// Trust & Security Report
FLICK.TECH LTD
All-in-one social media marketing platform (Iris AI Assistant, hashtag tools, post scheduler, analytics) for Instagram, Facebook, TikTok, and LinkedIn with AI-powered content creation and strategy features.
Certifications held
0
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
> Show 6 unconfirmed / not-held certifications
source: flick.socialNo mention found in privacy policy, terms of service, help center, or public documentation
source: flick.socialNo mention found in privacy policy, terms of service, help center, or public documentation
source: flick.socialNo mention found in privacy policy, terms of service, help center, or public documentation
source: flick.socialNo public evidence of an affirmative GDPR compliance commitment or certification. The privacy policy references the GDPR only inside a definitions clause ('Data Protection Laws: any applicable law relating to the processing of personal Data, including but not limited to the Directive 96/46/EC (Data Protection Directive) or the GDPR, and any national implementing laws...'), not as a standalone compliance statement. As a UK-registered company Flick is subject to UK GDPR by operation of law, but no explicit vendor commitment or third-party audit is published.
source: flick.socialNo mention found in privacy policy, terms of service, or public documentation. Not applicable to social media marketing platform use cases.
source: flick.socialNo mention found. Company explicitly states all payments handled by third-party processor Stripe.
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
Unknown - privacy policy references 'secure servers' but does not specify geographic location or data residency. Company registered in England (UK) but no confirmation of UK/EU data processing.
No disclosure found regarding whether Iris AI assistant uses customer data, user-generated content, or customer social media posts for model training. Privacy policy does not address AI training practices. This is a material gap given the product prominently features AI capabilities.
// Security controls
Payment Processing
Third-party processor (Stripe) - Flick does not collect payment information
flick.socialIncident Response
Technical and organizational measures for suspected data breach detection; users must report to support immediately
flick.socialEncryption in Transit/At Rest
Not specified - no disclosure of encryption protocols or standards
flick.socialThird-Party Processors
Data shared with Facebook, Google, FullStory, Amplitude, Viral Loops; each processor governed by own privacy policy
flick.socialAPI Security
Uses official Instagram/Meta API for publishing and analytics; official Meta partner; does not request Instagram password
flick.socialOperational Monitoring
Status page at https://status.flick.social/ shows real-time service status; as of 2026-07-06 some services marked as 'not monitored'
status.flick.social// Products & data scope
data: User social media accounts, content calendars, brand voice; extent of model training on user data unknown
Automates strategy, content ideation, copy writing, and visual generation. Requires user approval before posting. No disclosure of training data sources or model update frequency.
data: Hashtag performance data, user search behavior
Supports 20+ languages. Provides banned hashtag checker, hashtag tracking, and performance analytics.
data: User content calendar, scheduled posts, platform credentials
Visual drag-and-drop calendar. Supports Instagram, Facebook, TikTok, LinkedIn.
data: Social media metrics, account performance data from Meta/platform APIs
Provides Instagram analytics reports, feed planning, and performance tracking.
// What to watch
- AI training transparency gap: No disclosure about whether Iris uses customer data, user-generated content, or customer social media posts for training or model updates. This is critical for an AI-primary product.
- No enterprise security certifications: Lacks SOC 2, ISO 27001, ISO 27701, or equivalent third-party security audits despite handling user social media credentials.
- No affirmative GDPR compliance statement: Privacy policy references the GDPR only in a definitions clause; no explicit compliance commitment, no published DPA, and no Standard Contractual Clauses found for customers requiring GDPR compliance.
- Data residency undisclosed: Privacy policy does not specify geographic location of data storage or processing regions. Registered in UK but no confirmation of UK/EU data location.
- Encryption details absent: Security policy does not specify encryption standards, protocols (TLS version, cipher suites), or key management practices.
- Third-party data sharing: Data shared with Facebook, Google, FullStory, Amplitude, and Viral Loops without detailed processor agreements published.
- Limited incident response disclosure: No published incident response plan, breach notification SLA, or security incident history available.
- No trust center: Company does not maintain a dedicated trust center, security documentation, or compliance resource page.
// At a glance
Pricing model
Freemium (7-day free trial) + paid tiers; monthly or annual billing
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on FLICK.TECH LTD's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
flick.social