BetaVersão beta do site. Dúvidas ou sugestões — escreva para support@wowpostio.com
WowPostio AI
Começar grátis
Esta página está disponível em inglês

Para evitar erros de tradução em um texto jurídico, mantemos apenas a versão em inglês. A versão em inglês é a única juridicamente vinculante.

Privacy Policy

Last updated: 16 мая 2026 г.

This Privacy Policy explains how WowPostio AI («WowPostio», «we», «us») collects, uses, stores, shares and protects personal data when you use our website and the WowPostio AI service («Service»). By using the Service, you agree to the practices described below.

1. Who we are

WowPostio AI is a SaaS that helps small and medium businesses plan, generate and publish content for their official Instagram Business or Creator accounts via the Instagram Graph API. We are the data controller for personal data collected through the Service.

Contact for privacy matters: privacy@wowpostio.com.

2. Data we collect

2.1. Account data (provided by you)

  • Name, email, password hash
  • Business profile (name, niche, language, target audience)
  • Optional reference photos that you choose to upload (logo, brand assets, personal photos for AI-generated avatars)
  • Billing data processed by our payment provider (Stripe)

2.2. Data from Instagram (via official Graph API)

When you connect your Instagram Business or Creator account, we receive only the data that you explicitly authorise via Meta’s consent screen. This may include:

  • Instagram account ID, username, profile picture, biography
  • Posts, captions, media URLs you publish through the Service
  • Aggregated insights (reach, impressions, engagement) for your own posts and account
  • Comments on your own posts and direct messages initiated by users to your Business inbox (used solely to display them in WowPostio and to help you draft replies — we never auto-reply, auto-DM, auto-follow, auto-like or perform any other automated action prohibited by Meta’s Platform Terms)

We do not collect data from your followers’ private profiles, do not scrape Instagram, and do not access any data beyond the scopes you grant.

2.3. Technical data (collected automatically)

  • IP address, browser, device, OS
  • Pages visited, actions taken, timestamps
  • Cookies and similar technologies (essential + analytics)

3. How we use your data

  • To provide and operate the Service
  • To generate AI content (text, images, video, voiceover) on your behalf using third-party AI providers (see §5)
  • To publish content to your connected Instagram account when you schedule or approve a post
  • To bill you and process payments
  • To send transactional and product update emails
  • To improve the Service, debug issues and prevent abuse
  • To comply with legal obligations

We do not sell your personal data and do not use data obtained from Meta to train AI models.

4. Legal bases (GDPR / LGPD)

  • Performance of contract — to deliver the Service you subscribed to
  • Consent — for connecting your Instagram account, for marketing emails, for non-essential cookies
  • Legitimate interest — for product analytics, security, fraud prevention
  • Legal obligation — for tax, accounting, regulatory requests

5. Sharing with third parties (sub-processors)

We share the minimum data needed with vetted sub-processors. Each is bound by a Data Processing Agreement.

  • Meta Platforms, Inc. — Instagram Graph API for publishing and insights
  • OpenAI, Anthropic (Claude), Google (Gemini) — AI generation of text, images and prompts. Only the data needed for the specific request is sent; outputs are returned and stored on our side
  • HeyGen, ElevenLabs, fal.ai — generation of avatars, voiceovers and video
  • Supabase (managed Postgres + Storage) — primary database and file storage
  • Stripe — payment processing
  • Vercel / Inngest — application hosting and async job processing

6. International data transfers

Some sub-processors are located outside your country (primarily in the EU and the United States). Transfers are protected by Standard Contractual Clauses or equivalent safeguards.

7. Data retention

  • Account data — for the lifetime of your account
  • Posts, generated media, drafts — until you delete them or your account
  • Instagram tokens — until you disconnect Instagram or revoke access via Instagram → Apps and Websites
  • Billing records — as required by tax law (typically up to 7 years)
  • Technical logs — up to 90 days

After account deletion, all personal data is permanently removed from our active systems within 30 days, except where law requires longer retention.

8. Your rights

You can at any time:

  • Access, correct or export your data
  • Delete your account and all associated data
  • Withdraw consent (e.g. disconnect Instagram)
  • Object to or restrict processing
  • Lodge a complaint with your local data protection authority

See our Data deletion instructions for the step-by-step process. For other requests, contact privacy@wowpostio.com.

9. Security

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256 via our cloud providers). Access to production systems is limited to authorised personnel and protected by 2FA. We never store plain-text passwords or full payment card numbers.

10. Children

The Service is not directed to anyone under 16. We do not knowingly collect data from children. If you believe we have, contact us and we will delete it.

11. Changes to this policy

We may update this policy from time to time. Material changes will be announced by email or in-product notice at least 30 days in advance.

12. Contact

Privacy questions and rights requests: privacy@wowpostio.com.

This document is provided in English to satisfy Meta App Review requirements. A localised version (RU / PT-BR / ES) is available on request.