Privacy Policy

Effective date: 1 April 2026 · Last updated: 1 April 2026 · Version: 1.0

This privacy policy is a working template under legal review. Final wording will be confirmed by counsel before public app store launch. The substantive commitments below — no tracking, no profiling, no data sales — are firm.

1. Who we are

Instaday is operated by the Instaday team (provider details published here once the legal entity is registered). For privacy questions, contact privacy@instaday.app.

Instaday is a hosting service under the EU Digital Services Act. It is operated from the European Union and follows the GDPR (Regulation 2016/679), the ePrivacy Directive, and the Digital Services Act (Regulation 2022/2065). For users in California, we follow the CCPA / CPRA equivalents.

2. The short version

We do not run any third-party trackers or advertising scripts.
We do not build a behavioural profile of you.
We never sell or share your data for advertising purposes.
Search queries are processed without being tied to your identity.
You can delete everything we store about you with one tap in Settings.

3. What data we process

3.1 On your device only

The mobile app stores the following on your device, encrypted by the operating system keystore (Keychain on iOS, EncryptedSharedPreferences on Android). This data never leaves your device:

Your selected language (en / fr / ro / de)
Whether you have completed onboarding
Your consent timestamp
Whether biometric lock is enabled

3.2 On our servers (transient)

When you search a topic in the app, the topic text is sent to our servers in the European Union. We process it as follows:

The topic is converted into a vector embedding using a model running on Cloudflare Workers AI infrastructure within the EU.
The embedding is used to search a database of public news fragments we have already ingested from RSS feeds and the Bluesky public firehose.
The matching fragments are passed to an AI model (Google Gemini 2.0 Flash, or Groq Llama 3.3 as a fallback) to identify narrative clusters.
The resulting Veracity Map is sent back to your device.

We do not log your IP address against your search query, do not generate a user identifier for searches, and do not store the content of your individual queries beyond the cache TTL needed to serve recent identical searches faster.

3.3 Beta waitlist (the only personal data we store)

If you sign up for beta access on our landing page, we store:

Your email address (required)
Your preferred language (en / fr / ro / de)
The timestamp of your consent

We use this data only to send you a single launch notification. We never use it for marketing, never share it with third parties, and never correlate it with any in-app behaviour. The waitlist count is reported in aggregate in our monthly transparency report.

Right to erasure (GDPR Article 17): to remove your email from the waitlist, use the erasure form on the home page with the email you signed up with. We send a confirmation link to that address (magic-link, 24-hour expiry, single use). Clicking the link soft-deletes your record immediately, and hard deletion occurs within 30 days. If you do not receive the confirmation email, contact privacy@instaday.app for manual handling — we respond within the GDPR Article 12 deadline of 30 days.

3.4 What we never collect

Your name, email, phone number — unless you explicitly contact support
Your contacts, calendar, photos, location
Device advertising identifiers (IDFA, GAID)
Behavioural patterns, time-on-screen, scroll heatmaps
Cross-site tracking signals

4. Legal basis for processing

Under GDPR Article 6, we rely on the following bases:

Article 6(1)(a) — consent: You explicitly consent during onboarding before any topic is processed.
Article 6(1)(b) — performance of a contract: To deliver the search synthesis you request.
Article 6(1)(f) — legitimate interest: Operating an aggregator of public news in the public interest, balanced against minimal privacy impact.

5. Your rights under GDPR

Access (Art. 15): Request a copy of any data we hold tied to you. Because we do not maintain user accounts during MVP, this will typically return a confirmation that no personal data exists.
Rectification (Art. 16): Correct inaccurate data.
Erasure (Art. 17): Delete everything stored locally on your device with one tap in Settings → Delete my account. Server-side, we have nothing keyed to your identity to delete.
Restriction (Art. 18): Restrict processing.
Portability (Art. 20): Export local app data as JSON via Settings → Export my data.
Objection (Art. 21): Object to processing based on legitimate interest.
Lodge a complaint: With your national data protection authority. For users in France: CNIL (cnil.fr). In Romania: ANSPDCP (dataprotection.ro).

To exercise any right, contact privacy@instaday.app. We respond within 30 days as required by GDPR Article 12.

6. Data retention

Search topics: not persisted with any user identifier; transient cache up to 1 hour for performance.
Aggregated public news fragments: 30 days, then deleted.
Veracity Maps: 7 days for caching, then deleted.
Beta waitlist emails: until launch notification is sent + 30 days, OR until you request erasure (whichever is sooner). After hard deletion, only an aggregate count remains in the transparency report.
DSA Article 14 notices: 5 years for legal record-keeping.
Support emails: until the conversation is resolved + 12 months.

7. International transfers

Our infrastructure runs on Cloudflare Workers (EU edge locations) and Neon Postgres (EU region). Some AI inference may route through Google Cloud Europe (Gemini Flash) or Groq Cloud (US). Where data is sent outside the EEA, we rely on the European Commission's Standard Contractual Clauses (Module Two: controller-to-processor).

8. Children

Instaday is not directed at children under 13 (under 16 in certain EU member states under GDPR Article 8). We do not knowingly process children's data.

9. California residents (CCPA / CPRA)

If you reside in California, you have the rights to know, to delete, to correct, to opt out of sale or sharing, and to limit use of sensitive personal information. We do not sell or share personal information for cross-context behavioural advertising, so the opt-out is moot — but you can still confirm by emailing privacy@instaday.app.

10. Changes to this policy

We will update this policy as needed and bump the version. Material changes will be announced in-app with a re-consent prompt.

← Back to legal hub