Privacy Policy
Политика конфиденциальности
1. Introduction
SMIP ("Company", "we", "us", or "our") operates the SMIP analytics platform available at smip.site ("Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service, including when you connect your Instagram or Facebook account via OAuth.
By using our Service, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Information from Instagram / Facebook (via Meta OAuth)
When you connect your Instagram Business or Creator account, we receive only the data you explicitly authorize:
| Data Type | Purpose | Legal Basis (GDPR) |
|---|---|---|
| Instagram User ID & username | Account identification | Contract performance |
| Followers / following count | Analytics display | Legitimate interest |
| Media count & post metadata | Dashboard metrics | Contract performance |
| Engagement metrics (likes, comments, reach) | Analytics reporting | Contract performance |
| Business insights (impressions, profile views) | Performance reports | Contract performance |
We do not collect: private messages, passwords, payment information, precise location, or data of minors.
2.2 Account Information
- Name and email address provided during registration
- Login activity and session data
2.3 Technical Data
- IP address, browser type, operating system
- Session cookies (essential only)
3. How We Use Your Information
We use collected data solely for:
- Providing and maintaining the Service
- Generating analytics reports and dashboards within your account
- Improving platform functionality
- Sending service-related notifications (no marketing without explicit consent)
- Complying with legal obligations
We never:
- Sell, rent, or share your data with third parties for advertising purposes
- Use your data to train AI/ML models without explicit consent
- Use your data for any purpose not described in this policy
- Transfer your data to data brokers
4. Data Sharing and Disclosure
We may share data only in the following limited cases:
| Recipient | Reason | Safeguards |
|---|---|---|
| Cloud infrastructure providers | Service operation | Data Processing Agreement (DPA) |
| Internal analytics tools | Platform improvement | Anonymized, aggregated data only |
| Law enforcement | Legal obligation | Only when legally required by applicable law |
No data is sold, traded, or transferred to any other parties.
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Instagram analytics data | Until account deletion or 2 years of inactivity |
| Account information | Until deletion request |
| Server logs | 90 days |
| Backup copies | Deleted within 30 days after account deletion |
6. Data Deletion
We delete your data without undue delay when any of the following occurs:
- You submit a deletion request (via email or account settings)
- You delete your SMIP account
- Your data is no longer necessary to provide the Service
- Deletion is requested by Meta or required by applicable law or regulation
See our full Data Deletion Instructions for step-by-step guidance.
7. Your Rights
Under GDPR (EU/EEA users):
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restriction of processing
- Right to data portability
- Right to object to processing
- Right to lodge a complaint with a supervisory authority (DPA)
Under CCPA (California, USA users):
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of sale (we do not sell data)
- Right to non-discrimination for exercising privacy rights
По 152-ФЗ (Пользователи из России):
- Право на доступ к своим персональным данным
- Право на исправление неточных данных
- Право на удаление персональных данных
- Право на отзыв согласия на обработку данных
To exercise any right, contact: stepstepan2@gmail.com. We respond within 30 days.
9. Data Security
We implement industry-standard security measures:
- HTTPS/TLS encryption for all data transmission
- Encrypted storage of sensitive data
- Role-based access controls and authentication
- Regular security audits
No method of internet transmission is 100% secure. We use commercially acceptable means to protect your data.
10. Children's Privacy
Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us immediately at stepstepan2@gmail.com and we will delete that information.
11. Third-Party Services
Our Service integrates with Meta (Instagram/Facebook) via the official Graph API. Your use of Instagram/Facebook is governed by Meta's Privacy Policy: https://privacycenter.instagram.com/policy/. We are not responsible for Meta's data practices.
12. International Data Transfers
Your data may be stored and processed in servers located outside your country of residence. We ensure appropriate safeguards including Standard Contractual Clauses (SCCs) where required by GDPR.
13. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes by email or prominent notice on our website at least 30 days before changes take effect. Continued use of the Service after changes constitutes acceptance.
14. Contact Us
SMIP Privacy Team
Email: stepstepan2@gmail.com
Website: https://smip.site
Response time: within 48 hours
For EU users — GDPR representative: stepstepan2@gmail.com