Privacy Policy

Last updated: April 21, 2026

This Privacy Policy describes how the developer of Inspector (“we”, “us”, or “our”) collects, uses, and protects information when you use the Inspector mobile application (the “App”), the website located at inspector.social (the “Website”), and any related services (collectively, the “Service”). By using the Service, you agree to the collection and use of information as described in this Privacy Policy.

Please note:

• Individuals in the European Economic Area (EEA) and the United Kingdom (UK) should also read our section about “Your EEA & UK Data Privacy Rights”.
• Individuals in California should also read our section about “Your California Privacy Rights”.

1. Information we collect

Information Collected Automatically

When you install and use the App, we automatically collect certain information about your device and usage:

• Device information. Your device platform (iOS or Android), device locale and language preferences, app version, and a device identifier (an anonymous UUID generated on first launch).
• Anonymous authentication. We use anonymous authentication to create your account. No email address, password, phone number, or social login is required. A unique anonymous identifier (UUID) is automatically assigned to your device when you first open the App.
• Usage data. We collect analytics events related to your use of the App, such as feature interactions, profile tracking actions, and share intent events. This data is collected through our analytics provider and is associated with your anonymous identifier.
• Push notification tokens. If you enable push notifications, we collect your device push token to deliver alerts about changes to the Instagram profiles you track.
• Subscription information. We receive your subscription status, product identifiers, and expiration dates from our subscription management provider. We do not receive or store your payment card details or billing information.

Information You Provide

• Instagram profiles you track. When you add an Instagram profile to track, we collect and store publicly available data about that profile, including: username, full name, profile picture URL, follower count, following count, media count, follower and following lists, and metadata about posts, reels, and stories. This is data about the tracked Instagram profile, not personal data about you.
• Search history. Your Instagram username search history is stored locally on your device and is not transmitted to our servers.

Information Derived from Processing

• Gender classification. We operate a service that infers gender from first names found in tracked profiles’ follower and following lists. This is performed solely on publicly available Instagram names for demographic analytics display within the App. No user personal data is processed by this service.
• Follower change detection. We generate snapshots and change records (such as new followers and unfollowers) by comparing periodic data fetches for the profiles you track.

Information We Do Not Collect

Inspector is designed with privacy in mind. We do not collect:

• Your email address, real name, or phone number
• Your Instagram login credentials
• Advertising identifiers (IDFA or Google Advertising ID) — our App does not use these identifiers
• Location data, camera access, contacts, or microphone access
• We do not display advertisements and do not share data with advertising networks

2. How we use your information

We use the information we collect for the following purposes:

• To provide and operate the Service, including tracking Instagram profiles and delivering notifications about changes
• To process your subscription and manage access to premium features
• To send push notifications about tracked profile activity (new followers, posts, stories, reels)
• To analyze usage patterns and improve the Service through analytics
• To maintain, secure, and monitor our infrastructure
• To comply with applicable legal obligations

Legal Bases for Processing (EEA/UK Users)

If you are in the EEA or UK, we process your data on the following legal grounds:

• Contract performance: Processing necessary to provide the Service to you in accordance with our Terms of Service.
• Legitimate interests: Processing necessary for improving the Service, ensuring security, and understanding usage patterns, where these interests are not overridden by your rights.
• Consent: Push notifications are delivered only with your consent, which you can withdraw at any time through your device settings.

3. How we store your information

Server-side storage. Your device records, subscription records, tracked profile data, follower snapshots, follower change records, notification preferences, and daily usage logs are stored in a secure cloud database hosted by our infrastructure provider.

On-device storage. The following data is stored locally on your device:

• Search history, onboarding state, and locale preferences (in local storage)
• Session tokens (encrypted and stored in your device’s secure storage)

4. Third-party service providers

We use the following third-party services to operate the Service. Each provider processes data in accordance with their own privacy policies:

• Cloud infrastructure provider — Backend infrastructure, anonymous authentication, and database hosting. Receives device information and stores all server-side data.
• Instagram data provider — Instagram data retrieval. Receives Instagram usernames submitted for tracking. No personal information about Inspector users is transmitted to this service.
• Subscription management provider — Receives your anonymous user identifier, subscription status, and purchase receipts (via Apple or Google).
• Analytics provider — Receives your anonymous user identifier and app usage events.
• Push notification provider — Receives your push token and notification content.
• Apple App Store / Google Play Store — Payment processing for subscriptions. All payments are handled entirely by Apple or Google. We never receive or store your payment card details.

5. Data retention

• Daily usage records are automatically deleted after 7 days.
• All other server-side data is retained for as long as your account exists.
• Account deletion: You can delete your account at any time through the App settings. When you delete your account, all associated data is permanently removed, including: device records, tracked profiles, subscription records, follower snapshots, follower change records, notification preferences, and scheduled jobs.
• Local data: Data stored on your device (search history, cached files) is removed when you uninstall the App or clear app data manually.

Please note that deleting the App does not automatically delete your account and server-side data. To delete all data, you must use the account deletion feature within the App.

6. Data security

We take reasonable measures to protect your information:

• Session tokens are encrypted and stored in your device’s secure storage
• Anonymous authentication means there are no passwords that could be compromised
• All data is transmitted over HTTPS/TLS encrypted connections
• Server-side data is protected by our infrastructure provider’s security measures

While we strive to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security of your data.

7. International data transfers

Our third-party service providers may process data in the United States and other countries. If you are located in the EEA or UK, your data may be transferred to countries that may not provide the same level of data protection as your home country.

Where required, we ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses approved by the European Commission. For more information about Standard Contractual Clauses, please see the European Commission website.

8. Your rights

Depending on where you reside, you may have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your information
• Object to or restrict certain processing of your information
• Request portability of your information to another service provider
• Withdraw consent where processing is based on your consent

To exercise any of these rights, please contact us at support@inspector.social. Please note that since we use anonymous authentication, our ability to verify your identity may depend on information associated with your device or account.

9. Children's privacy

General age limitation. The Service is not intended for children under 13 years of age. We do not knowingly collect information from anyone under 13. If you are under 13, please do not use the Service. If you are a parent or guardian and believe your child under 13 has used the Service, please contact us at support@inspector.social and we will take steps to remove any associated data.

EEA/UK individuals. If you are in the EEA or UK, you must be at least 16 years old to use the Service. If you are aware of anyone under 16 using the Service in the EEA or UK, please contact us at support@inspector.social, and we will take the required steps to remove any data associated with that person.

10. Push notifications

We use push notifications to alert you about changes to the Instagram profiles you track (such as new followers, new posts, stories, or reels). You can enable or disable push notifications at any time through your device settings. You can also configure notification preferences for individual tracked profiles within the App.

11. Changes to this privacy policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the App or on our Website. The “Last Updated” date at the top of this page indicates when this Privacy Policy was last revised. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

12. Contact

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at support@inspector.social or visit inspector.social.

13. Your EEA & UK data privacy rights

This section provides additional disclosures for individuals in the European Economic Area (EEA) and the United Kingdom (UK) under the General Data Protection Regulation (GDPR) and the UK GDPR.

Data controller. The data controller is the independent developer operating Inspector, contactable at support@inspector.social.

Legal bases for processing. We process your data as described in Section 2 above, relying on contract performance, legitimate interests, and consent as applicable.

Your data subject rights. Under GDPR, you have the following rights:

• Right of access — request copies of your personal data.
• Right to rectification — request correction of inaccurate or incomplete personal data.
• Right to erasure — request deletion of your personal data in certain circumstances.
• Right to restrict processing — request that we limit how we use your personal data.
• Right to data portability — request transfer of your personal data to another provider.
• Right to object — object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent — withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
• Right to lodge a complaint — you have the right to lodge a complaint with your local data protection authority. See the list of EU supervisory authorities here, and the UK’s Information Commissioner’s Office (ICO) here.

To exercise any of these rights, please contact us at support@inspector.social. We will respond to your request within one month. If we need additional time, we will inform you of the reason and the expected timeframe. Please note that these rights are not absolute, and we may be entitled to refuse requests where exceptions apply.

14. Your California privacy rights

This section provides additional disclosures for California residents under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

Categories of personal information collected. We collect the following categories of personal information as defined by the CCPA:

• Identifiers: Device UUID, push notification token
• Internet or electronic network activity: App usage data, analytics events, feature interactions
• Commercial information: Subscription status and product identifiers

We do not sell your personal information. We have not sold personal information in the preceding 12 months and do not sell personal information.

We do not share personal information for cross-context behavioral advertising.

Your rights under CCPA. As a California resident, you have the right to:

• Right to know — request information about the categories and specific pieces of personal information we have collected about you.
• Right to delete — request deletion of your personal information.
• Right to correct — request correction of inaccurate personal information.
• Right to opt-out of sale — not applicable, as we do not sell personal information.
• Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights.

To exercise your rights, please contact us at support@inspector.social. Please note that since Inspector uses anonymous authentication, our ability to verify your identity for CCPA requests is limited to information associated with your device or account identifier.

Do Not Track. We do not respond to Do Not Track browser signals as there is no industry standard for compliance.