Privacy Policy

This policy explains what data MaraJolt collects, why we collect it, and how we protect it. We are committed to being transparent and keeping your data safe.

1. Data We Collect

MaraJolt collects the minimum data necessary to provide the service. Specifically, we collect:

Account information

Your email address and display name, provided when you create a MaraJolt account. We use Supabase for authentication — your password (if set) is hashed by Supabase and never stored in plaintext by MaraJolt.

Social media OAuth tokens

When you connect a social account (LinkedIn, X, Instagram, TikTok, Facebook), the platform issues an OAuth 2.0 access token and, where supported, a refresh token. We store these tokens in our database so we can publish content on your behalf. Tokens are stored encrypted at rest by Supabase.

Post content

The text and media content of posts you create, schedule, or generate through MaraJolt. This content is stored so it can be published at your chosen time and so you can review your posting history.

AI settings and preferences

Your preferred tone, content goals, posting topics, and scheduling preferences. These are used to personalize AI-generated content for you.

Usage and publishing logs

Records of publishing attempts (success or failure), including timestamps and platform-assigned post IDs. These are used for debugging, analytics, and providing you with a posting history.

We do not collect payment card numbers directly — payments are processed by a third-party processor (such as Stripe) that handles card data under their own PCI-compliant systems.

2. How We Use Your Data

We use the data we collect solely to operate and improve the MaraJolt service:

  • Publishing on your behalf: We use your OAuth tokens to post content to your connected social accounts at times you specify.
  • AI content generation: Your topic, tone, and goal preferences are sent to the Anthropic Claude API to generate platform-optimized post drafts.
  • Scheduling and notifications: We use your scheduled times and approval preferences to send you notifications before posts go live.
  • Account management: We use your email to send transactional emails (account confirmation, password reset, important service notices).
  • Service improvement: Aggregated, anonymized usage data may be used to improve the product. We do not sell your personal data or use it for advertising.

We will never publish content to your social accounts without either your explicit approval or a schedule you have set up.

3. Third-Party Services

MaraJolt integrates with the following third-party services to deliver its functionality. Each operates under their own privacy policy.

SupabasePrivacy Policy ↗

Database, authentication, and encrypted storage of your account data and OAuth tokens.

AnthropicPrivacy Policy ↗

AI content generation. Your topic, tone, and goal preferences are sent to the Claude API to generate post drafts. No personally identifiable information beyond your content preferences is shared.

LinkedInPrivacy Policy ↗

Publishing posts to your LinkedIn profile via the LinkedIn API when you have connected your LinkedIn account.

X (Twitter)Privacy Policy ↗

Publishing tweets to your X account via the X API v2 when you have connected your X account.

TikTokPrivacy Policy ↗

Publishing videos and content to your TikTok account via the TikTok API when connected.

Meta (Instagram & Facebook)Privacy Policy ↗

Publishing posts and stories to your Instagram and Facebook accounts via the Meta Graph API when connected.

VercelPrivacy Policy ↗

Cloud hosting and deployment infrastructure. Request logs may be retained by Vercel per their policy.

InngestPrivacy Policy ↗

Background job scheduling for publishing posts at their scheduled times.

4. Data Retention & Deletion

We retain your data for as long as your account is active. Specifically:

  • Account data: Retained until you delete your account.
  • OAuth tokens: Retained while you keep your social account connected. Tokens are invalidated when you disconnect an account from MaraJolt (we set is_active = false and stop using them).
  • Post content and history: Retained while your account is active. You may delete individual posts from the dashboard at any time.
  • Publishing logs: Retained for 12 months to support debugging and analytics, then automatically purged.

To request deletion of your account and all associated data, email privacy@marajolt.ai with the subject line "Account Deletion Request". We will process your request within 30 days and confirm deletion by email.

5. Cookies & Tracking

MaraJolt uses cookies only as necessary for the service to function:

  • Authentication cookies: Supabase sets a session cookie to keep you logged in across page loads. This cookie expires when your session ends or you sign out.
  • CSRF state cookies: Short-lived cookies set during the OAuth connection flow (e.g. connecting LinkedIn or X) to prevent cross-site request forgery. These are deleted immediately after the OAuth flow completes.

We do not use advertising cookies, third-party tracking pixels, or analytics cookies that track you across other websites.

6. Security

We take data security seriously and implement multiple layers of protection:

  • All data is transmitted over HTTPS (TLS 1.2+).
  • OAuth tokens are stored in a Supabase database with Row-Level Security (RLS) — users can only access their own data.
  • The Supabase service role key (used for background jobs) is never exposed to the browser and is only used server-side.
  • Passwords are hashed by Supabase using bcrypt before storage — MaraJolt never sees your plaintext password.
  • API keys and secrets are stored as environment variables and never committed to source code.

If you discover a security vulnerability in MaraJolt, please report it responsibly to privacy@marajolt.ai.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right of rectification: Request correction of inaccurate data.
  • Right of erasure: Request deletion of your personal data (see Section 4).
  • Right of portability: Request your data in a machine-readable format.
  • Right to object: Object to processing of your data for certain purposes.

To exercise any of these rights, contact us at privacy@marajolt.ai. We will respond within 30 days.

8. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

Email: privacy@marajolt.ai

Website: marajolt.ai

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and update the "Last updated" date below. Continued use of MaraJolt after changes constitutes acceptance of the updated policy.

Last updated: March 2026

Terms of Service← Back to home