Security

Security

AI Groups Poster is built to keep account access and product workflows understandable, limited, and easier to audit.

Last updated:

Security is treated as an ongoing product responsibility, not a one-time checkbox.

Security approach

The product is designed around a few practical principles:

  • keep access limited to what is needed
  • avoid unnecessary data exposure
  • separate temporary auth flows from normal long-lived sessions
  • reduce the chance of stale or orphaned auth state
  • make failures easier to diagnose without exposing sensitive values

Data boundaries

AI Groups Poster is designed around the product workflow, not broad data collection.

  • we do not ask for Facebook passwords
  • we do not collect full payment card numbers
  • we do not scrape Facebook group members or member lists
  • we do not sell traffic, engagement, followers, leads, or scraped data
  • we do not guarantee reach, approvals, leads, account status, or platform outcomes

Account access

AI Groups Poster may use authentication flows such as email sign-in, password reset, and website-assisted sign-in for extension access.

Temporary authentication flows are intended to expire, be replaced cleanly when restarted, and avoid leaving unnecessary active session state behind.

Session handling

The product is designed to use session-based authentication with refresh-aware flows where appropriate.

That helps reduce repeated sign-ins while still allowing sessions to be rotated, expired, or revoked when needed.

Password and reset security

Password reset and verification flows are designed to be time-limited.

Where possible, the product avoids exposing unnecessary information about whether a specific account exists and limits the value of stale verification or reset data.

Extension security

The browser extension is intended to work only with the permissions required for its core features.

Extension permissions are used only for user-facing features, such as preparing posts, managing group collections, scheduling posting sessions, and reviewing publishing steps.

Extension-related sign-in flows should be isolated from normal website sessions where possible, so extension access can be completed, consumed, expired, or revoked in a controlled way.

Logging and diagnostics

AI Groups Poster aims to keep logs useful for troubleshooting without exposing secrets.

That means support-oriented logs should help identify whether a flow was created, expired, replaced, consumed, or cancelled, while avoiding plaintext passwords, raw tokens, verification codes, or other sensitive credentials.

User responsibility

No software can guarantee account safety if it is used carelessly.

Users should protect their device, browser profile, email inbox, and passwords, and should only install the extension from official sources. Users are also responsible for complying with platform rules and group rules.

Reporting security issues

If you believe you found a security issue, email:

support@aigroupposter.com

Please include:

  • a clear description of the issue
  • steps to reproduce it
  • screenshots or recordings if relevant
  • your contact details for follow-up
Permissions Privacy Policy Responsible Use Contact