Home

Privacy Policy

Last updated: May 31, 2026

We respect your privacy. This policy explains what data Qirevo collects, why we use it, and your rights.

1. Data controller

Data controller: Qirevo (qirevo-production.up.railway.app). Privacy requests: support@qirevo.pro.

2. Data we collect

Qirevo account: email, optional name, password hash, plan, subscription dates.

Subscription and billing data: plan status, transaction IDs, and billing metadata from our payment provider. Full card details are processed only by the provider; Qirevo does not store them.

Public Instagram @username (optional): handle, niche, aggregated stats and open-profile information — no Instagram password.

Instagram via Meta OAuth (when available): account ID, username, access tokens, and data needed for enabled features.

Technical data: session cookies, IP, request logs for security.

3. Public Instagram data

If you enter a @username without Meta login, we request only information Instagram shows visitors of a public (non-private) profile: e.g. follower count, bio, public posts, and metrics available without logging in.

Legal basis (GDPR): contract performance (analytics you requested) and legitimate interests (service operation and security). You confirm you own the profile or are authorized to monitor it.

Private profiles are not supported. We do not access DMs, passwords, or login-only data without official Meta OAuth.

We use Apify as a processor to fetch public data. We send minimal data (username and query parameters); see apify.com/privacy-policy. Results are stored in our database (Railway/PostgreSQL) linked to your Qirevo account.

You can remove a linked @username in Instagram accounts — related aggregated data will be deleted within a reasonable time.

4. How we use data

We use data to provide and improve the service, authenticate users, enforce plan limits, manage subscriptions and auto-renewal cancellation, support customers, and comply with law.

Text generation uses Anthropic's API; prompts and shop settings may be sent without customer PII unless you include it.

5. Third-party sharing

Processors: Polar (or other Merchant of Record / payment provider) — payments, invoices, and taxes; Anthropic/OpenAI (generation), Apify (public Instagram data by @username), Meta/Instagram (OAuth), Railway (hosting & PostgreSQL).

Transfers outside the EEA (e.g. USA) may rely on Standard Contractual Clauses (SCC) or other GDPR mechanisms.

We do not sell personal data. Disclosure may occur when required by law or to protect rights and safety.

6. Retention

Account data is kept while the account is active. After deletion we remove or anonymize within a reasonable time unless law requires retention.

Revoke Instagram tokens via Meta or disconnect in Qirevo.

7. Your rights

Depending on your location you may request access, correction, deletion, restriction, or portability. Email support@qirevo.pro — we respond per GDPR and local law timelines.

You may lodge a complaint with your data protection authority.

8. Security

We use HTTPS, password hashing, and access controls. No internet transmission is 100% secure.

9. Children

The service is not directed at children under 16. We do not knowingly collect children's data.

10. Policy changes

Updates are posted on this page. Significant changes will be notified by email or in-app when possible.

11. Contact

support@qirevo.pro for privacy and data requests.

12. Trademarks

Instagram, Facebook, and Meta are trademarks of Meta Platforms, Inc. Qirevo is not affiliated with or endorsed by Meta. Mentions are for integration and public-profile analytics only.

Need help?

For billing, account access, or privacy requests, email us — we respond within a reasonable time.

support@qirevo.pro