1. Who We Are

Entire Feed Ltd ("entire_feed", "we", "us", or "our") is the data controller responsible for your personal data. We are a company registered in England and Wales.

Registered Address: 128 City Road, London, EC1V 2NX, United Kingdom

Contact Email: dionysis@entirefeed.com

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights. It applies to visitors of our website (entirefeed.com), users of the entire_feed web application and dashboard (the "Platform"), and clients who engage our managed service.

This policy also serves as the privacy disclosure for the purposes of third-party platform app reviews, including TikTok, Instagram, and YouTube.

2. What Data We Collect

2.1 Website Visitors

When you visit entirefeed.com or use our contact form, we may collect:

(a) Contact Information: name, email address, company name, and any message you submit through our contact form.

(b) Usage Data: we may use basic analytics to understand site traffic (e.g. page views, referral source). We do not currently use cookies for advertising or tracking purposes.

2.2 Platform Users (Dashboard)

When you create an account on the Platform, we collect:

(a) Account Information: email address, name, password (stored securely in hashed form), and company name.

(b) Client Business Information: legal company name, registered address, product name and type, target audience demographics, brand guidelines and assets, and deployment region preferences. This information is collected during onboarding to configure the service.

(c) Attribution and Tracking Data: client-provided tracking links (e.g. Adjust, AppsFlyer URLs) for measuring campaign performance.

(d) Platform Performance Data: view counts, engagement rates, posting metrics, eCPM data, and account health status visible in the dashboard. This data is derived from the social media platforms where managed accounts operate.

2.3 Managed Social Media Accounts

As part of delivering our service, we create and manage social media accounts on behalf of clients. In this context:

(a) AI-Generated Personas. We generate fictional personas using general demographic characteristics of the client’s target audience. We do not use real individuals’ names, images, or likenesses. Personas are entirely synthetic.

(b) Account Data. We handle the credentials, profile information, and content associated with managed accounts. Under the default arrangement (Option 1), these accounts belong to the client. Under Option 2, they belong to entire_feed.

(c) Device & Network Data. Accounts are operated on real physical devices. For TikTok, we use SIM cards from the target country for geo-authentication. For Instagram, VPN-based geo-targeting may be used. We do not collect personal data from end-users who view or interact with the content posted by managed accounts.

(d) Content Performance Data. We collect metrics from the social platforms (views, likes, shares, comments, follower counts) to report on campaign performance and optimise content strategy.

2.4 Data We Do NOT Collect

We want to be explicit about what we do not do:

(a) We do not collect personal data from end-users who view, like, or comment on content posted by managed accounts.

(b) We do not scrape, harvest, or store personal data from social media platforms beyond what is provided through standard platform APIs and publicly visible metrics.

(c) We do not use facial recognition or biometric data.

(d) We do not sell personal data to any third party.

3. How We Use Your Data

We use the data we collect for the following purposes:

Service Delivery. To set up, operate, and manage social media accounts; generate and post content; provide dashboard access; and deliver reporting and analytics.

Communication. To respond to your contact form submissions, provide service updates, and communicate about your engagement.

Service Improvement. To analyse performance data in aggregate to improve our AI content generation, posting strategies, and platform operations.

Legal & Compliance. To comply with legal obligations, enforce our Terms of Service, and protect our rights.

4. Legal Basis for Processing (UK GDPR)

Under the UK General Data Protection Regulation, we process your personal data on the following legal bases:

Contract. Processing is necessary for the performance of a contract with you (e.g. delivering the managed service under a Pilot Agreement).

Legitimate Interests. We process data where we have a legitimate business interest, such as improving our service, analysing aggregate performance data, and communicating with prospective clients who contact us.

Consent. Where required (e.g. for marketing communications), we will obtain your consent before processing.

Legal Obligation. Where we are required to process data to comply with applicable law.

5. Who We Share Data With

We do not sell your personal data. We may share data with the following categories of recipients:

Social Media Platforms. We interact with TikTok, Instagram (Meta), YouTube (Google), and other platforms through their standard interfaces to create accounts, post content, and retrieve performance data. These platforms process data according to their own privacy policies.

Cloud Infrastructure & Tools. We use cloud services (e.g. hosting providers, AI model providers) to operate the Platform and generate content. These providers process data on our behalf under appropriate data processing agreements.

Professional Advisors. We may share data with legal, accounting, or other professional advisors where necessary.

Legal Requirements. We may disclose data if required by law, regulation, legal process, or governmental request.

Business Transfers. In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction.

6. TikTok & Platform-Specific Disclosures

For the purposes of TikTok’s app review and API compliance:

(a) We access TikTok through standard platform interfaces to create and manage accounts, post video content, and retrieve publicly available performance metrics (views, likes, shares, comments, follower counts).

(b) We do not access, collect, or store private user data of TikTok viewers or commenters.

(c) Content posted through our service is AI-generated short-form video. It does not contain real individuals’ likenesses unless the client explicitly provides and authorises such content.

(d) We use SIM cards from target countries to authenticate accounts in the appropriate geographic region, in accordance with TikTok’s regional requirements.

(e) We do not use TikTok data for any purpose other than delivering our managed content service to our clients and reporting performance back to them.

(f) The same principles apply to Instagram (Meta), YouTube (Google), and any other platform we operate on.

7. Data Retention

We retain your data for as long as necessary to deliver the Service and fulfil the purposes described in this policy:

Contact Form Data: retained for up to 24 months after your last communication with us, unless a client relationship is established.

Client & Platform Data: retained for the duration of the engagement plus 12 months after termination, to support any post-engagement queries, reporting obligations, or legal requirements.

Performance & Analytics Data: retained in aggregate (non-personally-identifiable) form indefinitely for service improvement purposes.

Account Credentials: upon termination and completion of any account transfer or handover, we delete or transfer credentials within 30 days.

8. Data Security

We implement appropriate technical and organisational measures to protect your data, including: secure password hashing, encrypted data transmission (HTTPS/TLS), access controls limiting data access to authorised personnel, and secure credential management for managed social media accounts.

While we take reasonable steps to protect your data, no method of transmission or storage is completely secure. We cannot guarantee absolute security.

9. International Data Transfers

As a UK-registered company operating a global service, your data may be transferred to and processed in countries outside the United Kingdom. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent mechanisms approved under UK data protection law.

10. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

Access. You can request a copy of the personal data we hold about you.

Rectification. You can ask us to correct inaccurate or incomplete data.

Erasure. You can request deletion of your data where there is no legitimate reason for us to continue processing it.

Restriction. You can ask us to restrict processing in certain circumstances.

Portability. You can request your data in a structured, commonly used, machine-readable format.

Objection. You can object to processing based on our legitimate interests.

Withdraw Consent. Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, contact us at dionysisxynos@gmail.com. We will respond within 30 days. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk.

11. Cookies

The Website currently uses minimal cookies that are essential for basic site functionality (e.g. session management). We do not use advertising cookies, retargeting pixels, or third-party tracking cookies.

If we introduce additional cookies in the future, we will update this policy and provide appropriate consent mechanisms.

12. Children’s Privacy

Our Service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child, we will take steps to delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected in the "Last Updated" date at the top of this page and, where feasible, communicated to active clients by email.

14. Contact Us

If you have any questions about this Privacy Policy, your data, or wish to exercise your rights, please contact:

Entire Feed Ltd

128 City Road, London, EC1V 2NX, United Kingdom

Email: dionysis@entirefeed.com

Website: entirefeed.com