Privacy Policy
Last updated: May 2026
This Privacy Policy explains how Blogauto.ai (operated by Webcomp Digitex, Mumbai, India) collects, uses, stores, and protects your personal information when you use our autoblogging platform. We have written this policy in plain language so the protections we provide are clear. If anything is unclear, email us at support@blogauto.ai.
1. Information We Collect
We collect information that falls into three categories. First, account information you provide directly: your name, email address, password (hashed), business name, and country. Second, integration credentials needed to publish on your behalf: WordPress site URLs, application passwords (encrypted at rest), Shopify access tokens, Ghost API keys, and Webflow site IDs. Third, usage data generated as you use the platform: articles you create, topics you generate, credits consumed, brand voice settings, publication timestamps, and SEO performance metrics for content we help you publish.
2. How We Use Your Information
Your information is used to provide the Blogauto.ai service: generating AI-written articles in your brand voice, publishing to your connected platforms, processing your billing, sending account notifications, and providing customer support. We also use aggregated and anonymised usage data to improve our AI prompts, debug platform issues, and prioritise feature development. We do not sell your personal data to advertisers or third-party marketers, ever.
3. Third-party Services We Use
Blogauto.ai relies on several third-party services to function. Razorpay processes all payments and stores card details (we never see or store your card number). Anthropic and Google AI services process article generation and image creation requests — these requests include your topic, brand voice settings, and generated content, but never your account credentials. Our infrastructure is hosted on enterprise cloud servers. Each provider operates under their own privacy policies, and our agreements with them require equivalent data-protection standards.
4. WordPress and Platform Credentials
Your WordPress Application Passwords, Shopify access tokens, and other publishing credentials are encrypted at rest using strong industry-standard encryption. We recommend using platform-specific application passwords or API tokens — never your main account password. Credentials are used only to publish content on your behalf and are never logged in plain text, displayed to support staff, or shared externally. You can revoke credentials anytime from your account settings or from your originating platform (WordPress, Shopify, etc.).
5. Data Storage and Security
Your data is stored on secure cloud servers. We use TLS encryption for all data in transit and strong encryption for sensitive data at rest, including credentials and payment information. Access to production systems is restricted to authorised personnel. We follow security best practices and review our infrastructure regularly. If a data breach were to occur, we would notify affected users without undue delay and report to the relevant authorities as required under the Digital Personal Data Protection Act 2023 (India).
6. Cookies and Tracking
We use essential cookies for authentication (keeping you logged in) and minimal first-party analytics to understand which features are used most. We do not use third-party advertising cookies, tracking pixels, or session replay tools. We do not share cookie data with advertisers. Cookie preferences can be managed through your browser settings. The cookie consent banner you see on your first visit reflects your real choices — declining non-essential cookies disables them throughout your session.
7. Your Rights Under DPDP Act and GDPR
If you are based in India, the Digital Personal Data Protection Act 2023 gives you the right to access your personal data, request correction of inaccuracies, request erasure (right to be forgotten), and lodge complaints with the Data Protection Board of India. If you are based in the EU, the GDPR gives you equivalent rights including data portability. To exercise any of these rights, email support@blogauto.ai with your account email — we respond to all data rights requests within 7 business days and complete them within 30 days as required by law.
8. Data Retention
Account data is retained for as long as your account is active. If you cancel your subscription, account data is retained for 90 days in case you want to reactivate. After 90 days of inactivity, accounts and associated data are scheduled for permanent deletion. You may request immediate deletion of your account and all data by contacting support@blogauto.ai — we will complete deletion within 30 days of request. Some anonymised aggregate data (with no personally identifiable information) may be retained longer for legitimate business analytics.
9. Minors Under 18
Blogauto.ai is a business tool intended for users 18 years and older. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account with us, contact support@blogauto.ai and we will delete the account promptly.
10. International Data Transfers
If you access Blogauto.ai from outside India, your data may be transferred to and processed on servers located in other jurisdictions. By using the platform, you consent to this transfer. We ensure equivalent data-protection standards regardless of where your data is processed, as required by GDPR and equivalent regulations.
11. Updates to This Policy
We may update this Privacy Policy to reflect changes in our practices, legal requirements, or platform features. Material changes will be communicated via email to your account address at least 14 days before they take effect. Continued use of Blogauto.ai after a policy update constitutes acceptance of the updated terms. The current version of this policy is always available at blogauto.ai/privacy.
12. Contact
For privacy concerns, data rights requests, or any questions about this policy, contact us at support@blogauto.ai. We respond to all privacy-related inquiries within 7 business days. For urgent privacy concerns or suspected data breaches, include URGENT PRIVACY in your subject line.