security

Frank Rabbit users access the platform through individual user accounts.

We use security measures designed to protect account access, including:

• secure login and signup flows;
• password hashing;
• session protection;
• HTTPS/TLS encryption in transit;
• protections against common web risks such as cross-site request forgery;
• restricted access to account and workspace data.

Users are responsible for keeping their login details secure and for notifying us if they believe their account has been accessed without permission.

Frank Rabbit connects to supported social platforms, such as LinkedIn, Instagram, TikTok and YouTube, using OAuth or other authorised platform permission flows.

We only request permissions that are needed to provide user-facing features, such as:

• connecting a social profile, page, channel or organisation;
• scheduling or publishing content approved by the user;
• retrieving available analytics and performance metrics;
• displaying connected account information inside Frank Rabbit.

Frank Rabbit does not ask users to share their social media passwords.

Where OAuth tokens or similar credentials are used, we store and handle them securely and restrict access to authorised systems and personnel only.

Users can disconnect supported social accounts from Frank Rabbit where available, or revoke Frank Rabbit’s access directly through the relevant social platform.

Frank Rabbit is designed to process only the data required to provide the service.

Depending on the features used, this may include:

• user account details;
• connected social account identifiers;
• scheduled posts and media;
• publishing status;
• imported analytics and performance data;
• workspace and team information;
• technical logs needed to operate and secure the service.

We do not sell personal data.

More information about how we collect, use and retain personal data is available in our Privacy Policy.

Frank Rabbit is hosted using trusted infrastructure and service providers.

We use measures designed to protect the platform, including:

• HTTPS for secure communication;
• controlled access to production systems;
• environment separation where appropriate;
• secure configuration of application services;
• monitoring and logging for operational and security purposes;
• backups and recovery procedures where appropriate.

Access to production systems is limited to people who need it to operate, maintain or support the platform.

We take steps to reduce common application security risks, including:

• validating user input;
• protecting authenticated sessions;
• limiting access based on account, workspace and role;
• avoiding unnecessary collection of sensitive data;
• reviewing changes before deployment where appropriate;
• monitoring errors and unusual activity;
• keeping dependencies and systems updated where practical.

Frank Rabbit is continuously improved, and our security measures may evolve as the platform grows.

Frank Rabbit is designed so that users remain in control of connected social accounts and publishing activity.

We do not publish content to a connected social account unless an authorised user has created, scheduled, approved or otherwise requested that action through Frank Rabbit.

Users are responsible for ensuring that the content they create, schedule and publish complies with applicable laws and the terms and policies of each connected social platform.

Access to Frank Rabbit data is restricted based on user accounts, workspaces and permissions.

Internal access to user data is limited to authorised personnel who require access for legitimate purposes, such as support, maintenance, security, debugging or legal compliance.

We expect personnel and service providers with access to systems or data to handle information responsibly and confidentially.

If we become aware of a security incident affecting Frank Rabbit users or personal data, we will investigate and take appropriate action.

Where required, we will notify affected users, regulators or other relevant parties in accordance with applicable law.

Users can report suspected security issues to us here.

We welcome responsible reports of security vulnerabilities.

If you believe you have found a security issue in Frank Rabbit, please contact us here.

Please include enough detail for us to understand and reproduce the issue. We ask that you do not access, modify, delete, download or share data that does not belong to you, and that you do not disrupt the availability of the Frank Rabbit service.

We will review valid reports and take appropriate action where necessary.

Frank Rabbit integrates with third-party platforms and APIs, including social media services.

These platforms may change their APIs, permissions, availability, policies, rate limits or review requirements. We design our integrations to use authorised access methods and comply with applicable platform requirements.

Users should also review the privacy, security and account settings of each social platform they connect to Frank Rabbit.

Users can help keep their Frank Rabbit account secure by:

• using a strong, unique password;
• keeping login credentials private;
• limiting workspace access to trusted users;
• removing users who no longer need access;
• disconnecting social accounts that are no longer needed;
• reviewing scheduled posts before publication;
• contacting us if suspicious activity is noticed.

For security questions or vulnerability reports, contact:

Frank Rabbit. Email here.

Website: https://frankrabbit.com/