Privacy Policy

1. Information We Collect

We collect only the data needed to operate and support your account. This includes:

Account details: name, email, hashed password

Instagram connection: IG user ID, access token

Message data: incoming & outgoing DMs

Automation settings: flows, rules, tags

System logs: API requests, error traces

2. How We Use Your Information

We use the information we collect to:

Provide and improve our services

Ensure security and compliance

Communicate with you about updates and support

3. Data Sharing

We do not sell your personal information. We only share data with:

Service providers who help us operate our platform

Legal authorities when required by law

4. Data Security

We use industry-standard safeguards: HTTPS for all traffic, AES-256 encryption at rest, and strict access controls. Our team reviews security logs and runs regular vulnerability scans.

5. Data Retention

For detailed retention periods, see our Data Retention Policy. In summary:

Account details: deleted 90 days after your last login

Message data: deleted after 30 days

System logs: deleted after 60 days

Note: We may keep data longer if required by law (e.g., tax invoices). Otherwise, we delete on the schedule above.

6. Your Rights

You can:

Request access to your data

Request deletion of your data

Opt out of data processing where applicable

See §§ 8-9 for region-specific rights (CCPA / GDPR).

7. Cookies & Tracking

We use minimal first-party cookies for sign-in and security. Optional analytics cookies are only set after you accept them via the cookie banner.

8. California Privacy Rights

California residents may:

Request access to their data

Request deletion of their data

Opt out of data sharing

9. GDPR Compliance

Under GDPR, you have additional rights, including:

The right to data portability

The right to restrict processing

The right to object to processing