This Privacy Policy explains how we collect, use, store, and protect the data provided by users when they connect their Instagram, Facebook, or other messaging channels to our platform.
1. Information We Collect
When a user connects an Instagram or Facebook account via OAuth, we collect only the minimum information required to operate the integration:
- Page ID and Page name
- Instagram Business Account ID
- Access tokens required to maintain the connection
- Incoming and outgoing messages required for platform functionality
- Basic technical metadata (IP address, user-agent) for security and auditing purposes
We do not collect unnecessary data or access information beyond the permissions granted by the user.
2. How We Use the Information
The collected information is used exclusively to:
- Display messages inside the platform
- Send responses on behalf of the customer
- Maintain active integrations and tokens
- Provide operational metrics to the customer
- Enable automation flows (e.g., langflow)
We do not sell, rent, or share this information with any third party.
3. Data Storage and Security
We apply industry-standard security practices, including:
- Encryption in transit (HTTPS/TLS)
- Role-based access control
- Secure token storage
- Auditable system logs
Each customer has access only to their own data (multitenant isolation).
4. User Control and Access
Users can:
- Revoke access from their Facebook/Instagram account at any time
- Disconnect the integration from our platform
- Request deletion of their stored data
5. Data Deletion
When a deletion request is made:
- Access tokens and IDs are deleted
- The integration is fully disconnected
- Messages and operational data associated with the account are removed
6. Policy Updates
We may update this policy to comply with legal requirements or to improve our service. Users will be notified before significant changes are applied.
7. Contact
For privacy-related questions or data removal requests: admin@deepnolia.io