Privacy Policy

Last updated: June 16, 2026

1. Who We Are (Data Controller)

MefApp ("we", "our", "us") is a scheduling tool operated by MEF Labs that publishes content to social media platforms on your behalf. For the purposes of the EU General Data Protection Regulation (GDPR) and other applicable data protection laws, MEF Labs is the data controller responsible for your personal data.

You can reach us at any time at contact@meflabs.com.

2. Introduction

This policy explains what data we collect, how and why we use it, who we share it with, how long we keep it, how we protect it, and the rights you have over it. We are committed to handling your data responsibly and only as needed to provide the service.

3. Data We Collect

When you connect a social media account through the platform's official OAuth flow, and when you use the service, we collect:

4. Permissions We Request

We only request the permissions required to operate the service on each social media platform you connect, and we use each of them for the stated purpose only:

5. How We Use Your Data & Legal Bases

Your data is used solely to operate the publishing and scheduling features of the service. Access tokens are used exclusively to publish or schedule content to social media platforms on your behalf, and profile data is used only to display your connected account back to you. We do not use your data for advertising and we do not sell it.

Where the GDPR applies, we rely on the following legal bases:

6. Who We Share Data With

We do not sell your personal data and we do not share it with third parties for their own purposes. We only transmit data where it is necessary to operate the service: the content and captions you choose to publish are sent to the API of the relevant social media platform to be posted to your account. We may also disclose data where required to comply with a legal obligation, court order, or valid request from a public authority.

7. Data Storage & Security

Data is stored on a private, access-controlled server. We apply technical and organizational measures to protect it, including encryption of data in transit (HTTPS/TLS), secure storage of OAuth access and refresh tokens, and hashing of account passwords. Access to stored data is restricted to what is necessary to operate the service. No method of transmission or storage is completely secure, but we work to protect your data and to limit what we collect to what is strictly needed.

8. Data Retention

We keep your data only for as long as it is needed to provide the service. Platform tokens and connected-account data are retained while your social media account remains connected and are deleted immediately when you disconnect it. Your MefApp account data (such as your email) is retained while your account is open and deleted when you request account deletion. Uploaded content is retained only as long as needed to publish or schedule them and to populate your library, and are removed when you delete them or close your account.

9. International Data Transfers

When you publish content, data is transmitted to the relevant social media platform, which may process it on servers located outside your country, including outside the European Economic Area. Such transfers are governed by that platform's own policies and the safeguards it puts in place. Where we transfer data internationally, we rely on appropriate safeguards as required by applicable law.

10. Data Deletion & Revoking Access

You can disconnect a social media account at any time from the Accounts page, which immediately deletes the stored tokens and associated profile data from our system. You can also revoke MefApp's access directly from the connected platform's account settings, in its apps or security permissions section. To request full deletion of your MefApp account and all related data, contact us at the address below and we will process the request.

11. Your Rights

Depending on your location, and in particular under the GDPR, you have the right to:

To exercise any of these rights, contact us at contact@meflabs.com. We will respond within the timeframe required by applicable law.

12. California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA/CPRA) gives you the right to know what personal information we collect and how we use it, to request access to or deletion of that information, and to not be discriminated against for exercising these rights. We do not sell or share your personal information as those terms are defined under California law, and we do not use it for cross-context behavioral advertising. To exercise your California rights, contact us at contact@meflabs.com.

13. Other Regions

MefApp is available worldwide. Wherever you are located, we apply the same core data-protection principles described in this policy: collecting only what is needed, never selling your data, securing it, and letting you access or delete it at any time. If you reside in a region with its own data-protection law — such as the UK (UK GDPR), Switzerland (FADP), Canada (PIPEDA), Brazil (LGPD), Australia (Privacy Act), or elsewhere — you may have additional rights under that law, and you can exercise them by contacting us at contact@meflabs.com. We honor verified requests in accordance with the applicable local law.

14. Cookies

We use a single essential session cookie to keep you signed in to your MefApp account. This cookie is strictly necessary for the service to function and is not used for advertising or third-party tracking.

15. Third-Party Services

This application interacts with the APIs of the social media platforms you choose to connect and handles platform data in accordance with each platform's developer terms of service. Please refer to the privacy policy of each social media platform you connect for information on how that platform handles your data.

16. Children's Privacy

The service is not directed to children and we do not knowingly collect personal data from anyone under the age of 18. You must be at least 18 years old, or the age of majority in your jurisdiction, to use MefApp.

17. Changes to This Policy

We may update this policy from time to time. Material changes will be reflected by updating the "Last updated" date above.

18. Contact

For any privacy-related requests, including data access or deletion, contact us at: contact@meflabs.com