Privacy Policy

Ironhand Social Media

Effective Date: March 29, 2026
Last Updated: March 29, 2026

Welcome to Ironhand Social Media (“Platform”), operated by Ironhand S.A. de C.V. (“Ironhand,” “we,” “our,” or “us”).

This Privacy Policy explains how we collect, use, store, process, share, and protect personal information when you use Ironhand Social Media, including all related websites, dashboards, mobile applications, APIs, integrations, communication tools, analytics systems, publishing services, and related technology services (collectively, the “Services”).

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.

---

1. Company Information

Data Controller / Responsible Party
Ironhand S.A. de C.V.
Little Rock, Arkansas, United States

Support Email: support@ironhand.org

For privacy requests, legal inquiries, or data rights requests, contact:
support@ironhand.org

---

2. Information We Collect

A. Information You Provide Directly

When you register or interact with the Platform, we may collect:

• Full name

• Business or organization name

• Username and account details

• Email address

• Phone number

• Billing address

• Payment and invoicing information

• Login credentials

• Profile photos or avatars

• Customer support communications

• Uploaded content and media

• Any additional information voluntarily submitted

---

B. Workspace and Organization Data

We may collect and store:

• Team or organization names

• User roles and permissions

• Social media workspace settings

• Scheduling preferences

• Publishing configurations

• Internal notes and folders

• Content categorization data

• Collaboration activity

---

C. Social Media Integration Data

When users connect third-party platforms, we may process:

• Account identifiers

• Channel or page names

• Profile metadata

• Posts and drafts

• Captions and hashtags

• Messages and comments

• Analytics and engagement metrics

• Scheduling data

• Media metadata

• Authentication tokens

• API connection data

• Other information authorized through integrations

Integrations may include platforms such as:

• Meta

• TikTok

• Google

• YouTube

• LinkedIn

• X

---

D. Device and Usage Information

We automatically collect certain technical information, including:

• IP address

• Browser type and version

• Device identifiers

• Operating system

• Session activity

• Pages viewed

• Referring URLs

• Error logs

• Diagnostic information

• Time stamps

• Clickstream activity

• Language preferences

---

E. Cookies and Tracking Technologies

We may use:

• Cookies

• Pixels

• Session identifiers

• Analytics tools

• Tracking technologies

• Security monitoring tools

These technologies help improve performance, analytics, security, and user experience.

---

F. Payment Information

Billing and payment processing may involve third-party providers. Ironhand does not generally store complete payment card details directly on our servers.

---

3. Sensitive Information

Ironhand Social Media does not intentionally request sensitive personal information unless legally necessary or specifically required for service functionality.

If users voluntarily submit sensitive data, they confirm they have the legal right to provide such information.

---

4. How We Use Information

We may use collected information to:

• Provide and maintain Services

• Authenticate accounts

• Manage social media publishing

• Operate integrations

• Generate analytics and reports

• Process subscriptions and payments

• Improve platform performance

• Respond to support requests

• Prevent fraud and abuse

• Enforce policies and agreements

• Conduct internal operations

• Maintain platform security

• Send operational communications

• Send marketing communications where legally permitted

• Comply with legal obligations

---

5. Legal Bases for Processing

Depending on applicable laws, we process information under legal bases including:

• User consent

• Contractual necessity

• Legitimate interests

• Compliance with legal obligations

• Protection of rights and security

• Other lawful bases permitted by law

---

6. Sharing of Information

A. Service Providers

We may share information with vendors and providers that assist with:

• Hosting

• Cloud infrastructure

• Analytics

• Payment processing

• Customer support

• Security monitoring

• Communication systems

---

B. Third-Party Platforms

Information may be transmitted to connected third-party platforms as part of the Services functionality.

---

C. Within Organizations

Workspace administrators and authorized team members may access information associated with their organization.

---

D. Legal Compliance

We may disclose information when required by law or when reasonably necessary to:

• Comply with legal processes

• Protect rights and security

• Prevent fraud or abuse

• Respond to government requests

---

E. Business Transfers

If Ironhand undergoes a merger, acquisition, restructuring, or sale of assets, information may be transferred as part of the transaction.

---

7. International Data Transfers

Your information may be processed or stored in countries outside your own jurisdiction. We implement reasonable safeguards where required by law.

---

8. Data Retention

We retain information for purposes including:

• Providing Services

• Legal compliance

• Security and fraud prevention

• Dispute resolution

• Backup and recovery systems

• Enforcement of agreements

Retention periods may vary depending on legal, operational, or contractual obligations.

---

9. Security Measures

Ironhand Social Media uses commercially reasonable security measures, including:

• Encryption

• Access controls

• Authentication systems

• Role-based permissions

• Activity monitoring

• Backup systems

• Security audits

However, no digital platform can guarantee absolute security.

---

10. User Rights

A. Rights Under Mexican Law (ARCO)

Users may have rights to:

• Access personal data

• Correct inaccurate data

• Cancel data

• Oppose certain processing activities

• Revoke consent

---

B. Additional Rights Depending on Jurisdiction

Users may also have rights to:

• Know what information is collected

• Request deletion

• Restrict processing

• Request data portability

• Withdraw consent

Requests may be submitted to:
support@ironhand.org

---

11. Cookies Policy

Cookies and similar technologies may be used for:

• Login authentication

• Security

• Preferences

• Analytics

• Performance optimization

• Session management

Users may disable cookies through browser settings, although some features may stop functioning properly.

---

12. Third-Party Services

Ironhand Social Media is not responsible for the privacy practices, policies, or content of third-party services connected through the Platform.

Users are encouraged to review the policies of all third-party platforms they connect.

---

13. User Responsibility for Third-Party Data

Users are responsible for ensuring they have the legal right to collect, upload, manage, process, and share any third-party data through the Platform.

---

14. Children’s Privacy

The Services are not intended for children without proper legal authorization or parental consent where required by law.

---

15. Changes to This Policy

We may update this Privacy Policy periodically. Updated versions will be published through the Platform.

Continued use of the Services after updates constitutes acceptance of the revised Policy.

---

16. Contact Information

Ironhand S.A. de C.V.

Little Rock, Arkansas, United States

Email: support@ironhand.org

---

Platform Procedures & Data Handling Standards

Ironhand Social Media

The following operational procedures apply to the use of Ironhand Social Media:

Account Security Procedures

• Users are responsible for maintaining account security.

• Users must not share credentials without authorization.

• Multi-user workspaces should use role-based permissions.

• Suspicious activity may trigger temporary account restrictions.

Social Media Publishing Procedures

• Connected accounts must comply with the policies of their respective platforms.

• Users are responsible for content published through the Platform.

• Automated posting features must not be used for illegal spam or abusive behavior.

AI & Automation Procedures

• AI-generated content should be reviewed before publication.

• Users remain responsible for final published content.

• Automated systems may analyze content for moderation, categorization, or optimization purposes.

Payment & Subscription Procedures

• Subscription fees may renew automatically unless canceled.

• Failed payments may result in suspension of Services.

• Certain plans may include usage limits or API restrictions.

Workspace Administration Procedures

• Workspace administrators control permissions and user access.

• Removing users may revoke access to associated content and workspaces.

• Organization owners are responsible for internal team management.

Abuse & Platform Protection

Ironhand reserves the right to suspend or terminate accounts involved in:

• Illegal activity

• Fraud

• Harassment

• Unauthorized automation

• Security abuse

• Intellectual property violations

• Malicious API usage

Backup & Recovery Procedures

• Ironhand may maintain automated backups for operational recovery.

• Users are encouraged to maintain independent backups of important content.

API & Integration Procedures

• API access may be rate limited.

• Unauthorized scraping or abuse is prohibited.

• Third-party integrations may change functionality without notice based on provider limitations.

Incident Response Procedures

If a security incident is detected, Ironhand may:

• Temporarily restrict access

• Reset credentials

• Notify affected users where legally required

• Conduct internal investigations

• Cooperate with lawful authorities when necessary