Data Deletion

To stop SurgeScribe from accessing a connected Facebook Page or Instagram Business account, sign in and go to Dashboard → Integrations, then click Disconnect on the relevant account. This immediately deletes the encrypted access token from our database and revokes our ability to act on your behalf.

You can also remove SurgeScribe from your Facebook account directly:

• Open Facebook → Settings & Privacy → Settings → Apps and Websites.
• Find SurgeScribe in the list and click Remove.
• Facebook will notify us via our deauthorization callback, and we will mark your connections as revoked and wipe the stored access tokens.

To permanently delete your SurgeScribe account, every connection token, all your sites, posts, drafts, and generated images, email us at privacy@surgescribe.com from the email address tied to your account with the subject line “Delete my account”. We will:

• Confirm the request within 3 business days.
• Permanently delete your account, sites, brand settings, pillars, calendar items, social posts, drafts, generated images, and any social connection tokens within 30 days.
• Send written confirmation to your email once deletion is complete.

Some records — such as payment transaction logs — may be retained for the period required by tax and accounting laws, in a form that no longer identifies you.

SurgeScribe implements Meta's required Data Deletion Request callback at /api/meta/data-deletion. When the callback is invoked, SurgeScribe verifies the signed_request, queues deletion of every social_connections row tied to the supplied Facebook user id, and returns a confirmation URL and code per Meta's spec. Deletion status can be looked up at /data-deletion/status?code=….