Privacy Policy
Last updated: July 13, 2026
Downtown Digital Den (“Downtown Digital Den,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, store, share, and protect information in connection with:
- our website at downtowndigitalden.com (the “Site”); and
- our automation services, including a Meta (Facebook) content-posting application that we operate using n8n workflow automation and the Meta Graph API (the “Services”).
By using the Site or authorizing our application to connect to your Facebook or Instagram account, you agree to the practices described in this Privacy Policy.
1. Who we are
Downtown Digital Den is a limited liability company (LLC) organized in the State of North Dakota, USA. We are a digital agency that builds websites, automations, and AI agents, and we offer a membership program with free and paid tiers. For the purposes of applicable data protection laws, we act as the data controller for personal data processed through the Site and our membership, and as a service provider/processor when we operate automation workflows on behalf of our clients.
Contact: 12 S Main St, Minot, ND 58701, USA · downtowndigitalden@gmail.com
2. Information we collect
2.1 Information you provide through the Site
When you submit our contact form or otherwise reach out about our services, we collect the name, email address, and message you provide (and any other details you choose to share) so that we can respond to and follow up on your inquiry. Because we offer digital services, we treat these submissions as potential sales inquiries.
2.2 Account, membership & payment information
When you create an account or subscribe to a paid membership, we collect your name, email address, and authentication data. Passwords are stored in hashed form by our authentication provider (Supabase) and are never visible to us. If you purchase a membership, payment is processed by Stripe; we do not receive or store your full card number. We retain only limited billing information such as your Stripe customer ID, subscription status, plan, and renewal date.
2.3 Meta (Facebook & Instagram) Platform data
Our automation application connects to Meta’s platform through the Facebook Login and Graph API. When you (or a client on whose behalf we operate) authorize the application, we may access and process the following, strictly limited to the permissions you grant:
- Basic account/profile information — the name and ID associated with the connecting account, used to identify the authorizing user.
- Facebook Page and Instagram account details — the Pages/accounts you manage, their IDs, and metadata needed to publish on your behalf.
- Page and user access tokens — the OAuth tokens issued by Meta that allow the application to publish content to the Pages/accounts you authorize.
- Content you schedule or publish — text, images, links, and media that you or your automation workflow submit to be posted.
- Publishing results and basic insights — the IDs and status of posts we create, and limited engagement/insights data where you have granted the relevant permissions.
We only request the minimum Meta permissions required to provide the posting functionality (for example, permissions such as pages_manage_posts, pages_read_engagement, and pages_show_list). We do not request access to private messages, friend lists, or data unrelated to publishing content.
2.4 Automatically collected information
Like most websites, our Site and hosting provider automatically collect limited technical data such as IP address, browser type, device information, and pages visited. We use Vercel Analytics to understand aggregate, privacy-friendly usage of the Site; it does not use cookies to track you across sites.
3. How we use information
- To respond to inquiries you submit through the Site.
- To create and manage your account and membership, process payments, and provide member-only content and features.
- To follow up about services you have expressed interest in, and — where permitted — to send occasional updates about our services. You can opt out of marketing emails at any time via the unsubscribe link or by contacting us.
- To operate the automation Services — specifically, to publish and schedule content to the Facebook Pages and Instagram accounts you have authorized.
- To maintain, secure, debug, and improve the Site and Services.
- To comply with legal obligations and enforce our terms.
We do not sell your personal information or Meta Platform data, and we do not use Meta Platform data for advertising, profiling, or any purpose other than providing the publishing functionality you requested.
4. Use of Meta Platform data (Platform Terms compliance)
Our use and transfer of information received from the Meta APIs adhere to the Meta Platform Terms and Developer Policies, including the Limited Use requirements. Meta Platform data is used solely to deliver and improve the posting features you authorize, is never sold or shared for advertising, and is retained only as long as needed for that purpose.
5. How we store and protect data
Automation workflows run on n8n, and application/account data (such as access tokens and configuration) is stored in a secured Supabase (PostgreSQL) database. Access tokens and other sensitive credentials are stored with access restricted to authorized administrators.
Payments and subscription billing are handled by Stripe, a PCI-DSS compliant payment processor; card details are stored by Stripe, not by us.
We apply reasonable technical and organizational safeguards — including encryption in transit (HTTPS), access controls, Row Level Security on our database, and administrator authentication — to protect data against unauthorized access, loss, or disclosure. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
6. How we share information
We share information only in the following limited circumstances:
- Service providers that help us operate the Site and Services, including Meta Platforms (to publish content), Stripe (payment processing and subscription billing), Supabase (authentication and database), Vercel (hosting and analytics), n8n (workflow automation), and Resend (transactional email for the contact form). These providers process data on our behalf under their own terms.
- Legal reasons — when required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Downtown Digital Den, our users, or others.
- Business transfers — in connection with a merger, acquisition, or sale of assets, in which case we will require the recipient to honor this Privacy Policy.
7. Data retention and deletion
We retain personal data and Meta Platform data only for as long as necessary to provide the Services or as required by law. Access tokens are deleted when you disconnect the application, revoke access, or request deletion.
You can revoke our application’s access at any time from your Facebook settings under Settings & Privacy → Settings → Business Integrations, which immediately stops our ability to publish on your behalf.
How to request deletion of your data
To request deletion of the data associated with your account, email downtowndigitalden@gmail.com with the subject line “Data Deletion Request” and include the Facebook Page or account name connected to the application. We will delete the associated access tokens and stored Platform data within 30 days and confirm once completed.
8. Your rights
Depending on your location, you may have rights to access, correct, delete, or restrict the processing of your personal data, and to object to certain processing or withdraw consent. To exercise these rights, contact us at downtowndigitalden@gmail.com. We will respond in accordance with applicable law.
9. Children’s privacy
Our Site and Services are not directed to children under 13 (or the minimum age required in your jurisdiction), and we do not knowingly collect personal data from children. If you believe a child has provided us personal data, please contact us and we will delete it.
10. Governing law & international users
This Privacy Policy and any dispute relating to it are governed by the laws of the State of North Dakota, USA, without regard to its conflict-of-laws principles.
We are based in the United States and process data there. If you access the Services from outside the United States, you understand that your information may be transferred to and processed in the United States, which may have different data protection rules than your country.
11. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above and, where appropriate, provide additional notice. Your continued use of the Site or Services after changes take effect constitutes acceptance of the updated policy.
12. Contact us
If you have questions or requests regarding this Privacy Policy or your data, contact us at:
Downtown Digital Den
12 S Main St, Minot, ND 58701, USA
downtowndigitalden@gmail.com