Pamosnik← Home

Privacy Policy

Effective date: June 1, 2026

Pamosnik (“Pamosnik”, “we”, “us”) provides a software platform that lets businesses build automated Instagram Direct Message and comment workflows. This Privacy Policy explains what data we collect, why we collect it, how long we keep it, and the choices you have. It applies to our website and to the Instagram automation service.

1. Who is the data controller

The service is operated by Pamosnik. For privacy questions or requests you can contact us at privacy@pamosnik.com.

2. Data we collect

  • Account data: your name, email address, and a hashed password used to create and secure your Pamosnik account.
  • Instagram data (via the Meta / Instagram API): when you connect an Instagram Business account, we receive the connected account’s ID and username, the content of incoming direct messages and comments sent to your account, and the sender’s Instagram-scoped ID. We use this strictly to run the automations you configure.
  • Automation configuration: the flows, triggers, messages, tags, and custom fields you create.
  • Technical data: log data such as timestamps and event identifiers needed to deliver messages reliably and to debug.

3. How we use data

  • To send and receive Instagram messages on behalf of your account, only as instructed by your automations.
  • To reply to comments on your posts when they match your configured triggers.
  • To display analytics (delivery, clicks, completions) inside your dashboard.
  • To operate, secure, and improve the service.

We do not sell personal data, and we do not use message content for advertising or to train third-party models.

4. Legal basis

We process data to perform our contract with you (providing the service), based on your consent (when you connect an Instagram account), and based on our legitimate interest in operating and securing the platform.

5. Data sharing

We share data only with infrastructure providers that help us run the service (hosting, email delivery) under appropriate confidentiality and data-processing terms, and with Meta Platforms as required to send and receive messages through the Instagram API. We may disclose data if required by law.

6. Data retention

We keep account and automation data for as long as your account is active. Message and event logs are retained only as long as needed to operate your automations and analytics, and are then deleted or anonymized. When you delete your account or disconnect your Instagram account, the associated data is deleted as described in our Data Deletion Policy.

7. Data security

Passwords are stored using PBKDF2 hashing. Access tokens are stored securely and are never returned in plain text through our API. Connections are served over HTTPS, and access to tenant data is isolated per account.

8. Your rights

Depending on your location, you may have the right to access, correct, export, or delete your personal data, and to withdraw consent. To exercise these rights, contact privacy@pamosnik.com or follow the steps in our Data Deletion Policy.

9. Children

The service is not directed to individuals under the age of 18 and we do not knowingly collect their data.

10. Changes to this policy

We may update this policy from time to time. We will post the updated version on this page and revise the effective date above.

11. Contact

Questions about this policy? Email privacy@pamosnik.com.