Platform

Platform Privacy Policy

Oneiro Digital Global Ltd. Last updated: 4 April 2026

1. About this policy

This Privacy Policy applies to the Oneiro Digital social media management platform ("Platform"), operated by Oneiro Digital Global Ltd ("we", "us", "our"). The Platform enables Oneiro Digital to manage, schedule, and publish content to social media pages on behalf of clients, using authorised connections to third-party platforms including Meta (Facebook and Instagram). This policy explains how we collect, use, store, and protect data accessed through those connections.

2. Who we are

Oneiro Digital Global Ltd is a digital marketing agency registered in England and Wales. Our registered contact email is hello@oneiro.digital. For the purposes of UK GDPR and the Data Protection Act 2018, Oneiro Digital Global Ltd is the data controller for personal data processed through this Platform.

3. Data we access via Meta APIs

When a client authorises our Platform to manage their Facebook Pages or Instagram accounts, we may access the following data via the Meta Platform: Page access tokens and administrative permissions; Page posts, comments, messages, and engagement metrics; Page audience and reach analytics; Scheduled and published content; Ad account data where relevant to campaign reporting. We access only the permissions necessary to perform the services agreed with each client. We do not access personal profile data of individual Facebook users beyond what is required for Page management and analytics.

4. How we use this data

Data accessed via the Meta Platform is used solely for the following purposes: publishing and scheduling social media content on behalf of clients; monitoring and reporting on content performance and audience engagement; managing client Page inboxes where instructed; and providing analytics and reporting to clients. We do not use Meta Platform data for advertising, profiling, selling to third parties, or any purpose beyond the agreed scope of client services.

5. Data sharing

We do not sell, rent, or share Meta Platform data with any third parties except as follows: with the client whose Page data it is, in the form of reports and performance summaries; with sub-processors necessary to deliver our services, under data processing agreements that restrict use to service delivery only; and where required by law or regulatory authority. We do not transfer Meta Platform data to data brokers, advertisers, or analytics platforms.

6. Meta Platform data restrictions

Our use of data obtained through the Meta Platform is subject to Meta's Platform Terms and Developer Policies. We comply with all applicable restrictions, including: not using Platform data to discriminate against users; not using Platform data for surveillance; not combining Platform data with other data sources in ways that violate Meta's policies; and not retaining Platform data beyond the periods described in this policy.

7. Data retention

We retain data accessed via the Meta Platform only for as long as necessary to deliver the agreed services. Client Page analytics and performance data is retained for a maximum of 24 months following the end of a client engagement, after which it is deleted or anonymised. Access tokens are revoked and deleted promptly upon termination of a client engagement. You may request earlier deletion at any time by contacting hello@oneiro.digital.

8. Data security

We implement appropriate technical and organisational measures to protect all data accessed through the Platform, including encryption in transit and at rest, restricted access controls, and regular security reviews. Access tokens and API credentials are stored securely and are never shared externally.

9. Your rights under UK GDPR

If you are an individual whose data is processed through our Platform (for example, as a Page administrator whose account is connected), you have the right to access, correct, or delete your data; to object to processing; to restrict processing; and to data portability. To exercise any of these rights, contact us at hello@oneiro.digital. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

10. EU and US users

For users located in the European Union, we process data in accordance with the EU GDPR. For users located in the United States, we comply with applicable US federal and state privacy laws, including the California Consumer Privacy Act (CCPA) where applicable. California residents have the right to request disclosure of data collected, request deletion, and opt out of the sale of personal data. We do not sell personal data.

11. Data deletion

To request deletion of any data we hold in connection with this Platform, visit oneiro.digital/platform/data-deletion or contact us directly at hello@oneiro.digital. We will action all verified deletion requests within 30 days.

12. Changes to this policy

We may update this policy from time to time. The date at the top of this page reflects the most recent revision. Continued use of the Platform following any update constitutes acceptance of the revised policy.

13. Contact

For any questions relating to this Privacy Policy or our use of Meta Platform data, contact Oneiro Digital Global Ltd at hello@oneiro.digital.