Directino

Privacy Policy

How we collect, use, and protect your information when you use our Instagram automation tools.

Last updated: 2025-12-21
Print Copy link

This Privacy Policy explains how Directino ("we", "us", or "our") collects, uses, stores, and shares information when you use our platform to manage and automate Instagram pages. We build on the official APIs provided by Meta (e.g., Instagram Graph API) and comply with Meta’s Platform Policies. We never sell personal data and we do not use your data for purposes unrelated to providing and improving our services.

Who we are

Directino is a platform designed to help creators and businesses manage their Instagram presence more efficiently by offering tools such as message/comment workflow automation and interactive messaging features via Meta’s official APIs.

Information we collect

We only collect information necessary to provide our services and only with your explicit permission. This may include:

  • Account and profile information: Basic Instagram Business/Creator account details and connected Page info available via the Instagram Graph API, such as account ID, username, profile name, profile picture URL.
  • Content and insights: Comment IDs and texts (where available), message metadata needed to route and respond (e.g., sender ID, recipient ID, timestamps), and media identifiers used to process comment-based automation.
  • Contact information: Email address or other contact details that you provide to us for account management and communications.
  • Technical information: Device, browser, log data, and IP address collected to maintain security, prevent abuse, and improve performance.
  • Access tokens: OAuth tokens issued by Meta that allow our platform to perform actions you authorize. We do not collect your Instagram password.

How we use your information

  • To provide, maintain, and improve our services and features.
  • To perform only the actions you explicitly authorize via permissions granted to our app on Meta platforms.
  • To display and manage automation configurations and the operational information needed to run them (e.g., connected account details, triggers, and message/comment workflows).
  • To communicate with you about updates, security notices, and support.
  • To enforce our Terms of Service and prevent misuse or abuse.

Our use of Meta's APIs

We integrate with Meta’s official APIs (including the Instagram Graph API). Our access is limited to scopes that you explicitly grant. We use tokens and endpoints in accordance with Meta’s policies, and we do not request or retain data beyond what is necessary to provide the services you choose to use.

Data minimization and retention

  • We store only the minimum data required to deliver the services.
  • Access tokens are stored securely and are rotated/expired per Meta’s policies. Invalid or revoked tokens are removed.
  • Operational data (e.g., logs) are retained only as long as needed for security, troubleshooting, and compliance, then securely deleted or anonymized.
  • You may request deletion of your account data at any time (see “Your rights and choices”).

Security measures

We implement appropriate technical and organizational measures designed to protect your information, including encryption in transit (HTTPS/TLS), strict access controls, and secure secret management. While no system can be 100% secure, we continuously work to protect your information against unauthorized access, alteration, disclosure, or destruction.

Data sharing and processors

We do not sell your personal information. We may share limited data with trusted service providers who process data on our behalf (e.g., hosting, analytics, error monitoring) under binding contracts and only for the purposes described in this policy. We may also disclose information if required by law, regulation, or a valid legal process.

International transfers

Your information may be processed and stored in countries other than your country of residence. Where applicable, we implement safeguards to ensure your data is protected in accordance with relevant laws.

Your rights and choices

  • Access and correction: You can request a copy of your data or ask us to correct inaccurate information.
  • Deletion: You can request deletion of your account data. Upon verification, we will delete the data we hold, except where retention is required by law.
  • Revoke permissions: You can revoke our access to your Instagram account at any time via your Facebook/Instagram account settings.
  • Opt-out of communications: You can opt out of non-essential communications by following the unsubscribe instructions or contacting us.

How to request data deletion

Data Deletion

You can delete your Directino account at any time from Settings → Profile. Account deletion permanently deletes your Directino account and all associated data we store (including connected Instagram account records and access tokens, automation configurations such as Triggers/Auto Replies/Interactive Messages, and related uploaded files), except where retention is required by law.

Children’s privacy

Our services are intended for use by businesses and individuals aged 16+ and are not directed to children. We do not knowingly collect personal information from children.

Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version with a new “Last updated” date. If changes are material, we may provide additional notice as required by law.

Contact us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Back to top ↑

Instagram and Meta are trademarks of Meta Platforms, Inc. This policy applies to Directino and not to third-party platforms.