Last updated: 26 May 2026 — Data controller: Neoservice, Switzerland — Contact: hello@neoservice.ai
Contributor Responsibilities
At Neoservice, we are committed to maintaining the highest standards of privacy and data protection. Our team members, contributors and partners are responsible for safeguarding personal information and complying with our strict privacy guidelines. Every individual involved in our operations must understand and adhere to applicable data protection laws, including the Federal Act on Data Protection (FADP) and the new Federal Act on Data Protection (nFADP) in Switzerland, as well as the General Data Protection Regulation (GDPR) in Europe.
All team members receive comprehensive training on privacy best practices and must sign confidentiality agreements. We implement role-based access controls to ensure that personal information is only accessible to authorised personnel who need it to carry out their duties. Regular audits and assessments are conducted to verify compliance with our privacy standards.
Collection of Personal Data
We collect personal information only when necessary to provide our services and improve your user experience. The types of information we may collect include:
Contact Information: Name, email address, phone number and postal address when you contact us or request our services.
Website Usage Data: IP address, browser type, device information, pages visited and interaction patterns via cookies and analytics tools.
Service-Related Information: Project requirements, preferences and communication history to provide personalised services.
Payment Information: Billing details processed securely through encrypted third-party payment processors.
We collect this information through various means, including contact forms, service requests, website interactions and direct communication. All data collection is transparent, with a clear notice provided regarding what information is collected and why.
Data Protection
Your personal information is protected by multiple layers of security measures designed to prevent unauthorised access, disclosure, alteration or destruction. Our data is hosted in Switzerland on secure servers in accordance with the requirements of the FADP and nFADP. Our security framework includes:
Technical Measures: Advanced encryption for data transmission and storage, secure servers with regular security updates, firewalls and intrusion detection systems.
Administrative Controls: Access controls restricting data access to authorised personnel only, regular security training for staff and comprehensive incident response procedures.
Physical Security: Secure facilities with restricted access, environmental controls and proper disposal of physical documents containing personal information.
We regularly review and update our security measures to address emerging threats and maintain compliance with industry standards. In the unlikely event of a data breach, we have established procedures to promptly notify affected individuals and competent authorities as required by law.
Data from Connected Social Media Platforms
Neoservice offers social media management and publishing features that allow you to connect your professional accounts (Facebook, Instagram, LinkedIn) in order to create, schedule and publish content, and measure its performance. These features are strictly optional: no social media data is collected unless you have explicitly authorised a connection through the platform's official authorisation process (OAuth).
When you connect an account, we access and process the following data solely to provide the service you have enabled:
Facebook (Pages): the list of Pages you administer (pages_show_list), the metadata and published content of those Pages (pages_read_engagement), and the ability to create, edit and delete posts on your behalf (pages_manage_posts). Where applicable, access to the associated Meta Business Manager account (business_management).
Instagram (professional accounts): the basic information of the linked Instagram professional account (instagram_basic) and the ability to publish content on your behalf (instagram_content_publish).
LinkedIn: your member or page identifier and the ability to publish content on your behalf (openid, w_member_social).
For each connection, we store an access token issued by the platform, encrypted at rest (AES-256-GCM), together with the identifier and public name of the connected account. We never access your private messages, your friends or contacts list, or any data beyond the strict scope of the permissions you have granted.
Use: this data is used exclusively to carry out the actions you request — publishing or scheduling a post, and reading the engagement statistics of your own content. We do not sell or rent this data, nor do we use it for any advertising or profiling purpose.
Meta compliance: our collection, use and transfer of information received from Meta's APIs (Facebook, Instagram) comply with the Meta Platform Terms (https://developers.facebook.com/terms/) and the Developer Policies. Data obtained via Meta platforms is used only for the purposes described above.
Retention, Withdrawal of Consent and Data Deletion
You retain full control over the accounts you connect:
Withdrawal at any time: you may disconnect a social media account directly from your Neoservice workspace. Disconnecting immediately and permanently revokes and deletes the corresponding access token from our systems.
Retention: we retain tokens and connected account identifiers only for as long as the connection remains active. Upon disconnection, or in the event of prolonged account inactivity, this data is deleted.
Deletion request: you may at any time request the deletion of all data associated with your account by writing to hello@neoservice.ai. We process such requests within 30 days and confirm deletion in writing. You may also revoke the application's access from the settings of the relevant platform (for example: Facebook → Settings and privacy → Settings → Apps and websites).
Changes to the Privacy Policy
We may update this privacy policy periodically to reflect changes in our practices, services or applicable laws. When we make significant changes, we:
- Publish the updated policy on our website with a clear "Last updated" date
- Send email notifications to users who have provided their contact details
- Provide a prominent notice on our website for at least 30 days following any significant change
- Retain previous versions of the policy for reference and comparison
We encourage you to review this privacy policy regularly to stay informed about how we protect your information. Your continued use of our services after any change indicates your acceptance of the updated terms. If you have questions about the changes, please contact us using the information provided in our Contact section.