Legal

Privacy Policy

Effective Date: March 19, 2026  ·  Last Updated: March 19, 2026

This Privacy Policy describes how Neon Rose Inc ("Company," "we," "us," or "our") collects, uses, discloses, and protects information in connection with the Edensight platform ("Platform"). By using Edensight, you agree to the practices described in this policy.

1. Who We Are

Edensight is a social media analytics platform operated by Neon Rose Inc, a California corporation.

Neon Rose Inc
3111 Camino Del Rio North, Suite 400
San Diego, California 92108
privacy@neonroseagency.com

2. Information We Collect

2.1 Account Information

When you register or accept an invitation, we collect:

  • Name and email address
  • Organization name (for Organization accounts)
  • Password (stored as a hashed value — we never store plaintext passwords)

2.2 Social Media Data

When you connect a social media account (Instagram, TikTok, YouTube, Facebook), we collect:

  • OAuth access tokens (encrypted at rest using AES-256-GCM)
  • Public profile information (username, display name, profile picture URL)
  • Content data: posts, videos, stories, and associated metadata (captions, timestamps, media types)
  • Performance metrics: views, likes, comments, shares, reach, impressions, saves, and story-specific metrics (exits, taps forward, taps back)

We access this data on your behalf using official platform APIs and store it to power analytics features.

2.3 Usage Data

We automatically collect certain information when you use the Platform, including:

  • IP address and browser/device type
  • Pages visited and features used
  • Session timestamps

2.4 Cookies and Similar Technologies

We use cookies and local storage to maintain session state and authenticate users. We do not use third-party advertising cookies.

3. How We Use Your Information

We use the information we collect to:

  • Provide the Platform: Display analytics, sync social data, and enable creator-organization workflows.
  • Authenticate Users: Verify identity and maintain secure sessions.
  • Send Invitations: Deliver email invitations to Creators on behalf of Organizations.
  • Sync Data: Run background jobs to periodically refresh social metrics and token validity.
  • Improve the Platform: Understand usage patterns to fix bugs and build new features.
  • Communicate: Send transactional emails (e.g., account invitations, password resets). We do not send unsolicited marketing emails.
  • Legal Compliance: Comply with applicable laws and respond to lawful requests.

4. How We Share Your Information

We do not sell your personal information. We may share information as follows:

4.1 Within the Platform

Organizations can view Social Data and analytics for Creators who have accepted their invitation and connected accounts. Creators control which accounts they connect and can revoke access at any time.

4.2 Service Providers

We engage trusted third-party providers who process data on our behalf under confidentiality obligations:

  • Supabase — authentication and database hosting
  • Railway — cloud infrastructure and deployment
  • Resend — transactional email delivery
  • Trigger.dev — background job processing

4.3 Social Media Platforms

We access data from Instagram, TikTok, YouTube, and Facebook using their official APIs under your authorization. Data flows from those platforms to us; we do not transmit your personal data back to them beyond what OAuth authentication requires.

4.4 Legal Requirements

We may disclose information if required by law, court order, or governmental authority, or to protect the rights, property, or safety of Neon Rose Inc, our users, or the public.

4.5 Business Transfers

If Neon Rose Inc is acquired, merges with another entity, or transfers its assets, your information may be transferred as part of that transaction. We will notify you of any such change via email or prominent notice on the Platform.

5. Data Retention

  • Account data is retained for as long as your account is active, and for up to 90 days following account deletion for backup and legal compliance purposes.
  • Social Data and metrics are retained as long as your account is active. Disconnecting a social account stops future syncs; historical data may be retained for analytics continuity unless you request deletion.
  • Access tokens are encrypted and retained only as long as necessary to perform syncs. Tokens are refreshed automatically and revoked upon account disconnection.

6. Security

We implement industry-standard security measures to protect your data:

  • OAuth tokens are encrypted at rest using AES-256-GCM.
  • All data in transit is encrypted via TLS/HTTPS.
  • Database access is restricted to authenticated application services.
  • We conduct regular security reviews of our systems.

No method of transmission or storage is 100% secure. If you believe your account has been compromised, contact us immediately.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request corrections to inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention obligations.
  • Revocation: Disconnect social media accounts at any time through account settings or through the respective social platform.
  • Data Portability: Request your data in a structured, machine-readable format.
  • Opt-Out: We do not engage in data sales or targeted advertising.

To exercise any of these rights, contact us at privacy@neonroseagency.com. We will respond within 30 days.

8. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  • The right to know what personal information we collect, use, disclose, or sell.
  • The right to delete personal information we have collected from you.
  • The right to opt out of the sale or sharing of personal information. We do not sell personal information.
  • The right to non-discrimination for exercising your privacy rights.
  • The right to correct inaccurate personal information.

To submit a California privacy request, email privacy@neonroseagency.com with the subject line "California Privacy Request."

9. Children's Privacy

Edensight is not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected data from a minor, we will delete it promptly.

10. Third-Party Links

The Platform may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy on the Platform and updating the "Last Updated" date. Continued use of the Platform after changes take effect constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact:

Neon Rose Inc
3111 Camino Del Rio North, Suite 400
San Diego, California 92108
privacy@neonroseagency.com
© 2026 Neon Rose Inc·Privacy Policy·Terms of Service