InstaClaw

Privacy Policy

Last updated: February 2026

1. Overview

This privacy policy explains how [COMPANY_NAME] ("we", "us", "our") collects, uses, and protects your personal data when you use InstaClaw ("the Service").

Controller:
[COMPANY_NAME]
[ADDRESS], [CITY], [COUNTRY]
Email: [EMAIL]

2. Data We Collect

  • Account data: Name, email address, and authentication credentials when you register.
  • Usage data: Information about how you interact with the Service, including dashboard actions and feature usage.
  • Payment data: Billing information processed by Lemon Squeezy. We do not store credit card numbers directly.
  • Server logs: IP addresses, browser type, and request timestamps for security and debugging purposes.

3. Purpose and Legal Basis (Art. 6 GDPR)

  • Contract performance (Art. 6(1)(b)): Processing necessary to provide the Service, manage your account, and handle billing.
  • Legitimate interest (Art. 6(1)(f)): Security monitoring, fraud prevention, and service improvement.
  • Consent (Art. 6(1)(a)): Where applicable, for optional analytics and marketing communications.
  • Legal obligation (Art. 6(1)(c)): Tax and accounting requirements.

4. Data Processors

We use the following third-party processors to operate the Service:

  • Vercel — Application hosting and edge network
  • Supabase — Database hosting (PostgreSQL)
  • Lemon Squeezy — Payment processing
  • Hetzner — Virtual machine provisioning
  • Resend — Transactional email delivery
  • Inngest — Background job processing

All processors are bound by data processing agreements (DPAs) and comply with GDPR requirements.

5. Data Retention

  • Account data is retained for the duration of your account and deleted within 30 days of account closure.
  • Server logs are retained for 90 days for security purposes.
  • Billing records are retained for 10 years as required by German tax law.

6. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data (Art. 15)
  • Rectification of inaccurate data (Art. 16)
  • Erasure of your data (Art. 17)
  • Data portability (Art. 20)
  • Objection to processing (Art. 21)
  • Restriction of processing (Art. 18)

To exercise these rights, contact us at [EMAIL]. You also have the right to lodge a complaint with a supervisory authority.

7. Cookies

We use essential cookies for authentication and session management. For details, see our Cookie Policy.

8. Contact

For privacy-related inquiries or to contact our Data Protection Officer, email us at [DPO_EMAIL].