Privacy Policy

1. Scope and Applicability

This Privacy Policy applies to personal information we process in connection with the Services, including information from users who connect Instagram Business accounts and users who integrate third-party customer relationship management ("CRM") systems.

2. Information We Collect

Information you provide directly

• Account registration information (such as name, email address, and account credentials).
• Business profile information and preferences you provide in the platform.
• Content inputs, drafts, and prompts you submit for content creation.
• Billing and subscription information processed through our payment providers.

Information from connected services

• Instagram Business account information obtained through Meta's official Instagram Graph API after OAuth authorization, including account identifiers, basic profile metadata, posts, and comments/engagement data permitted by granted scopes.
• CRM data fields and statuses from supported integrations (for example, Follow Up Boss, KW Command, Salesforce, HubSpot, and similar CRM providers) when you choose to connect those services.

Automatically collected information

• Device, log, and analytics information (such as IP address, browser type, timestamps, and feature usage events).
• Service performance and diagnostic information for security, reliability, and troubleshooting.

3. Instagram Graph API and OAuth Disclosures

• We connect to Instagram Business accounts via OAuth using Meta's official APIs only.
• We store access tokens securely in encrypted form and limit token access to authorized systems and personnel.
• We retrieve engagement data, including comments and basic metadata, to help agents monitor and respond to leads.
• We use engagement data to support follow-up workflows, including optional CRM lead creation and task routing.
• We do not access personal messages beyond the permissions granted by Meta APIs and your authorization.
• We do not scrape social media data and we are not a data broker.
• Users can disconnect their social account at any time in product settings, which revokes ongoing access.

4. How We Use Personal Information

• Provide, operate, and maintain the Services.
• Generate captions and content suggestions using secure Azure OpenAI services.
• Publish or schedule content on your behalf at your direction.
• Retrieve and analyze comments for engagement tracking and intent detection.
• Create or update CRM records and follow-up workflows when enabled by you.
• Process subscriptions, provide support, and communicate service updates.
• Improve service quality, enforce terms, and protect against misuse and fraud.

5. Legal Bases and U.S. Privacy Compliance

We process personal information as needed to provide the Services you request, for legitimate business purposes such as security and product improvement, to comply with legal obligations, and where required, with your consent.

We comply with applicable U.S. privacy laws, including state privacy laws that provide CCPA-style rights. We do not sell personal information and do not share personal information for cross-context behavioral advertising.

6. Your Rights

Subject to applicable law, you may have the right to:

• Know whether we process your personal information and access a copy of it.
• Request correction of inaccurate personal information.
• Request deletion of personal information we hold about you.
• Request portability of certain information.
• Opt out of certain processing where required by law.
• Receive non-discriminatory treatment for exercising privacy rights.

To exercise your rights, email support@moderncue.com. We may verify your identity before processing requests.

7. Data Retention

We retain personal information only as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, meet contractual commitments, and comply with legal, accounting, tax, audit, and regulatory requirements.

Depending on data type and legal obligations, certain records may be retained for up to ten (10) years for audit and compliance purposes.

8. Data Deletion and Account Disconnection

You may disconnect Instagram and other integrations at any time through your account settings. You may also request deletion of your account and associated data by emailing support@moderncue.com.

We process verified deletion requests within seven (7) days, except where limited retention is required by law or for legitimate compliance purposes.

See our Data Deletion Instructions page for request details.

9. Security Practices

• Encryption in transit using TLS and encryption at rest for stored data.
• Secure storage and handling of access tokens and credentials.
• Role-based access controls, least-privilege practices, and monitoring.
• Administrative, technical, and organizational safeguards designed to protect personal information.

No method of transmission or storage is completely secure, but we maintain safeguards appropriate for a U.S. SaaS platform of our size and scope.

10. Third-Party Services

We use trusted service providers and integration partners to operate the Services, including:

• Meta / Instagram: social account authentication, publishing, and engagement data through official APIs.
• Microsoft Azure: hosting, infrastructure, storage, security tooling, and Azure OpenAI processing.
• CRM providers: user-enabled lead syncing and workflow integrations with third-party CRM platforms.

These third parties process information under their own terms and privacy notices where applicable, and only as necessary to deliver the requested functionality.

11. Children's Privacy

The Services are intended for users who are at least 13 years old. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information, contact support@moderncue.com and we will take appropriate action.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated policy with a revised "Last updated" date and provide notice through the Services or by other reasonable means.

13. Contact Us

For privacy or data requests, contact: support@moderncue.com.