Engagent ("the app") is operated by Ideal Intelligence, Muscat, Oman. This policy explains what data we process when you connect your Instagram professional account, and how to delete it.
Data we collect
App account — an anonymous or email-based Firebase account identifier; your email address if you create an account.
Instagram connection — your Instagram professional account ID, username, and account type, plus an access token granted through Meta's official login (stored server-side, never on your device or shared).
Posts & metrics — media captions, thumbnails, and performance metrics (reach, likes, comments, saves, shares) fetched from the Instagram API.
Comments — comment text, commenter usernames and timestamps on your posts, plus the categories, sentiment and reply drafts our system generates for them.
Business Brain — the business facts you enter (location, hours, prices, FAQ, brand voice) used to ground AI replies.
Activity log — a record of actions taken in your account (analyzed, replied, hidden, escalated) for your own audit trail.
How we use it
To categorize comments, generate insight reports, and draft or send replies you configure — the core service.
Comment text and your Business Brain content are processed by Anthropic's Claude API to generate classifications, drafts and reports. Anthropic does not train on this API data.
Data is stored in Google Firebase (Firestore / Cloud Functions, us-central1).
We use Firebase Analytics and Crashlytics for app stability and aggregate usage. We do not sell your data or use it for advertising.
Data retention & deletion
Data is retained while your account is connected.
In-app deletion: Settings → Delete Account permanently removes your connection, posts, comments, Business Brain, activity log and tokens.
Meta data-deletion callback: removing the app from your Instagram settings triggers Meta's data-deletion request, which we honor automatically. Status of a deletion request can be checked at deletion-status using the confirmation code returned to Meta.
We share data only with the processors that make the service work: Meta (Instagram API), Google (Firebase), and Anthropic (AI processing). No other third parties. We may disclose data if legally required.
Security
Access tokens are stored server-side and never exposed to other users; all traffic is encrypted in transit (HTTPS); Firestore security rules restrict every user's data to their own account.
Children
The service targets business use and is not directed at children under 13 (or the equivalent minimum age in your jurisdiction).
Changes
We will post updates to this page and update the effective date above.