← Back to Dealer Social

Privacy Policy

Last updated: 7 May 2026

1. Who we are

Dealer Social (“we”, “us”, “our”) is a social media content platform for car dealerships. It is operated by MSS Tech Solutions Ltd. This policy describes how we collect, use, and protect information when you use our application.

2. Information we collect

  • Account information: name, email address, and dealer business details you provide during registration.
  • AutoTrader vehicle data: vehicle listings, images, and stock events received via AutoTrader webhooks on behalf of your dealership.
  • Generated content: captions, hashtags, reel scripts, voiceover scripts, rendered media references, publishing status, and related review/approval history.
  • Social platform data: when you connect Facebook, Instagram, or TikTok, we receive OAuth tokens, Page IDs, and post performance metrics (likes, reach, comments) from those platforms.
  • Usage data: standard server logs including IP addresses, browser type, and pages visited.

3. How we use your information

  • Generate, schedule, and publish social media content on your behalf.
  • Use AI-assisted tools to draft captions and hashtags, prepare slideshow reel copy, generate optional voiceover scripts, help select/order vehicle imagery, and support rendering and publishing workflows.
  • Collect post insights to optimise content style and timing.
  • Authenticate you and secure your account.
  • Send transactional emails (e.g. verification codes).
  • Improve the product through aggregated, anonymised analytics.

4. Third-party services

We share data with third parties only as necessary to operate the service: Meta (Facebook / Instagram), TikTok, AutoTrader, OpenAI, ElevenLabs, Cloudinary, Remotion/AWS, Resend (email), and our hosting providers. We do not sell your data.

5. Data retention

We retain your data for as long as your account is active. Vehicle images are stored as AutoTrader CDN URLs and are not duplicated into our own storage. Generated media assets are retained temporarily for publishing delivery (typically 24 hours after publishing, or 7 days after rejection/failure) and then deleted. Durable business records such as published post history, provider IDs, permalinks, usage ledgers, audit logs, security records, and backup copies may be retained where needed for legal, security, billing, or operational reasons.

You may request access, export, correction, or deletion review at any time. Requests are verified and processed operationally rather than triggering automatic hard deletion.

6. Security

Integration tokens are encrypted at rest with AES-256-GCM. All traffic is served over HTTPS. Access is scoped per dealer account.

7. Your rights

You can request access to, correction of, export of, or deletion review for your personal data at any time from the Account page in the dashboard if you are an authorised account admin, or by contacting us. See our data deletion page for details.

8. Contact

For privacy-related enquiries, email us at privacy@dealer-social.io.