Privacy Policy
Last updated: June 15, 2026
Welcome to OPAD (“One Post A Day”), an AI-powered social media content creation and publishing platform. This Privacy Policy explains how we collect, use, and share personal data when you use:
- our website, including opad.ai and related pages (the “Website”); and
- our software, APIs, integrations, and related services (collectively, the “Services”).
We follow India's Digital Personal Data Protection Act, 2023 (“DPDPA”) and, until fully in force, the Information Technology Act, 2000 and the SPDI Rules, 2011. Regional add-ons for other countries appear later in this policy.
Who is responsible for your data?
Modularity Labs, Hyderabad, Telangana, India (“Modularity Labs,” “OPAD,” “we,” “us,” “our”) is the data fiduciary. For privacy-related questions, requests, or grievances, please contact:
- Privacy: privacy@opad.ai (use “Grievance Officer” or “Data Protection” in the subject)
- Support: support@opad.ai
What counts as personal data?
“Personal data” means any information that identifies you or can reasonably be linked to you.
What does “processing” mean?
“Processing” covers any use of personal data: collecting, storing, using, sharing, or deleting it.
Legal bases we rely on
- Consent: where you choose to allow specific processing (e.g., marketing cookies).
- Contract: to provide the Services you requested.
- Legal obligation: where laws require us to keep or disclose data.
- Legitimate interests: to run, secure, and improve our services (balanced against your rights).
- Your authorization and instructions: when you connect third-party accounts and instruct us to publish content or retrieve analytics on your behalf.
Data we collect
1) Data you provide
- Account & profile: name, email, password (stored hashed), company information, billing information, and subscription information.
- Content: social media post drafts, AI-generated content, uploaded files and documents, brand information and preferences, writing instructions and prompts, content schedules, publishing preferences, approval history, and publishing activity logs.
- Support: information you provide in emails, forms, or tickets.
2) Data we collect automatically
- Device & usage: IP address, browser type, device information, operating system, log information, usage information, session information, error reports, diagnostics, and basic analytics events.
3) Data from platforms & providers
- LinkedIn: when you connect your LinkedIn account, we may collect LinkedIn member ID, name, email address (if provided by LinkedIn), profile photo, public profile information, company pages you administer, OAuth access tokens and authentication credentials necessary to provide the Services, drafts, scheduled posts, and posts created or published through OPAD, and analytics and engagement information made available through LinkedIn APIs, including impressions, reactions, comments counts, reposts, and similar aggregate engagement metrics.
- Telegram: when you interact with OPAD through Telegram, we may process Telegram user ID, Telegram username, commands and messages sent to the OPAD bot, approval actions, and notification preferences.
- Email & messaging: we use providers to send system messages and newsletters (only with your consent where required).
4) Information we do not collect
OPAD does not collect:
- LinkedIn direct messages;
- private conversations;
- connection lists;
- contacts;
- comments unrelated to the Services; or
- a user's complete LinkedIn posting history.
OPAD stores only content that is created, generated, scheduled, or published through the Services.
5) Aggregated data
We create aggregated or de-identified statistics to understand usage and improve services. We do not attempt to re-identify aggregated data.
LinkedIn Integration and Publishing
OPAD integrates with LinkedIn through LinkedIn's authorized APIs. OPAD only accesses LinkedIn data that you explicitly authorize through LinkedIn's OAuth consent process.
OPAD uses LinkedIn APIs solely to authenticate users, enable content publishing, and retrieve analytics necessary to provide the Services.
OPAD never publishes content to LinkedIn without explicit user approval and authorization. OPAD publishes content to LinkedIn only after a user has expressly approved the content and initiated or otherwise authorized its publication through the Services, including through Telegram-based approvals where enabled.
OPAD does not automatically generate and publish content without your approval. OPAD does not sell LinkedIn data or share LinkedIn data with third parties for advertising purposes.
You may disconnect your LinkedIn account at any time by removing the connection within OPAD or revoking OPAD's permissions through LinkedIn settings. Upon disconnection, OPAD will cease accessing LinkedIn data and LinkedIn access tokens will be deleted within a reasonable period. Previously created posts and analytics stored in OPAD may remain until deleted or until applicable retention periods expire.
OPAD may retain audit logs relating to publishing approvals, publication timestamps, and related system events for security, troubleshooting, fraud prevention, and compliance purposes.
Artificial Intelligence Processing
OPAD uses artificial intelligence technologies to generate, summarize, rewrite, and optimize content. User-provided content may be processed by third-party AI providers solely for generating requested outputs.
OPAD does not use private LinkedIn data to train public artificial intelligence models. We do not permit third-party AI providers to use your private LinkedIn data for training public foundation models on our behalf.
AI-generated content is provided as a drafting and assistance tool. Users remain solely responsible for reviewing, approving, and publishing any content generated through the Services.
Web & marketing technologies on our Website
- Cookies/SDKs: we use cookies and similar tech for essential operations, analytics, and (with consent where required) advertising.
- Analytics: we may use tools such as Microsoft Clarity and PostHog (and, if added, Google Analytics) to understand site usage (e.g., session replay/heatmaps, page metrics).
- Meta Pixel & Conversions API (with consent where required): we use the Meta Pixel to measure ad performance and build audiences. If Automatic Advanced Matching is enabled, identifiers you enter (e.g., email or phone) may be hashed in your browser and sent to Meta. We only do this where consent applies (e.g., EU/EEA).
Your choices: our cookie banner lets you Accept or Reject non-essential cookies. You can change your preferences anytime via “Cookie settings” on our Website or your browser controls.
How we use personal data
- Create and manage accounts; authenticate users.
- Generate, schedule, and publish content.
- Retrieve analytics and deliver notifications.
- Process payments and provide customer support.
- Secure the Services; detect fraud and abuse.
- Improve features, performance, and reliability.
- Send service messages (e.g., account, security, transactional).
- Comply with legal obligations.
- With your consent where required: send newsletters or marketing; measure and improve ads.
How we share personal data
We share data with service providers (processors) who help us run the Services, including cloud hosting, authentication, analytics, AI providers, payment processors, email providers, customer support providers, LinkedIn APIs, and Telegram APIs. They may process information only for purposes necessary to provide the Services. We may also share data:
- with your direction (e.g., integrations you choose),
- to comply with law, prevent fraud/security incidents, or protect rights,
- in a merger, acquisition, or asset transfer (with notice where appropriate).
We do not sell, rent, or trade personal data, including LinkedIn profile information or content data.
Service data in OPAD (your content)
When you add content to OPAD, we process it on your behalf and give you tools to access and export your data, share via integrations you choose, and request deletion.
Users are responsible for the content they choose to submit to the Services, including any sensitive information voluntarily provided.
Storage & retention
We keep personal data only as long as needed for the purpose collected, to provide the service, or to meet legal/record-keeping duties. When no longer needed, we delete or de-identify it.
If your subscription expires or is cancelled, OPAD may retain account data for up to sixty (60) days to facilitate account reactivation and data export. After this period, information may be permanently deleted or anonymized.
Deleting your data
You may request deletion of your account and associated personal information by contacting privacy@opad.ai. Upon receiving a valid request, we will delete or anonymize your personal information within a reasonable period and generally within thirty (30) days, unless a longer retention period is required by law, security obligations, fraud prevention, accounting purposes, or legitimate business interests.
Security
We use TLS encryption in transit and encryption of sensitive credentials at rest, and apply technical and organizational measures (access controls, least-privilege, logging, backups, authentication mechanisms) to protect data. No method is 100% secure; we work to continually improve.
Data breaches
If a breach occurs that is likely to result in harm, we will notify affected users and, where required, the relevant authority promptly, with details of our response.
International transfers
Your information may be processed and stored in countries other than your country of residence where our service providers operate. Where required, we take reasonable steps to ensure appropriate safeguards are in place.
Your rights
Subject to law, you may have rights to access, correct, delete, object/opt-out, withdraw consent, and complain. We will respond within a reasonable time; if we need more than 30 days, we'll let you know why.
How to exercise your rights: email privacy@opad.ai.
Region-specific information
United States
We aim to apply a consistent baseline aligned with state privacy laws (e.g., CA, CO, CT, DE, FL, IN, IA, MT, OR, TN, TX, UT, VA). US users may have rights to know/access, delete, correct, non-discrimination, and, for sensitive data, to limit use/disclosure.
- Shine the Light (CA): request our practices about sharing with third parties for their direct marketing.
- COPPA: we do not market to children under 13.
- CAN-SPAM/TCPA: opt-out of emails/SMS anytime.
Canada & Mexico
We follow PIPEDA (Canada) and LFPDPPP (Mexico). Users may withdraw consent, request access/correction/deletion/deactivation, or submit a complaint to their privacy authority.
Australia
We align with the Privacy Act and Australian Privacy Principles. You may request access, correction, deletion, portability, objection, and withdrawal of consent, and complain to OAIC.
Children
Our services are not directed to children. You must be at least 18 years old to use OPAD. We do not knowingly collect personal data from children.
Changes to this policy
If we change this policy, we'll update the “Last updated” date and post the new version here. Your continued use of the Services after changes become effective constitutes acceptance of the updated Privacy Policy.
Contact & grievance redressal
If you have questions or concerns, contact our Grievance Officer:
- Privacy: privacy@opad.ai (use “Grievance Officer” or “Data Protection” in the subject)
- Support: support@opad.ai
LinkedIn Developer Notice
OPAD uses LinkedIn APIs in accordance with LinkedIn's Developer Program policies. Data obtained through LinkedIn APIs is used solely to provide the Services requested by users and is not sold or shared with third parties for advertising purposes.
OPAD never publishes content to LinkedIn without explicit user approval and authorization.
OPAD's access to LinkedIn APIs is provided pursuant to LinkedIn's Developer Program policies. Such access does not constitute endorsement, certification, sponsorship, or approval by LinkedIn. OPAD is an independent service operated by Modularity Labs and is not affiliated with LinkedIn Corporation or Telegram Messenger LLP.