username, avatar)
• Scheduled content metadata (post text, scheduling times)
• Uploaded media files (images, videos)

4. Purpose of Data Collection

All data is collected and processed solely for the purpose of scheduling and publishing content to your connected social media platforms on your behalf.

5. Data Storage

Data is stored on a self-hosted VPS with a PostgreSQL database. All data is stored within the European Union. Access is restricted to the service operator.

6. Third-Party Data Sharing

Your content is shared with third-party APIs only when you explicitly schedule or publish posts:

• TikTok Content Posting API — for publishing videos and photo carousels
• Instagram Graph API — for publishing posts and carousels
• X API — for publishing posts and threads

No data is sold, rented, or shared with any other third parties.

7. TikTok Data Practices

When you connect your TikTok account, OhMyByte accesses:

• User profile information (username, display name, avatar)
• Video list (to verify successful publication)
• Video publishing capabilities via the TikTok Content Posting API

This data is used exclusively for content scheduling and publishing. TikTok data is not stored beyond what is necessary for the service to function.

8. Data Retention

Your data is retained for as long as your account is active. Upon request, all personal data and associated content will be permanently deleted.

9. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

• Access — request a copy of your personal data
• Rectification — correct inaccurate personal data
• Deletion — request permanent deletion of your data
• Data portability — receive your data in a machine-readable format

To exercise any of these rights, email vysnyandrej@gmail.com.

10. Security

We implement the following security measures to protect your data:

• HTTPS encryption for all connections
• Encrypted database credentials
• Secure OAuth token storage
• Access restricted to the service operator

11. Changes to This Policy

This privacy policy may be updated periodically. Changes are effective immediately upon posting. We encourage you to review this page regularly.

12. Contact

For privacy-related inquiries: vysnyandrej@gmail.com