Privacy Policy

“Service” means the IGSave website and tools. “Administration” / “we” means the operator of the Service. “Personal data” means any information that identifies or can identify you. “Processing” means any operation performed on personal data. “Cookies” are small files stored on your device.

Using the Service implies acceptance of this policy. We are not responsible for the content or privacy practices of third-party sites linked from the Service.

• Links you submit. The Instagram URL you paste, the detected content type, and processing status — stored temporarily to return your result and history.
• Account data (optional). Email address and display name. Passwords are stored only as a salted bcrypt hash, never in plain text.
• Payment data (paid plans). Card payments are handled by our payment processor. We do not receive or store full card numbers; we may retain limited details such as the card brand, last four digits, and expiry to identify your transactions.
• Technical data. A one-way hashed IP address, browser user-agent, and approximate region used to enforce rate limits and prevent abuse. We do not store your raw IP address.

• To process your request and deliver the requested media links.
• To create and maintain your account and download history.
• To process payments and manage subscriptions for paid plans.
• To enforce rate limits, detect abuse, and protect the Service.
• To send transactional emails (verification, password reset, billing notices).
• To send marketing communications, only where you have consented (you can opt out anytime).

We do not sell your personal data.

We use a strictly necessary session cookie to keep you signed in. Disabling cookies may prevent parts of the Service from working. We do not use advertising cookies.

We share data only as needed to operate the Service, with providers including: a payment processor (billing), an Instagram data provider via RapidAPI (media retrieval), Resend (transactional email), and our hosting, database, and queue infrastructure. These providers process data only to perform their function.

Download jobs and their media links are deleted automatically within 24 hours. Account and billing records are retained for as long as your account is active or as required for legal, tax, and accounting purposes.

Depending on your location (including under GDPR and CCPA), you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at support@igsave.app.

We use industry-standard measures — including encryption in transit and hashed passwords — to protect your data. No method of transmission or storage is fully secure; we will notify affected users of a data breach as required by law.

We may update this policy; changes take effect when posted. For disputes, we ask that you contact us first so we can try to resolve the matter before any formal proceedings.

Questions about this policy? Email support@igsave.app or visit our contact page. See also our DMCA / Content Notice.