Commenter App Privacy Policy

Introduction

Commenter is a Facebook-connected application operated by Backfield Digital Kft. (“we,” “us,” or “our”). This Privacy Policy explains what information we collect from you when you use Commenter, how we use and store that information, and under what circumstances (if any) we share it. We are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable privacy laws.

Data Controller: Backfield Digital Kft. (registered in Hungary, European Union) is the data controller for Commenter. Our company registration address is Budapest, Alkotás u. 55-61, 1123, Hungary. For any questions or requests regarding your personal data, you can contact us at [email protected].

Data We Collect via Facebook

When you connect your Facebook account to Commenter, we obtain certain information from Facebook's API with your permission. We limit the data to what is necessary to provide the app's functionality. The types of Facebook data we may collect include:

  • Facebook Profile Information: Your name and basic profile details (e.g. your Facebook user ID and profile picture URL).
  • Facebook Page Content: If you use Commenter to manage Facebook Pages, we access the content and metadata of those Pages that you manage. This includes posts, comments, comment threads, and reactions on those pages, along with information about the commenters (e.g. their name and profile ID) as provided via Facebook.
  • Messages: If Commenter allows managing messages (such as your Facebook Page's inbox messages or comments in Messenger threads), we may collect the content of those messages and associated details (sender name, timestamps, etc.) as needed to display and manage them in the app.
  • Email Address: In some cases, we may receive your email address from Facebook if you grant the app permission to access it (for example, during Facebook Login).
  • Usage Data: When you use Commenter, our systems may also automatically collect certain technical information unrelated to Facebook. This can include log data such as your IP address, browser type, device information, and actions taken in the app. We use this information to ensure security, monitor performance, and improve our service. This usage data typically does not include any content from your Facebook account and is handled separately from your Facebook-provided data.

We do not collect any information from your Facebook account beyond what is listed above and what you have explicitly authorized. In particular, we do not access your friends' data or any Facebook data that is not required for Commenter's core features.

How We Use Your Data

We use the collected data solely to operate and provide the Commenter app's functionality to you. This means using your Facebook information to display your pages, posts, comments, and messages in our unified interface, and to enable you to manage and respond to them. In summary, we process your personal data for the following purposes:

  • Providing the Service: Your Facebook data is used to aggregate and display the content (posts, comments, threads, messages) you choose to manage, and to allow you to post replies or perform page management actions through the app. This is the core function of Commenter, and processing your data is necessary to perform the service you have requested.
  • User Support and Communication: If you contact us for support, we may use your information (such as your contact email or user ID) to respond to your inquiries or troubleshoot issues.
  • Improvement and Analytics: We may use aggregated and anonymized data (e.g., overall usage patterns or feature utilization statistics) to understand how our app is used and to improve its features. These analytics do not identify you personally.
  • Security and Preventing Misuse: Technical information (like IP addresses and logs) may be used to protect our service, prevent fraudulent use, and ensure the app is being used in accordance with our terms.

Our legal basis for processing your personal data includes: (a) your consent, which you grant when you authorize our app to access your Facebook information; and (b) contractual necessity, as the data processing is needed to provide you with the Commenter service you expect (per Article 6(1)(b) GDPR). In practice, this means that by connecting your Facebook account and using Commenter, you have consented to our accessing and using your data for the above purposes, and we use that data to fulfill our obligations in delivering the app's functionality to you. You may withdraw your consent at any time by disconnecting the app from your Facebook account (see "Your Rights" below).

We do not use your data for any kind of advertising profiling or automated decisions about you. We also do not send you marketing communications unless you have separately consented to them.

Cookies and Session Data

Commenter uses only essential cookies and similar technologies necessary for the app to function properly. For example, when you log into Commenter, a session cookie is stored in your browser to keep you logged in as you navigate the interface. These cookies are strictly necessary for security and for remembering your session, and they do not contain any personal data beyond a random session identifier. Because such cookies are essential for providing an online service you requested, they do not require explicit consent under EU law.

We do not use any non-essential cookies. This means we do not use analytics cookies, tracking pixels, or advertising cookies within Commenter. We do not track your behavior across other websites or applications.

If you adjust your browser settings to refuse cookies, please note that some features of Commenter (such as staying logged in) may not work correctly, since our system cookies are needed for core functionality.

Data Sharing with Third Parties

We value your privacy and do not share or sell your personal data to any third-party companies for their independent use. All information collected by Commenter is used solely for providing our service to you, as described above. We do not disclose your personal data to marketers, advertisers, or other external parties. The only instances where we might disclose data are limited to:

  • Service Providers: We may use trusted third-party service providers to host our application or database (for example, cloud infrastructure providers located in the EU). Such providers may technically have access to stored data for the purpose of hosting or maintenance, but they are not allowed to use your data for any other purpose. They act under strict data processing agreements and are bound to comply with GDPR requirements for data processors.
  • Legal Obligations: If we are required by law, regulation, or court order to disclose certain data, we may do so to the extent necessary to comply with such legal obligations. In such cases, we will, if lawful, inform you of the requirement.

Aside from the above, no personal data collected by Commenter is shared with any third party or outside organization. If in the future we ever need to share data with any third party for additional services or features, we will only do so with your explicit consent and will update this privacy policy accordingly.

Data Retention

We only retain personal data for as long as necessary to fulfill the purposes described in this policy. Facebook data (such as page posts, comments, and messages) that is fetched through Commenter is stored on our systems on a temporary basis. Specifically, content data retrieved from Facebook is generally cached for only a short period (for example, a few days) to enable faster access and allow you to manage recent threads. This means that your Facebook content viewed via Commenter is periodically purged from our active databases after this brief retention period.

After this short retention period, any personal data is deleted or anonymized in our system. Only non-personal, aggregated information may be retained longer for statistical purposes. For instance, we might keep anonymized usage metrics (such as the total number of comments managed through our app) to help us understand and improve our services. These retained statistics do not identify you or any individual user.

We retain basic account identification information (like your Facebook user ID and the fact that your account is linked to Commenter) for as long as you continue to use the app. This allows you to log in and use Commenter without re-registering each time.

If you disconnect Commenter from your Facebook account or if your use of the app ceases, we will remove or anonymize the personal data associated with your account as part of our regular data deletion process.

In addition, server log files and technical records (which may include IP addresses and usage logs) are kept for a limited duration (generally a few weeks) for security, auditing, and debugging purposes. After this period, logs are either deleted or stripped of any personal identifiers.

Data Storage and Security

All personal data collected through Commenter is stored on secure servers located in the European Union. We primarily use EU-based data centers to ensure that your data remains under the protection of European data privacy regulations. We do not transfer or store your Facebook data in countries outside the European Economic Area (EEA) without proper safeguards. (At present, no such international transfers are made, since our servers are EU-based.)

We take data security seriously and implement appropriate technical and organizational measures to protect your information. These measures include encryption of data in transit, firewalls, access controls, and regular security assessments. While no system is 100% secure, we strive to use industry best practices to guard against unauthorized access, alteration, or loss of personal data.

If any data breach affecting your personal data occurs, we will follow applicable GDPR breach notification requirements.

Your Rights Under GDPR

As a user of Commenter and a data subject in the EU, you have certain rights regarding your personal data under the GDPR. We respect and uphold these rights, which include:

  • Right of Access: You have the right to request a copy of the personal data we hold about you and to obtain information about how we process it.
  • Right to Rectification: If any of your personal data that we hold is inaccurate or incomplete, you have the right to have it corrected or updated.
  • Right to Erasure: You can request that we delete your personal data. If you no longer want us to have or process your data, you can ask us to remove it from our systems. We will comply with such requests where applicable – for example, if the data is no longer needed for the purposes of processing, or if you withdraw consent and there is no other legal basis for processing. This is also known as the "right to be forgotten."
  • Right to Restriction of Processing: You have the right to ask us to restrict (temporarily stop) processing your personal data in certain circumstances – for instance, if you contest the accuracy of the data or have objected to our processing and want us to pause while the issue is resolved.
  • Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, machine-readable format, and to have that data transmitted to another controller where technically feasible. This right applies when the processing is based on your consent or on a contract and the processing is carried out by automated means.
  • Right to Object: You have the right to object to our processing of your personal data when such processing is based on legitimate interests. In such cases, we will stop processing your data unless we have compelling legitimate grounds to continue. You also have the right to object at any time if we were to use your data for direct marketing (though we currently do not process data for marketing purposes).
  • Right to Withdraw Consent: Where we rely on your consent to process your data, you have the right to withdraw that consent at any time. For example, you can withdraw consent by removing the Commenter app's access to your Facebook account through your Facebook user settings. Withdrawing consent will stop any future data collection via the app. (Note that this does not affect the lawfulness of processing we conducted prior to withdrawal.)
  • Right not to be Subject to Automated Decisions: You have the right not to be subject to decisions made solely on automated processing (including profiling) that produce legal or similarly significant effects on you. (In practice, Commenter does not perform any automated decision-making or profiling on users.)
  • Right to Lodge a Complaint: If you believe your data protection rights have been violated, you have the right to file a complaint with a supervisory authority. You may do so in the EU member state where you reside, where you work, or where the alleged infringement occurred. In Hungary, the relevant supervisory authority is the National Authority for Data Protection and Freedom of Information (NAIH).

Exercising Your Rights and Contacting Us

You can exercise any of your rights described above by contacting us via email at [email protected]. Please state clearly which right you wish to exercise and provide information to verify your identity (we may need to confirm we are releasing or altering data to the correct person). We will respond to your request as soon as possible and in any event within the timeframes required by law (generally within one month).

For data access or portability requests, we will provide you with a copy of your data in a common format. For correction or deletion requests, we will rectify or remove the data as requested, except to the extent we are required to keep certain data by law. For objection or restriction requests, we will assess and accommodate your request in accordance with applicable GDPR rules.

If you would like to disconnect Commenter from your Facebook account, you can do so at any time via your Facebook settings (under your account's Apps and Websites or Business Integrations settings, you can remove Commenter's access). This will stop any further collection of your Facebook data by our app. However, if you want us to delete any data we have previously collected from Facebook through Commenter, please contact us at [email protected] with your deletion request. We will then ensure that all your personal data is fully erased from our systems. This manual step ensures that any cached data beyond the normal retention schedule is promptly removed at your request.

No Third-Party Ads or Tracking

We do not display third-party advertisements within Commenter, nor do we use any third-party analytics services that would collect your data for external use. Your data is utilized only for your own management purposes within the app and is not monetized through advertising or shared for behavioral analytics with outside providers.