Privacy Policy

Last Updated: January 23, 2026

1. Introduction

Welcome to Instagram Auto-Repost. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our Instagram auto-reposting service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, and password when you register
• Instagram Account Data: Instagram username, user ID, and profile information when you connect via OAuth
• Facebook Page Data: Facebook Page ID and access token linked to your Instagram Business account

2.2 Information We Collect Automatically

• Usage Data: Target accounts, scheduled posts, repost activities
• Log Data: IP addresses, browser type, access times, error logs
• Instagram Content: Media URLs and captions from target accounts (temporarily processed, not permanently stored)

3. How We Use Your Information

We use the collected information to:

• Provide and maintain the auto-repost service
• Authenticate and authorize access to Instagram Graph API
• Schedule and publish content to your Instagram account
• Monitor service usage and enforce rate limits
• Send service-related notifications (quota warnings, errors)
• Improve our service and fix bugs
• Comply with legal obligations

4. Data Sharing

We do NOT sell, trade, or rent your personal information. We only share data with:

• Facebook/Instagram: Through official Graph API as required for service functionality
• Legal Authorities: When required by law, court order, or government regulation

We do NOT share your data with advertisers, marketers, or other third parties.

5. Data Security

We implement security measures to protect your data:

• AES-256 encryption for access tokens
• Bcrypt password hashing
• HTTPS/TLS for all data transmission
• Secure database configuration
• Regular security updates
• Limited staff access to personal data

6. Data Retention

• Account Data: Retained while your account is active
• Access Tokens: Refreshed every 60 days, deleted when you disconnect
• Activity Logs: Retained for 30 days
• Post Metadata: Retained for 90 days for analytics
• Deleted Accounts: All personal data removed within 30 days

7. Your Rights

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct your information
• Deletion: Request deletion of your account and data
• Portability: Request your data in machine-readable format
• Objection: Object to processing of your data
• Withdrawal: Withdraw consent at any time

8. Data Deletion

You can delete your data by:

• Disconnecting your Instagram account from the dashboard
• Deleting your user account through settings
• Submitting a request via our Data Deletion page
• Emailing us at privacy@impresi.id

9. Instagram API Usage

We use Instagram Graph API to:

• Access your Instagram Business account information
• Retrieve media from target accounts you specify
• Publish content to your Instagram account
• Monitor webhook events for new posts

We comply with Facebook Platform Terms and Instagram API Terms. We do NOT:

• Store Instagram media files permanently
• Share your Instagram data with third parties
• Use your data for advertising
• Access data beyond what's necessary

10. Cookies

We use essential cookies only:

• Session Cookie: Maintains your login state
• CSRF Token: Protects against security attacks

We do NOT use advertising, tracking, or analytics cookies.

11. Children's Privacy

Our service is not intended for users under 13 years of age. We do not knowingly collect data from children. If you believe we have collected such information, contact us immediately.

12. International Data Transfers

Your data may be processed on servers located outside your country. We ensure appropriate safeguards through encryption and compliance with GDPR and other regulations.

13. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of changes by posting the new policy on this page and updating the "Last Updated" date. Continued use after changes constitutes acceptance.

14. Contact Us

For questions about this privacy policy:

• Email: privacy@impresi.id
• Address: [Your Business Address]
• Data Protection Officer: dpo@impresi.id

15. Compliance

This privacy policy complies with:

• Facebook Platform Policy
• Instagram API Terms of Use
• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)