← Back to home

Privacy Policy

Last updated : 10 June 2026

This Privacy Policy explains how SmartDM ("SmartDM", "we", "us"), operated by Manne and Co, collects, uses, stores and shares your personal data when you use our website and application (the "Service"). The Service lets Instagram Business and Creator accounts automate and manage their direct messages and comments. We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR) and the Meta Platform Terms and Developer Policies.

1. Who we are

The data controller is Manne and Co, 2T rue des grands fonds, 95240 Cormeilles-en-Parisis, France. For any privacy-related request you can contact us at privacy@caminotv.io.

2. Data we collect

2.1 Account data

When you create a SmartDM account we collect your email address, a hashed password (or your identity provider when you sign in with a social login), your display name, language preference and your team/workspace membership.

2.2 Instagram data accessed through Meta APIs

When you connect an Instagram Business or Creator account, you authorise SmartDM, through Meta's official OAuth login, to access certain data via the Instagram Graph API. Depending on the permissions you grant, this may include:

  • your Instagram public profile (username, account ID, profile picture, follower and media counts);
  • direct messages (conversations) sent to and from your account, including text and attachments, so we can display your inbox and send automated or manual replies;
  • comments on your posts and the public information attached to them, so we can display and reply to them;
  • your media (posts, stories) and their metrics/insights, so we can show content and engagement statistics;
  • access tokens issued by Meta, which we store securely to keep the connection active.

We only access the data needed to provide the features you use, and only while your account is connected.

2.3 Technical data

We collect limited technical data required to run the Service securely: IP address, browser type, log timestamps and strictly necessary session cookies. See our Cookie Policy.

3. How and why we use your data

  • Provide the Service, display your inbox, comments and content, and send automated or manual replies you configure.
  • Run your automations, trigger keyword replies, comment automations and conversation flows.
  • Account & security, authenticate you, prevent abuse and keep your data safe.
  • Support & communication, answer your requests and send essential service notifications.
  • Legal compliance, meet our legal obligations and the Meta Platform Terms.

We do not sell your personal data, and we do not use the content of your messages or comments for advertising or to train third-party models.

4. Legal bases (GDPR)

We process your data under the following legal bases: performance of a contract (providing the Service you signed up for), your consent (connecting your Instagram account and granting permissions, which you can withdraw at any time), legitimate interests (securing and improving the Service) and legal obligations.

5. Use of Meta Platform data

Our use and transfer of information received from Meta APIs adheres to the Meta Platform Terms and Developer Policies, including the Limited Use requirements. We access Instagram data solely to provide the features described above, store it only as long as necessary, and never share it for purposes incompatible with this Policy.

6. Sharing and sub-processors

We share data only with parties that help us operate the Service, under appropriate safeguards:

  • Meta Platforms, Inc., to interact with the Instagram Graph API on your behalf;
  • Hosting provider (IONOS SARL), to store and serve the application;
  • Email/transactional providers, to send account and service emails.

We may also disclose data where required by law.

7. Data retention

We keep your account data for as long as your account is active. Instagram data (messages, comments, profile, tokens) is retained while your account is connected and is deleted when you disconnect the account or close your SmartDM account, except where a longer period is required by law. See our Data Deletion Instructions.

8. Your rights

Under the GDPR you have the right to access, rectify, erase, restrict and port your data, to object to certain processing, and to withdraw consent at any time. You can exercise these rights from your account settings or by emailing privacy@caminotv.io. You also have the right to lodge a complaint with your local data protection authority.

9. Data security

We use industry-standard measures, encryption in transit (HTTPS), encrypted storage of access tokens, access controls and regular monitoring, to protect your data. No method of transmission is 100% secure, but we work hard to safeguard your information.

10. International transfers

Where data is transferred outside the European Economic Area, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.

11. Children

The Service is not directed to anyone under 16. We do not knowingly collect data from children.

12. Changes to this Policy

We may update this Policy from time to time. We will post the new version on this page and update the "Last updated" date above. Material changes will be notified through the Service.

13. Contact

For any question about this Policy or your data, contact us at privacy@caminotv.io or by post at Manne and Co, 2T rue des grands fonds, 95240 Cormeilles-en-Parisis, France.