LogoBridge44

Privacy Policy

Last updated: 16/05/2026

This Privacy Policy explains how Neural Click Ltd (“Neural Click”, “we”, “us”, “our”) collects, uses, shares, and protects personal data when you use our websites, applications, APIs, and related services (collectively, the “Service”).

We are committed to protecting your privacy and handling your personal data in accordance with applicable data protection laws, including the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Who We Are (Data Controller)

Bridge44 is a product of:

Neural Click Ltd
Registered in England
Address: Office at Office 11802, 182-184 High Street North East Ham, London E6 2JA, United Kingdom.
Email: help@bridge44.com

For the purposes of UK data protection law, Neural Click Ltd is the data controller of your personal data processed in connection with the Service.

If you have any questions about this Privacy Policy or how we handle your data, you can contact us at the email address above.

2. Scope

This Privacy Policy applies to:

  • Visitors to our websites;
  • Individuals who create or use a Bridge44 account;
  • Users who connect social or third‑party platform accounts (e.g. TikTok, Google, Meta platforms);
  • Individuals who interact with content published or managed through Bridge44, where we act as a data processor on behalf of our business customers.

This Privacy Policy does not apply to how third‑party platforms (such as TikTok, Google, Meta, etc.) handle your data. Their own privacy policies and terms apply to their processing.

3. Personal Data We Collect

The personal data we collect depends on how you use the Service. We may collect and process the following categories of data:

3.1 Account and Profile Information

  • Name, display name, and contact details (e.g. email address);
  • Login credentials or authentication identifiers (e.g. hashed passwords, OAuth identifiers);
  • Organisation or company name, role, and account settings/preferences.

3.2 Third‑Party Platform and Social Account Information

When you connect a third‑party platform or social account (for example TikTok, Google, or Meta platforms) to Bridge44, we may collect:

  • Platform user IDs, open IDs, or other account identifiers;
  • Access tokens or refresh tokens and associated scopes/permissions (stored and handled securely);
  • Basic profile information from that platform (e.g. username, profile name, profile picture, channel/page identifiers), to the extent permitted by you and the third‑party platform;
  • Metadata about your connected accounts and pages (e.g. which brand or channel the account belongs to).

3.3 Content and Media

To provide the Service, we may process:

  • Posts, captions, descriptions, hashtags, URLs, and other content you create or manage;
  • Media files (images, audio, video) you upload, host, or instruct us to publish;
  • Scheduling information (e.g. planned publish dates and times);
  • Publishing status for your posts (e.g. draft, scheduled, processing, published, failed);
  • Platform‑specific metadata and responses (e.g. TikTok publishing responses and IDs, error messages, or other platform feedback stored as “platform metadata”).

3.4 Usage, Log, and Technical Data

When you access or use the Service, we may automatically collect:

  • Device and browser information (e.g. IP address, operating system, browser type, device identifiers);
  • Log data (e.g. access times, pages viewed, features used, error logs);
  • Event data related to how you interact with the Service (e.g. clicks, API calls, publication attempts, progress status of uploads);
  • Approximate location based on IP address (e.g. city, country).

3.5 Support and Communication Data

If you contact us (e.g. by email, support ticket, or in‑product message), we may collect:

  • Contact details;
  • The contents of your message or query;
  • Associated metadata (e.g. time of contact, internal notes, responses).

3.6 Data About Your End Users or Audience (Business Customers Only)

If you use Bridge44 as a business or agency, you may use the Service to manage or publish content to third‑party platforms for your own customers or audience. In that case, we may process, on your behalf:

  • Identifiers or profile names of your clients’ social accounts;
  • Comments, reactions, or public interactions with published content, to the extent they are returned to us by third‑party APIs;
  • Analytics or insights data retrieved from third‑party platforms, where enabled.

In these cases, you are typically the data controller and Bridge44 acts as your data processor.

4. How We Use Personal Data (Purposes and Legal Bases)

We process personal data for the purposes and on the legal bases set out below.

4.1 To Provide and Operate the Service

  • Creating and managing accounts;
  • Connecting and managing third‑party platform accounts;
  • Uploading, processing, and publishing media and posts (e.g. sending posts to TikTok and tracking status);
  • Managing and updating publication status, including progress tracking and error handling;
  • Providing core functionality such as scheduling, editing, or deleting content.

Legal basis:

  • Performance of a contract (UK GDPR Article 6(1)(b)) where processing is necessary to provide the Service you requested;
  • Our legitimate interests (Article 6(1)(f)) in operating a functional, reliable platform.

4.2 To Secure, Maintain, and Improve the Service

  • Monitoring system performance and reliability;
  • Logging errors and detecting, preventing, and responding to security incidents;
  • Debugging issues and improving existing features (e.g. upload reliability, integration stability);
  • Developing new features and services.

Legal basis:

  • Our legitimate interests (Article 6(1)(f)) in maintaining, securing, and improving the Service.

4.3 Customer Support and Communications

  • Responding to your queries and support requests;
  • Informing you about important changes to the Service or this Privacy Policy;
  • Sending service‑related notifications (e.g. account, security, or operational notices).

Legal basis:

  • Performance of a contract (Article 6(1)(b));
  • Our legitimate interests (Article 6(1)(f)) in providing effective support and communications.

4.4 Marketing and Optional Communications

  • Sending you information about new features, offers, or updates that may be of interest;
  • Running surveys or feedback requests.

Where required by law, we will ask for your consent before sending marketing communications and will provide an easy way to opt out.

Legal basis:

  • Your consent (Article 6(1)(a));
  • Our legitimate interests (Article 6(1)(f)) where consent is not required under applicable law.

4.5 Legal and Compliance

  • Complying with legal obligations and regulatory requirements;
  • Exercising or defending legal claims;
  • Preventing misuse, fraud, or abuse of the Service.

Legal basis:

  • Compliance with a legal obligation (Article 6(1)(c));
  • Our legitimate interests (Article 6(1)(f)) in protecting our rights, our users, and the Service.

5. How We Collect Personal Data

We collect personal data:

  • Directly from you when you create an account, connect a platform, upload content or media, or communicate with us.
  • Automatically through your use of the Service, via cookies, logs, and similar technologies.
  • From third‑party platforms you connect to Bridge44 (e.g. TikTok, Google, Meta), subject to the permissions you grant and their APIs.
  • From your organisation if you are using a business or agency account managed by your employer or client.

6. How We Share Personal Data

We may share personal data with:

6.1 Third‑Party Platforms You Connect

When you instruct us to publish or manage content via connected platforms (e.g. TikTok, Google, Meta platforms), we share the necessary content and metadata (e.g. captions, media, account identifiers) as required by that platform’s APIs and according to your instructions.

Those platforms process your data in accordance with their own terms and privacy policies.

6.2 Service Providers (Processors)

We use third‑party service providers to help us operate, secure, and improve the Service, such as:

  • Cloud hosting and storage providers (e.g. Google Cloud Platform);
  • Database, caching, and queueing services;
  • Email and notification providers;
  • Analytics and monitoring services;
  • Customer support and ticketing tools.

These providers act as our data processors and may only process personal data on our documented instructions, under appropriate contractual safeguards.

6.3 Within Our Group

If Bridge44 is part of a group of companies, we may share data with affiliates where necessary for administration, support, and provision of the Service, under appropriate safeguards.

6.4 Legal, Compliance, and Safety

We may disclose personal data where we reasonably believe it is necessary to:

  • Comply with applicable laws, regulations, or legal processes;
  • Respond to valid requests from law enforcement or regulators;
  • Protect the rights, property, or safety of Bridge44, our users, or the public;
  • Enforce our terms and policies or prevent fraud or security incidents.

6.5 Business Transfers

If we are involved in a merger, acquisition, restructuring, or sale of assets, personal data may be transferred as part of that transaction, subject to continued protection and, where required, notice to you.

We do not sell your personal data for monetary consideration.

7. International Data Transfers

Bridge44 is based in the United Kingdom, but we may store and process personal data on servers located in other countries (for example, with cloud providers such as Google Cloud, which may operate data centres in the EEA or other regions) and may transmit data to third‑party platforms whose servers are outside the UK/EEA (e.g. TikTok, Google, Meta).

Where personal data is transferred outside the UK or EEA, and the destination country does not provide an adequate level of data protection, we implement appropriate safeguards, such as:

  • Standard contractual clauses approved by the UK or EU authorities;
  • Other lawful transfer mechanisms permitted under the UK GDPR.

You can contact us for more information about the specific transfer mechanisms used.

8. Data Retention

We retain your personal data only for as long as is necessary to fulfill the purposes for which we collected it, as explained in this Privacy Policy. This includes retaining data to:

  • Provide and maintain the Service;
  • Comply with legal, accounting, or reporting obligations;
  • Resolve disputes and enforce our agreements.

Retention periods may vary depending on the category of data and your use of the Service, for example:

  • Account information: kept for the lifetime of your account and for a limited period thereafter where required by law or for legitimate business reasons.
  • Content and media: retained while your account is active or as needed to provide the Service, unless you delete it or request deletion (subject to legal or contractual limitations).
  • Logs and technical data: retained for shorter periods necessary for security, diagnostics, and analytics, then either deleted or anonymised.

When data is no longer required, we will delete or anonymise it in a secure manner.

9. Security

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures may include:

  • Access controls and authentication;
  • Encryption in transit and at rest (where appropriate);
  • Network and application security (e.g. firewalls, monitoring, rate limiting);
  • Regular updates, patches, and vulnerability management;
  • Internal policies and staff training.

However, no system is completely secure. You are responsible for keeping your account credentials safe and for notifying us promptly of any suspected unauthorised access to your account.

10. Your Rights Under Data Protection Law

Under the UK GDPR, you may have the following rights in relation to your personal data, subject to certain conditions and exceptions:

  • Right of access – to obtain confirmation whether we process your personal data and access to a copy of that data.
  • Right to rectification – to have inaccurate or incomplete personal data corrected.
  • Right to erasure (“right to be forgotten”) – to request deletion of your personal data in certain circumstances.
  • Right to restriction of processing – to request that we limit the processing of your personal data in certain situations.
  • Right to data portability – to receive personal data you provided to us in a structured, commonly used, machine‑readable format, and to have that data transmitted to another controller where technically feasible.
  • Right to object – to object to processing based on our legitimate interests or to direct marketing (including profiling for such purposes).
  • Rights in relation to automated decision‑making – to not be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or similarly significantly affects you.