1. Information We Collect

We collect different information depending on how you interact with us.

1.1 Marketing and Website Contact Information

When you fill out a contact or lead form, subscribe to updates, or request information, we collect:

• Name, email address, phone number

• Company name and business details

• Message content

1.2 Application Account Information

When you sign up for MyPost Social, DealerPost Social, or another RealDealerAI application, we additionally collect:

• Password (stored as a cryptographic hash; never stored in plain text)

• Business or dealership profile details you provide during onboarding

1.3 Business Profile Content (MyPost Social and DealerPost Social)

Our publishing products are designed to hold business content you choose to provide so we can generate posts on your behalf. This may include: • Business or dealership description, services, hours, and contact information

• Customer reviews you upload or import

• Knowledge base entries, FAQs, and special offers

• Logos, images, and other media you upload

• URLs of your business website and competitor pages you ask us to analyze

1.4 Connected Social Account Data (MyPost Social and DealerPost Social)

If you connect a social media account (such as a Facebook Page, or in the future a LinkedIn account), we receive and store:

• OAuth access tokens (and refresh tokens where applicable) required to post on your behalf

• Account or Page identifiers (e.g., Facebook Page ID, LinkedIn URN)

• Account or Page names, profile pictures, and basic metadata needed for display

• Only the permissions you explicitly grant during connection

We request only the permissions required to list the accounts or Pages you own or manage and to publish content you have created or approved. We do not access your personal timeline, private messages, friend lists, or any content unrelated to publishing on your behalf.

1.4 Connected Social Account Data (MyPost Social and DealerPost Social)

If you connect a social media account (such as a Facebook Page, or in the future a LinkedIn account), we receive and store:

• OAuth access tokens (and refresh tokens where applicable) required to post on your behalf

• Account or Page identifiers (e.g., Facebook Page ID, LinkedIn URN)

• Account or Page names, profile pictures, and basic metadata needed for display

• Only the permissions you explicitly grant during connection

We request only the permissions required to list the accounts or Pages you own or manage and to publish content you have created or approved. We do not access your personal timeline, private messages, friend lists, or any content unrelated to publishing on your behalf.

1.5 Generated Content

Posts, captions, and images generated by MyPost Social or DealerPost Social on your behalf are stored in your account history so that you can review, edit, and audit them.

1.6 Technical Information

We automatically collect technical data, including IP address, browser type, device information, and usage data, for analytics and security purposes.

1.7 Communication Data

Emails, messages, or conversations exchanged through our chat, SMS, or voice automation services.

1.8 Usage and Billing Data

We collect data about your use of our paid services, including feature usage, AI generation events, and billing-related events.

1.9 Payment Information

If you subscribe to a paid plan, payment is processed by our payment processor, Biller Genie. We do not store full payment card numbers on our servers. We retain only billing metadata such as subscription status, invoice IDs, and the last four digits of the card.

1.10 Vehicle Inventory Data (DealerPost Social)

When you use DealerPost Social as a dealership, we access vehicle inventory data from your connected inventory source via our DealerPost integration. This may include:

• Vehicle year, make, model, trim, and body style

• VIN (Vehicle Identification Number)

• Mileage, price, and stock number

• Vehicle photos and descriptions

• Inventory status (e.g., available, sold)

We use this data solely to generate inventory-related social posts (such as New Arrival Spotlight, Inventory Spotlight, Featured Unit, Just Listed, and Just Sold posts) and to publish those posts on your behalf. We do not access, pull, or store customer, lead, or buyer information from your DMS or inventory feed.

1.11 Customer-Provided Content for Sold and Delivery Posts (DealerPost Social)

DealerPost Social allows dealership staff to manually upload photos and details for "Just Sold," delivery, or similar posts. The amount of customer information you include is entirely at your discretion — the feature works with as much or as little information as you provide, and customer name and other details are not required.

If you upload customer photos or personal details:

• You (the dealership) are responsible for obtaining the customer's consent for their image and any personal details to be used in social media posts. RealDealerAI does not collect, verify, or store proof of this consent.

• We process the uploaded content solely to generate the post you have requested.

• Uploaded customer images and details are stored in your account history alongside the resulting post. You agree not to upload customer photos or personal information without the customer's consent. See our Terms and Conditions for the related representations and warranties.

2. How We Use Your Information

We use the information we collect to:

• Provide and improve our services, including marketing automation, chatbot, voice agents, and social media publishing

• Generate and publish posts on your behalf (MyPost Social and DealerPost Social)

• Analyze business and competitor URLs you submit to generate relevant content

• Process vehicle inventory data to generate inventory-related posts (DealerPost Social)

• Authenticate your account and maintain session security

• Communicate with you regarding inquiries, updates, and offers

• Send marketing or promotional communications (with your consent)

• Process payments and manage subscriptions

• Ensure compliance with A2P 10DLC messaging regulations

• Analyze usage patterns to enhance performance and security

• Enforce our Terms of Service and comply with legal obligations

3. Email & SMS Marketing

By submitting your contact information, you agree to receive updates, marketing campaigns, and promotional offers from RealDealerAI.

• You may unsubscribe or opt out at any time by clicking the "Unsubscribe" link in our emails or replying "STOP" to text messages.

• We fully comply with the CAN-SPAM Act and A2P 10DLC guidelines.

4. Data Sharing & Third-Party Service Providers (Sub-Processors)

We do not sell, rent, or trade your personal data.

We rely on the following trusted providers to operate our services. Each processes data only for the purposes described below, and only to the extent necessary to deliver the services.