Privacy Policy

Ana & Co - Affiliate & KOL Management System

Last updated: 6 December 2025

At Ana & Co, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our Affiliate and KOL Management System.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Full name and business name
  • Email address
  • Phone number (optional)
  • Company information and website
  • Password (encrypted)
  • Payment and billing information

1.2 Social Media Data (Instagram & Facebook)

When you connect your Instagram or Facebook account via Meta API, we collect:

  • Profile information (username, profile picture, bio)
  • Media content (posts, photos, videos, captions)
  • Engagement metrics (likes, comments, shares, saves)
  • Follower and following count
  • Stories and Reels data
  • Insights and analytics (reach, impressions, demographics)
  • Account performance over time

1.3 TikTok Data

When you connect your TikTok account via TikTok API, we collect:

  • Profile information (username, display name, avatar, bio)
  • Video content and metadata
  • Engagement statistics (views, likes, comments, shares)
  • Follower count and growth metrics
  • Video analytics and performance data
  • Audience demographics and insights

1.4 Campaign and Performance Data

  • Campaign details and objectives
  • Affiliate links and tracking codes
  • Conversion data and sales attribution
  • Commission and payment records
  • Communication history between brands and affiliates

1.5 Technical and Usage Data

  • IP address and device information
  • Browser type and version
  • Operating system
  • Log data and activity timestamps
  • Cookies and similar tracking technologies

2. How We Use Your Information

We use the collected information for the following purposes:

Service Provision

To provide, maintain, and improve our Affiliate and KOL Management System

Analytics and Reporting

To generate insights, analytics, and performance reports for campaigns

Campaign Management

To facilitate collaboration between brands, affiliates, and influencers

Payment Processing

To process commissions, track earnings, and manage payments

Communication

To send service updates, notifications, and support messages

Security and Fraud Prevention

To protect against unauthorized access, fraud, and abuse

Legal Compliance

To comply with legal obligations and platform policies

3. Data Storage and Security

3.1 Storage Infrastructure

Your data is stored on secure cloud servers with the following protections:

  • Encryption at rest using industry-standard algorithms
  • TLS/SSL encryption for data in transit
  • Regular security audits and vulnerability assessments
  • Secure backup and disaster recovery procedures
  • Multi-factor authentication support

3.2 Access Controls

Access to your data is strictly limited to authorized personnel who need it to provide services. All employees sign confidentiality agreements and undergo security training.

3.3 Data Retention

We retain your data:

  • For as long as your account is active
  • As needed to provide services and comply with legal obligations
  • Social media data is refreshed according to API rate limits
  • After account deletion, data is removed within 90 days unless legally required

4. Data Sharing and Disclosure

Important Note

We do not sell, rent, or trade your personal information. We only share data in the following limited circumstances:

4.1 Within the Platform

  • Performance data shared between brands and their affiliates/KOLs
  • Campaign results visible to authorized team members

4.2 Service Providers

We work with trusted third-party service providers for:

  • Cloud hosting and infrastructure
  • Payment processing
  • Email delivery and communications
  • Analytics and monitoring

4.3 Social Media Platforms

Data is accessed through and subject to Meta (Instagram/Facebook) and TikTok platform policies. These platforms may independently collect data about your activity.

4.4 Legal Requirements

We may disclose information when required by law, legal process, or to protect rights, property, or safety of Ana & Co, our users, or others.

4.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity.

5. Your Rights and Choices

You have the following rights regarding your personal data:

Right to Access

Request a copy of all personal data we hold about you

Right to Correction

Update or correct inaccurate or incomplete information

Right to Deletion

Request deletion of your personal data (right to be forgotten)

Right to Data Portability

Receive your data in a structured, machine-readable format

Right to Revoke Access

Disconnect social media accounts and revoke API permissions at any time

Right to Object

Object to certain processing activities or restrict processing

Right to Withdraw Consent

Withdraw consent for data processing where consent is the legal basis

How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@anaandco.com. We will respond to your request within 30 days.

6. Social Media Platform Compliance

Meta (Instagram & Facebook) Compliance

Our use of Instagram and Facebook data complies with:

  • Meta Platform Policy and Terms of Service
  • Instagram Basic Display API requirements
  • Facebook Platform Terms and Data Use Policy
  • We only request permissions necessary for service functionality
  • You can revoke access anytime through Instagram/Facebook settings

To Disconnect Instagram/Facebook:

Go to Settings → Security → Apps and Websites → Remove Ana & Co

TikTok Platform Compliance

Our use of TikTok data complies with:

  • TikTok Developer Terms of Service
  • TikTok API Terms and Policies
  • TikTok Privacy Policy and Community Guidelines
  • Data is accessed only with explicit user authorization
  • You can disconnect your TikTok account at any time

To Disconnect TikTok:

Go to Settings → Privacy → Apps and Websites → Remove Ana & Co

7. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will post the updated policy on this page and update the "Last Updated" date at the top. We encourage you to review this Privacy Policy periodically for any changes.

8. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: support@dgbox.id