Postpiece Privacy Notice and Data Flow Overview

Privacy notice

This page describes the typical data flow in Postpiece environments. Operators should adapt it to their own deployment before using the platform as a public-facing service.

Authentication and access

Dashboard authentication is handled through the configured identity provider, and access decisions depend on the deployment's workspace and membership settings.

Operators should review their identity provider configuration separately, because account lifecycle, session management, and audit expectations are not defined solely by the UI layer.

Content and media

Editorial content is stored in the configured database, and media assets are stored in the configured object storage backend. In local development, the default object storage target is MinIO.

Published frontend behavior depends on the site runtime, cache settings, and domain configuration that the operator deploys around those services.

Deployment responsibility

Because Postpiece can be self-hosted or adapted per environment, the organization deploying it is responsible for publishing the final legal notice, retention policy, and user-facing privacy commitments.

Teams should review their analytics, logging, storage, and identity-provider choices before exposing a production environment to public users.