Політика конфіденційності

This Privacy Policy explains how the independent developer of Inspector (“we”, “us”, “our”) handles information across the Inspector website at inspector.social (the “Website”) and the Inspector mobile app (the “App”), together the “Service”. By using the Service, you agree to this policy.

The Website and the App work differently, so the sections below are split by the one you use. If you only browse stories on the Website, the Website section is what applies to you. Individuals in the EEA/UK should also read Your EEA & UK rights; California residents should read Your California rights.

Using the website (the story viewer)

The Website lets you view and download public Instagram content anonymously. It is built so that we never need to know who you are.

• No account, no login. The Website never asks you to sign in, and we don’t create or hold a profile of you.
• Searches aren’t tied to you. When you look up a username, we send it to our data provider only to fetch that profile’s public content. We don’t keep a per-user history of who you searched for or whose stories you viewed.
• Media is proxied. Images and videos load through our server instead of directly from Instagram, so your browser isn’t exposed to Instagram’s servers. We don’t store the media we pass through.
• On-device preferences. Small settings such as your light/dark theme and the story player’s sound choice are stored in your browser’s local storage. They never leave your device, and clearing your browser data removes them.
• Technical logs. As on most websites, our servers may keep short-lived technical records (such as IP address and request type) to keep the Service secure and prevent abuse. These aren’t used to build a profile of you or a history of your activity.

Cookies, analytics & advertising

The Website uses cookies and similar technologies for analytics and advertising:

• Analytics & telemetry. We collect aggregate usage and performance data — such as pages viewed, device and browser type, approximate region, and error reports — to understand how the Website is used and to improve it.
• Advertising. The Website shows ads through third-party advertising partners. These partners may use cookies and similar identifiers to deliver and measure ads, including personalized (interest-based) advertising, and may combine this with data they hold from other websites.

Your choices. In the EEA and UK, non-essential analytics and advertising run only after you agree through our cookie banner, and you can change or withdraw that consent at any time. You can also manage ad personalization through Google’s Ads Settings and industry opt-out tools such as Your Online Choices (EU) and the DAA opt-out (US).

Using the mobile app

The App adds tracking and alerts for the profiles you follow, so it collects more than the Website to provide those features:

• Anonymous authentication. Your account is created with an anonymous identifier (a UUID assigned on first launch). No email, password, phone number, or social login is required.
• Device & usage data. Platform (iOS/Android), app version, language, and analytics events (such as feature interactions and searches), associated with your anonymous identifier.
• Push tokens. If you enable notifications, your push token is collected to deliver alerts about the profiles you track.
• Subscription status. We receive your subscription status, product identifiers, and expiry from our subscription provider. We never receive or store your payment card or billing details.
• Tracked profiles. For each Instagram profile you add, we store its public data (username, name, profile picture, follower/following/post counts, follower and following lists, and metadata about posts, reels, and stories). This is data about the tracked profile, not about you.
• Derived insights. We generate follower-change records (new followers, unfollowers) by comparing periodic fetches, and infer likely gender from the first names in public follower/following lists for demographic display. No personal data about you is processed for this.
• On your device. Search history and onboarding state are kept in local storage; session tokens are encrypted in secure device storage.

The App shows no ads and doesn’t use advertising identifiers (IDFA / Google Advertising ID).

Information we never collect

• Your email, real name, or phone number
• Your Instagram login credentials
• Location, camera, contacts, or microphone access

How we use information

• To provide and operate the Service — fetching public Instagram content and, in the App, tracking profiles and sending alerts
• To process App subscriptions and manage access to premium features
• To run analytics and show advertising on the Website, and to measure their performance
• To keep the Service secure, prevent abuse, and fix problems
• To understand usage and improve the Service
• To comply with applicable legal obligations

For EEA/UK users, we rely on these legal bases: contract performance (providing the Service under our Terms), legitimate interests (security and improvement, balanced against your rights), and consent (App push notifications, and non-essential cookies for Website analytics and advertising — which you can withdraw at any time).

Third-party providers

We rely on a small number of providers, each governed by its own privacy policy:

• Cloud infrastructure — hosting, the media proxy, anonymous authentication, and databases.
• Instagram data provider — retrieves public Instagram data. It receives the usernames looked up; it does not receive personal information about you.
• Analytics provider (Website & App) — receives usage and telemetry data to measure and improve the Service.
• Advertising partners (Website) — third-party ad networks that may set cookies and process online identifiers and activity to deliver and measure ads.
• Bot protection & rate limiting (Website) — the Website uses Cloudflare Turnstile and rate limiting to block spam, scraping, and abuse — on the contact and profile-removal forms, and on profile search when automated activity is detected. To tell humans from bots and bound request volume, this processes client signals such as IP address and User-Agent; the IP address is used only transiently and is not stored in a form that identifies you. See Cloudflare’s Turnstile Privacy Addendum.
• Subscription provider (App) — receives your anonymous identifier and subscription status.
• Push provider (App) — receives your push token and notification content.
• Apple App Store / Google Play — handle all subscription payments. We never receive your card details.

Data retention

• Website: we don’t keep a history of your searches or views. Technical security logs are short-lived; analytics and advertising data are retained by those providers under their own policies; on-device preferences last until you clear your browser.
• App: we keep server-side data only as long as it’s needed to operate the App and while your account exists.
• Account deletion (App): you can delete your account in the app settings, which permanently removes your device record, tracked profiles, snapshots, change records, subscription records, and notification preferences. Deleting the app alone does not delete server-side data.

Security

All traffic is served over encrypted HTTPS/TLS. App session tokens are encrypted in secure device storage, and anonymous authentication means there are no passwords to be compromised. No method of transmission or storage is ever completely secure, so we can’t guarantee absolute security.

International data transfers

Our providers may process data in the United States and other countries. If you are in the EEA or UK, your data may be transferred outside your country; where required, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses.

Your rights

Depending on where you live, you may have the right to access, correct, delete, port, or restrict your personal information, or to object to or withdraw consent for certain processing. To exercise any of these, email support@inspector.social. Because we use anonymous identifiers, verifying your identity may depend on information tied to your device or account.

Children

The Service is not intended for children under 13 (or under 16 in the EEA/UK), and we don’t knowingly collect their information. If you believe a child has provided us data, contact support@inspector.social and we will remove it.

Changes to this policy

We may update this policy from time to time. Material changes will be noted here, and the “Last updated” date above reflects the latest revision. Continued use of the Service after a change means you accept it.

Contact

Questions about this policy or our data practices? Email support@inspector.social.

Your EEA & UK rights

For individuals in the European Economic Area and the United Kingdom, under the GDPR and UK GDPR: the data controller is the independent developer operating Inspector, reachable at support@inspector.social. We process data on the bases described under “How we use information”.

You have the rights of access, rectification, erasure, restriction, portability, objection, and withdrawal of consent, and the right to lodge a complaint with your local supervisory authority (the EU authorities or the UK ICO). We aim to respond within one month. These rights are not absolute, and exceptions may apply.

Your California rights

For California residents, under the CCPA/CPRA, the categories of personal information we may collect are identifiers (such as online and cookie identifiers on the Website, and a device UUID and push token in the App), internet activity (usage and analytics events), and commercial information (App subscription status).

Because the Website shows third-party interest-based ads, we may “share” — and, as those terms are defined under California law, potentially “sell” — online identifiers and internet-activity information with advertising partners for cross-context behavioral advertising. You have the right to opt out: use the cookie controls on the Website to turn this off. We do not knowingly sell or share the personal information of consumers under 16.

You also have the right to know, delete, and correct your information, and not to be discriminated against for exercising your rights. To make a request, email support@inspector.social.