Privacy Policy

Last updated: February 14, 2026

1. Introduction

I AI ("we", "us", or "our") operates the web application at webapp-ioslqzbr.vercel.app (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using I AI, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your email address and a securely hashed password. We do not store your password in plain text.

2.2 Social Media Data

When you connect your Instagram or WhatsApp account through our Service, we access data via the official Meta (Facebook) APIs, including:

  • Your Instagram Business or Creator account username and profile information
  • Direct messages and conversations from your connected Instagram account
  • WhatsApp Business messages and conversations from your connected WhatsApp number
  • OAuth access tokens required to communicate with the Meta APIs on your behalf

We only access messaging data that you explicitly authorize through Meta's OAuth consent flow. We do not access your personal Instagram posts, stories, followers, or any data beyond what is required for the messaging functionality.

2.3 Automatically Collected Information

We may collect standard server logs including IP addresses, browser type, and request timestamps for security and debugging purposes. We do not use tracking cookies or third-party analytics.

3. How We Use Your Information

We use the information we collect to:

  • Provide the core Service: syncing your Instagram and WhatsApp messages into a unified inbox
  • Generate and send AI-powered auto-replies on your behalf using Google Gemini
  • Maintain and improve the Service's reliability, security, and performance
  • Communicate with you about your account and Service-related updates

We process message content solely for the purpose of generating reply suggestions. Message content is sent to Google Gemini for AI processing and is not stored by us beyond what is necessary for the conversation context.

4. Data Storage and Security

Your account data and connection tokens are stored in a PostgreSQL database hosted on Render.com with encrypted connections (SSL/TLS). We implement industry-standard security measures including:

  • Passwords are hashed using bcrypt before storage
  • API tokens are transmitted over HTTPS only
  • Authentication is handled via JSON Web Tokens (JWT)
  • OAuth access tokens are stored securely and used only for authorized API calls

We do not store your Instagram or WhatsApp login credentials. Authentication is handled entirely through Meta's official OAuth 2.0 flow.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data to third parties. We may share data only in the following circumstances:

  • Service providers: We use Render.com for hosting, Vercel for frontend delivery, and Google Gemini for AI processing. These providers process data on our behalf under their respective privacy policies.
  • Meta Platform: We interact with Meta's APIs to sync and send messages. Your use of Instagram and WhatsApp is also governed by Meta's Privacy Policy and Terms of Service.
  • Legal requirements: We may disclose your information if required by law, court order, or governmental regulation.

6. Data Retention

We retain your account data and connection tokens for as long as your account is active. Conversation data is stored temporarily for the purpose of providing the Service and generating AI replies. When you disconnect a platform (Instagram or WhatsApp), the associated access tokens are immediately deleted from our database. You may request full account deletion at any time by contacting us.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and all associated data
  • Disconnect your Instagram and/or WhatsApp accounts at any time through the Settings page
  • Withdraw consent for data processing (by deleting your account)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability and the right to lodge a complaint with a supervisory authority.

8. Meta Platform Data Use

Our use of information received from Meta APIs adheres to the Meta Platform Terms and Developer Policies. Specifically:

  • We only request the minimum permissions necessary for the Service to function
  • We do not use Meta data for advertising, data brokerage, or surveillance
  • We do not transfer Meta data to any third party other than as described in this policy
  • Users can revoke access at any time through Meta's app settings or our disconnect feature

9. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will take steps to delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this page. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, your data, or wish to exercise your rights, please contact us at:

contact@dmings.com