This page contains the privacy policy for Bippsi, explaining how we collect, use, store, and protect your personal data.

Privacy Policy

Last updated: March 21, 2026

Big App Studio LLC ("we," "us," or "our") operates the Bippsi platform at bippsi.com (the "Service"). This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our Service.

By using our Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

Full name
Email address
Password (stored as a one-way cryptographic hash — we never store your plaintext password)

1.2 Social Media Account Data (Social Ninja)

When you connect social media accounts through Social Ninja, we collect and store:

Platform username and display name
Profile image URL
Platform user ID
OAuth access tokens and refresh tokens (encrypted at rest using AES-256 encryption)
Token expiration timestamps

We use this information solely to publish content to your connected accounts on your behalf. We do not read, analyze, or store your social media feeds, followers, or engagement data beyond what is necessary to display your connected accounts.

1.3 Content You Create

We store content you create through our Service, including:

Post text and scheduling information (Social Ninja)
Uploaded media files (images, videos)
Product configurations and license keys (License Ninja)
Trading strategy configurations (Strategy Ninja)

1.4 Payment Information

We do not directly collect or store credit card numbers or payment instrument details. All payment processing is handled by our third-party payment processor, who acts as the Merchant of Record. Please refer to their privacy policy for details on how they handle payment information.

1.5 Automatically Collected Information

IP address (logged during license validation requests and for security purposes)
Browser user agent string
Pages visited and actions taken within the Service
Session cookies required for authentication

2. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve the Service
Authenticate your identity and manage your account
Publish social media content on your behalf to your connected accounts
Process subscription billing through our payment processor
Validate software licenses on behalf of our License Ninja users
Send important account notifications (security alerts, billing issues, service changes)
Respond to your support requests
Detect and prevent fraud, abuse, or security incidents

We do not sell, rent, or trade your personal information to third parties. We do not use your data for advertising or marketing profiling.

3. Data Storage and Security

3.1 Storage

Your data is stored on secure servers hosted by our infrastructure provider in the United States. All data is stored in encrypted databases where applicable.

3.2 Encryption

Social media tokens are encrypted at rest using AES-256-CBC encryption with unique keys
Passwords are hashed using bcrypt with a cost factor of 12
All connections to our Service use TLS/HTTPS encryption in transit

3.3 Access Controls

Access to user data is restricted to authorized personnel only. All data queries are scoped to the authenticated user — users cannot access other users' data.

4. Data Sharing

We share your information only in the following circumstances:

Social Media Platforms: When you use Social Ninja to publish content, we transmit your post content and media to the platforms you have selected (e.g., Bluesky, X/Twitter, Facebook, Instagram). This is the core function of the Service and happens only at your direction.
Payment Processor: We share necessary billing information (name, email) with our payment processor to manage your subscription.
Legal Requirements: We may disclose your information if required by law, subpoena, court order, or governmental regulation.
Safety: We may disclose information if we believe it is necessary to prevent harm, fraud, or violations of our Terms of Service.

We do not use third-party analytics, advertising networks, or tracking pixels.

5. Cookies

We use only essential cookies required for the Service to function:

Session Cookie: Maintains your authenticated session. This cookie is deleted when you close your browser or log out. It contains no personal information — only a random session identifier.
CSRF Token: Protects against cross-site request forgery attacks on form submissions.

We do not use advertising cookies, tracking cookies, or third-party cookies. Because we only use strictly necessary cookies, no cookie consent banner is required under GDPR.

6. Your Rights

6.1 All Users

Regardless of your location, you have the right to:

Access: View all personal data we hold about you
Correction: Update or correct inaccurate personal data through your Account settings
Deletion: Request deletion of your account and all associated data
Export: Download a copy of your data in a machine-readable format

6.2 European Economic Area (EEA) — GDPR

If you are located in the EEA, you have additional rights under the General Data Protection Regulation:

Legal Basis: We process your data based on (a) your consent when you create an account, (b) contractual necessity to provide the Service, and (c) our legitimate interest in maintaining security and preventing fraud.
Right to Restrict Processing: You may request we limit how we process your data.
Right to Object: You may object to processing based on our legitimate interests.
Right to Data Portability: You may request your data in a structured, commonly used, machine-readable format (JSON).
Right to Withdraw Consent: You may withdraw consent at any time by deleting your account.
Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority.

6.3 California Residents — CCPA/CPRA

If you are a California resident, you have the following rights under the California Consumer Privacy Act and California Privacy Rights Act:

Right to Know: You may request what personal information we collect, use, and disclose.
Right to Delete: You may request deletion of your personal information.
Right to Opt-Out of Sale: We do not sell your personal information. No action is needed.
Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

6.4 Exercising Your Rights

To exercise any of the rights listed above:

Use the Account settings page in your dashboard to update your profile, export your data, or delete your account.
Contact us at [email protected] for any privacy-related requests.

We will respond to all requests within 30 days. We may ask you to verify your identity before processing a deletion or data export request.

7. Data Retention

Active Accounts: We retain your data for as long as your account is active.
Deleted Accounts: When you delete your account, we permanently delete all personal data within 30 days. Anonymized records may be retained for billing and legal compliance purposes (e.g., payment transaction records with personal identifiers removed).
Cancelled Subscriptions: Your account and data remain accessible after cancellation. Data is not deleted until you explicitly request account deletion.
Backups: Backups containing your data may persist for up to 90 days after deletion before being overwritten.

8. Children's Privacy

Our Service is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately and we will delete it.

9. International Data Transfers

Our servers are located in the United States. If you are accessing our Service from outside the United States, please be aware that your data will be transferred to and processed in the United States. By using our Service, you consent to this transfer. We ensure that appropriate safeguards are in place in accordance with applicable data protection laws.

10. Third-Party Services

Our Service integrates with the following categories of third-party services:

Social Media Platforms: Bluesky, X/Twitter, Facebook, Instagram, Threads, and others you choose to connect. Each platform has its own privacy policy governing how they handle content published through their APIs.
Payment Processing: Our payment processor handles all financial transactions. We do not have access to your full payment card details.
Hosting Infrastructure: Our hosting provider stores and serves all platform data.

11. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

Notify affected users via email within 72 hours of becoming aware of the breach
Notify the relevant data protection authorities as required by applicable law
Provide details on what data was affected and what steps we are taking to address the incident

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we will notify you via email. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]
Phone: 1-623-800-1727
Mail: Big App Studio LLC, Glendale, AZ, United States