Privacy Policy for ChatBot-IG

Last Updated: April 1, 2025

1. Introduction

Welcome to ChatBot-IG ("we," "us," or "our"). ChatBot-IG is an Instagram chatbot application accessible at https://glowiq.online (the "Service"). Our Service allows users to connect their Instagram accounts via OAuth, processes incoming Direct Messages (DMs) through a webhook, and generates responses using a locally hosted Large Language Model (LLM).

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy.

2. Data We Collect

We may collect information about you in a variety of ways. The information we may collect via the Service includes:

• Account Information: When you connect your Instagram account via OAuth, we collect your Instagram account ID and an access token provided by Meta (Facebook/Instagram). This token allows us to receive messages and send responses on your behalf.
• Conversation Data: We collect the content of Direct Messages sent to your connected Instagram account and the responses generated by our Service. This includes message text, sender/recipient IDs, and timestamps.
• Log Data: Like many web services, we automatically collect information that your browser sends whenever you visit our Service ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other statistics.
• Database Logs: We maintain internal logs within our database related to application performance, errors, and actions taken within the Service (e.g., account connections, message processing).

3. How We Use Your Data

Having accurate information permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Service to:

• Authenticate your Instagram account and manage your connection to the Service.
• Receive and process incoming Direct Messages sent to your connected Instagram account.
• Generate responses to Direct Messages using our integrated LLM.
• Send responses back to users via the Instagram API.
• Store conversation history for context and service provision.
• Monitor and analyze usage and trends to improve your experience with the Service.
• Maintain the security and operational integrity of the Service.
• Respond to your support requests and inquiries.
• Comply with legal obligations.

4. Data Storage and Security

Your information, including Instagram account IDs, access tokens (stored securely), and conversation history, is stored in a MongoDB database hosted on a secure Vultr Virtual Private Server (VPS). We use administrative, technical, and physical security measures to help protect your personal information. These measures include, but are not limited to:

• Secure server infrastructure provided by Vultr.
• Access controls to limit access to the database and server.
• Regular security practices and monitoring.
• While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

5. Data Sharing

We do not sell, trade, rent, or otherwise share your personal information with third parties for marketing purposes.

We may share information we have collected about you in certain situations:

• With Meta (Facebook/Instagram): We interact with the Instagram Graph API provided by Meta to authenticate your account, receive messages, and send messages. Our use of the API is subject to Meta's Platform Terms and Developer Policies.
• By Law or to Protect Rights: If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation.
• Service Providers: We utilize Vultr for hosting infrastructure. Vultr does not have direct access to the application data we store unless required for infrastructure maintenance or legal compliance.
• Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

Our locally hosted LLM processes conversation data to generate responses but does not store this data independently beyond the processing required for response generation within the context of a single request.

6. User Rights

Depending on your jurisdiction, you may have certain rights regarding your personal data. These may include:

• Right to Access: You have the right to request access to the personal data we hold about you.
• Right to Rectification: You have the right to request correction of inaccurate personal data.
• Right to Erasure (Data Deletion): You have the right to request the deletion of your personal data, subject to certain exceptions. Instructions for data deletion are provided separately.
• Right to Restrict Processing: You may have the right to request the restriction of processing your personal data.
• Right to Data Portability: You may have the right to receive your data in a structured, commonly used format.

To exercise these rights, please contact us using the contact information provided below. Please refer to our Data Deletion instructions for specific steps on removing your account and associated data.

7. Cookies

We may use cookies, web beacons, tracking pixels, and other tracking technologies on the Service to help customize the Service and improve your experience. When you access the Service, your personal information is not collected through the use of tracking technology. Most browsers are set to accept cookies by default. You can usually choose to set your browser to remove or reject cookies, but be aware that such action could affect the availability and functionality of the Service (e.g., session management).

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last Updated" date and the updated version will be effective as soon as it is accessible. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.

9. Contact Information

If you have questions or comments about this Privacy Policy, please contact us at:

Email: [email protected]