Privacy Policy | BDS Growth Engine

BDS Growth Engine ("we", "our", or "us"), operated by Business Development Source Corp, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our professional content automation platform.

1. Information We Collect

We collect information necessary to provide our services, including:

Account Information: Name, email address, and business details provided during registration.
OAuth Data: Access tokens and profile information from connected social media accounts (Google, Facebook, Instagram, LinkedIn, TikTok).
Usage Data: Information about how you use our platform, including content drafts and scheduling preferences.
Agency Branding Data (White-Label Plan): Custom agency display name, logo image, brand colors, and favicon uploaded by White-Label Agency subscribers for platform customization.

OAuth Security: Users authorize their own social media accounts via official OAuth authorization flows. We do not collect or store passwords. Access tokens are stored securely and can be revoked by the user at any time.

2. How We Use Your Information

We use your information strictly to provide and improve our services.

To generate, manage, and publish content to your connected social media accounts only upon your specific request or enabled automation.
To maintain and improve the security and functionality of our platform.
To communicate with you regarding your account and service updates.

3. Google User Data Policy (Limited Use Disclosure)

Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, our application's use of information received from Gmail APIs (if applicable) or other Restricted Scopes is limited to providing or improving user-facing features that are prominent in the requesting application's user interface.

4. White-Label Branding Data

If you subscribe to our White-Label Agency plan, we collect and process additional branding data:

Branding Assets: Agency name, logo image files, primary and accent brand colors, and favicon images that you upload to customize the Platform's appearance.
Purpose: This data is used solely to apply your custom branding to the Platform interface for you, your staff, and your clients. It is not shared with third parties or used for any other purpose.
Visibility: Your branding data may be visible to your staff members and clients who access the Platform through your agency account. This is the intended purpose of the White-Label feature.
Storage: Logo and favicon images are stored on our servers. Upon cancellation of your White-Label subscription, branding data is removed and default Platform branding is restored.
Deletion: You may delete your branding data at any time through the Agency Branding settings in your account, or by requesting deletion from our support team.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share information only in the following circumstances:

Service Providers: With trusted third-party vendors who assist in operating our services (e.g., hosting, analytics), subject to strict confidentiality agreements.
Legal Compliance: If required by law, regulation, or legal process.
Business Transfers: In connection with a merger, sale, or asset transfer, provided the receiving party agrees to respect this policy.

6. AI-Powered Services & Data Processing

Our platform uses third-party artificial intelligence services to generate marketing content on your behalf. The following AI providers are integrated into our platform:

OpenAI (GPT-4o): Used to generate marketing scripts, blog articles, social media captions, and visual scene descriptions based on content topics and brand voice preferences you provide. OpenAI Privacy Policy.
Microsoft Edge TTS: Used for text-to-speech narration in generated videos. Only the script text you create is sent to this service. Microsoft Privacy Statement.
Kokoro TTS (Self-Hosted): An open-source text-to-speech engine hosted on our own servers. Script text is processed locally and is not sent to any external third party.
Pexels & Pixabay: Used to source royalty-free stock video footage based on search queries generated from your content. No personal data is shared with these services. Pexels Privacy Policy | Pixabay Privacy Policy.

Google User Data Isolation: No data obtained through Google OAuth scopes (including access tokens, profile information, or any Google account data) is ever transmitted to any AI service provider. AI services receive only user-provided content inputs such as topics, brand voice preferences, and script text.

6.1 Data Sent to AI Providers

The following types of data may be sent to third-party AI providers:

Content topics and keywords you provide
Brand voice and style preferences you select
Brand website content (if you provide a URL for brand research)
Generated script text (for text-to-speech conversion)

We do not send the following to any AI provider:

Your name, email, or account credentials
OAuth access tokens or refresh tokens
Social media account data
Payment or billing information

7. Data Protection & Security Measures

We implement industry-standard security measures to protect your data:

Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2+ (HTTPS). All communications with third-party API providers are conducted over encrypted HTTPS connections.
Encryption at Rest: Sensitive data stored in our database, including OAuth access tokens and API keys, is encrypted at rest.
Access Controls: Platform access is protected by authenticated sessions with secure token-based authentication (JWT). Role-based access controls restrict data visibility based on user roles (Super Admin, Agency Admin, Staff, Client).
OAuth Token Security: Social media access tokens are stored securely, transmitted only over encrypted channels, and are never exposed to client-side code. Users can revoke access tokens at any time through their account settings or directly through the social media platform.
Minimal Data Collection: We collect only the data necessary to provide our services. AI service requests contain only content-related inputs — never personal identifiers or Google user data.
Third-Party Security: All third-party AI and media providers used by our platform maintain their own security certifications and data protection policies. We select providers that meet industry-standard security requirements.
Regular Reviews: We periodically review our security practices, access logs, and third-party integrations to ensure continued compliance with data protection standards.

8. Data Retention and Deletion

We retain your data only as long as necessary to provide our services. You may request the deletion of your account and all associated data at any time by contacting support or using the deletion tools within your dashboard.

Upon revocation of social media access, we immediately delete associated access tokens.

9. Your Rights

Depending on your location, you may have rights regarding your personal data, including accessing, correcting, or deleting your information. To exercise these rights, please contact us.

9.1 White-Label Subscriber Rights

In addition to the rights above, White-Label Agency subscribers may:

Update or replace branding assets at any time through the Settings page.
Request complete removal of all branding data by contacting support.
Export a summary of all branding data stored on your behalf upon request.

10. White-Label Services & Social Media Connections

Social media account connections (e.g., Google, Facebook, LinkedIn) are powered by BDS Growth Engine's enterprise infrastructure. When users connect their social media accounts, the authorization consent screen will display "BDS Growth Engine" as the requesting application. This is required by the social media platforms and does not affect any white-label presentation within the Platform interface.

11. Limitation of Liability

BDS GROWTH ENGINE, BUSINESS DEVELOPMENT SOURCE CORP (ITS PARENT COMPANY), AND THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AND AFFILIATES ACCEPT NO LIABILITY WHATSOEVER FOR: (A) ANY CONTENT GENERATED, APPROVED, OR PUBLISHED BY USERS; (B) ANY DATA PROCESSED THROUGH THE PLATFORM; (C) ANY ACTIONS TAKEN BY USERS OR THEIR CLIENTS THROUGH THE PLATFORM; (D) ANY THIRD-PARTY PLATFORM CHANGES, OUTAGES, OR API MODIFICATIONS; (E) ANY CONSEQUENCES OF AUTOMATED OR MANUAL CONTENT PUBLISHING, INCLUDING BUT NOT LIMITED TO CONTENT PUBLISHED VIA THE AUTO-PILOT OR AUTOMATION TOGGLE FEATURES. BY ENABLING ANY AUTOMATION FEATURE, YOU ACKNOWLEDGE THAT YOU HAVE REVIEWED AND ACCEPTED FULL RESPONSIBILITY FOR ALL AUTOMATED PUBLICATIONS AND WAIVE ANY CLAIMS AGAINST BDS GROWTH ENGINE AND BUSINESS DEVELOPMENT SOURCE CORP. YOUR USE OF THIS PLATFORM IS ENTIRELY AT YOUR OWN RISK.

12. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Business Development Source Corp
General: bdsgrowthengine@businessdevelopmentsource.com
Legal: legal@businessdevelopmentsource.com
Support: support@businessdevelopmentsource.com
Abuse: abuse@businessdevelopmentsource.com