Back to legal information

Privacy Policy

Last updated: December 19, 2025

Article 1 - Introduction

Muka HD, a limited liability company registered in France under SIREN number 991 856 279, operating under the trade name CyrenAI, is committed to protecting the privacy of its users. This privacy policy aims to inform users of the CyrenAI platform (accessible via www.cyrenai.io and app.cyrenai.io) about how their personal data is collected, used, stored, and protected.

Article 2 - Data Controller

The data controller for personal data is:

Muka HD
Trade name: CyrenAI
Registered office: 18 Chemin du Moulin, 44500 La Baule-Escoublac, France
SIREN: 991 856 279
Email: privacy@cyrenai.io

Article 3 - Data Collected

In the course of using our Service, we collect the following categories of data:

3.1 Account Data
Email address, first and last name, profile picture (optional), language and notification preferences.

3.2 Social Media Data (via OAuth)
User identifier, profile or Page name, organization logo, publication statistics (reactions, comments, shares).

3.3 Content Data
Post drafts, scheduled publications, uploaded images and media, publication history.

3.4 Technical Data
IP address, browser and device type, pages visited and actions taken, connection logs.

Article 4 - Purposes of Processing

The personal data collected is processed for the following purposes:

  • Service provision: account management, content publishing, post scheduling
  • Social media publishing: publishing content on your behalf on your profiles and Pages
  • Performance analysis: displaying statistics of your publications
  • Service improvement: analyzing usage to improve our platform
  • Communication: informing about updates and important changes
  • Security: fraud prevention and protection of our systems

Article 5 - Legal Basis for Processing

In accordance with the General Data Protection Regulation (GDPR), personal data processing is based on the following legal grounds:

  • Contract performance : to provide the subscribed services
  • Consent : for accessing social media data via OAuth 2.0
  • Legitimate interests : for security, service improvement, and fraud prevention
  • Legal obligation : to comply with our tax and legal obligations

Article 6 - LinkedIn Integration

When you connect your LinkedIn account or LinkedIn Company Page to CyrenAI:

  • We only access data that you authorize through the OAuth 2.0 protocol
  • We never store your LinkedIn credentials (password)
  • We never share your LinkedIn data with third parties
  • You can revoke access at any time from your LinkedIn account

LinkedIn data collected: user/organization identifier, profile or Company Page name, organization logo, publication statistics.

Usage: publishing content on your behalf, displaying statistics, managing connected Company Pages.

Restrictions: We do not sell, transfer, or share your LinkedIn data with third parties. We do not use your data for advertising, sales prospecting, or recruiting.

CyrenAI is not affiliated, associated, authorized, endorsed, or sponsored by LinkedIn Corporation.

Article 7 - Meta Integration (Facebook and Instagram)

When you connect your Facebook or Instagram account to CyrenAI:

  • We only access data that you authorize through Meta's OAuth 2.0 protocol
  • We never store your Meta credentials (password)
  • We never share your Meta data with unauthorized third parties
  • You can revoke access at any time from your Facebook or Instagram account settings

Meta data collected: user/page identifier, profile or Page name, profile picture, publication statistics (likes, comments, shares, views).

Usage: publishing content on Facebook and Instagram on your behalf, displaying performance statistics, managing connected Pages.

Restrictions: We comply with Meta Platform data policies. We do not sell your data or use it for unauthorized advertising purposes.

CyrenAI is not affiliated, associated, authorized, endorsed, or sponsored by Meta Platforms, Inc.

Article 8 - X Integration (formerly Twitter)

When you connect your X account to CyrenAI:

  • We only access data that you authorize through X's OAuth 2.0 protocol
  • We never store your X credentials (password)
  • We never share your X data with unauthorized third parties
  • You can revoke access at any time from your X account settings

X data collected: user identifier, username (@handle), display name, profile picture, tweet statistics (likes, retweets, replies, impressions).

Usage: publishing tweets and threads on your behalf, displaying performance statistics.

Restrictions: We comply with X API terms of service. We do not sell your data or use it for spam or unauthorized activities.

CyrenAI is not affiliated, associated, authorized, endorsed, or sponsored by X Corp.

Article 9 - Data Retention Periods

Personal data is retained for the following periods:

  • Account data: duration of subscription + 3 years
  • Drafts and publications: duration of subscription
  • Technical logs: 12 months
  • Social activity data (LinkedIn, Meta, X): 48 hours maximum
  • Social media profile data: 24 hours maximum
  • Access tokens: until revocation or expiration

In compliance with third-party platform requirements (LinkedIn, Meta, X), we adhere to strict retention periods for data from their APIs.

Article 10 - Data Sharing

We never sell your personal data. We only share your data with the following recipients:

  • LinkedIn Corporation : content publishing and statistics retrieval (via official API)
  • Meta Platforms, Inc. : publishing on Facebook/Instagram and statistics retrieval
  • X Corp. : tweet publishing and statistics retrieval
  • Vercel Inc. : application hosting (USA)
  • Stripe, Inc. : payment processing (USA)
  • Clerk, Inc. : secure authentication

Transfers outside EU: We use subcontractors based in the United States. These transfers are governed by Standard Contractual Clauses (SCCs) approved by the European Commission or the EU-US Data Privacy Framework.

Article 11 - Your Rights

Under the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access : obtain a copy of your personal data
  • Right to rectification : correct inaccurate or incomplete data
  • Right to erasure : request deletion of your data
  • Right to data portability : receive your data in a structured format
  • Right to restriction : limit the processing of your data
  • Right to object : object to the processing of your data
  • Withdrawal of consent : withdraw your consent at any time

To exercise these rights, contact us at: privacy@cyrenai.io

You also have the right to lodge a complaint with the CNIL (French Data Protection Authority): www.cnil.fr

Article 12 - Data Security

We implement appropriate technical and organizational security measures to protect your personal data:

  • Data encryption in transit (HTTPS/TLS)
  • Secure storage of access tokens
  • Restricted data access based on the principle of least privilege
  • Intrusion monitoring and detection
  • Regular encrypted backups

Article 13 - Cookies

We use cookies for the operation of our Service. For more information about the cookies used and how to manage them, please see our Cookie Policy.

Article 14 - Changes

We reserve the right to modify this privacy policy. In case of substantial changes, we will inform you by email or via a notification on our platform at least 30 days before the new provisions take effect.

Article 15 - Contact

For any questions regarding this privacy policy or to exercise your rights relating to your personal data, you can contact us:

Data Protection Officer
Email: privacy@cyrenai.io
Address: Muka HD, 18 Chemin du Moulin, 44500 La Baule-Escoublac, France