Privacy Policy

1. Introduction

Oskkee is a service operated by Indslav Joog Private Limited ("we", "our", or "us"). We operate a creator discovery platform that helps brands, agencies, and businesses find relevant content creators and influencers for marketing collaborations. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

By using Oskkee, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

• Account Information: Phone number (for WhatsApp communication), name, business type, and preferences
• Search Queries: Your search requests for finding creators
• Communication Data: Messages exchanged through our WhatsApp chatbot
• Payment Information: Transaction details processed through our payment partners

2.2 Information from Social Media Platforms

We access publicly available information from social media platforms to provide our creator discovery services:

• Public Profile Data: Usernames, display names, profile pictures, bios, follower counts, and public account metrics
• Public Content: Posts, pins, tweets, reels, and other publicly shared content
• Engagement Metrics: Likes, comments, shares, and other public engagement data

We only access information that creators have made publicly available on their social media profiles.

2.3 Automatically Collected Information

• Device information and browser type
• IP address and approximate location
• Usage data and interaction patterns
• Cookies and similar tracking technologies

3. How We Use Your Information

We use the collected information for:

• Service Delivery: To provide creator discovery and recommendation services
• Communication: To respond to your queries and send service updates via WhatsApp
• Improvement: To analyze usage patterns and improve our AI algorithms
• Personalization: To tailor search results based on your preferences and history
• Security: To detect and prevent fraud, abuse, and security incidents
• Legal Compliance: To comply with applicable laws and regulations

4. Social Media Platform Compliance

We access social media data in compliance with each platform's terms of service and developer policies:

4.1 Instagram & Facebook (Meta)

Oskkee integrates with the Instagram Graph API through Meta's official developer platform. We request the following permissions, each tied to a specific product feature:

• instagram_basic: We read public profile information of Instagram Business and Creator accounts, including username, biography, profile picture, follower count, and media count. This data is displayed in creator search results delivered through our WhatsApp chatbot.
• instagram_manage_insights: We read post-level and account-level insights such as impressions, reach, saves, and engagement rate. This data is used to calculate engagement metrics shown alongside creator profiles in search results, helping brands evaluate creators for partnerships.
• instagram_manage_comments: We read comments on creator posts to analyze audience sentiment and engagement quality. We also monitor comments and mentions on our own Instagram Business account (@oskkeeai) and may reply as part of platform communication. Comment data is processed in real time and not stored beyond the analysis session unless aggregated into anonymized metrics.
• instagram_manage_messages: We send partnership inquiry messages to creators via Instagram Direct Messages on behalf of brands using our platform. Messages are only sent when a brand explicitly requests outreach to a specific creator. We do not send unsolicited or automated bulk messages. Message content and delivery status are retained for up to 90 days for service quality and compliance, then automatically deleted.
• instagram_creator_marketplace_discovery: We search Instagram's Creator Marketplace to find creators by audience demographics, engagement rate, content niche, and location. This provides verified, first-party creator data directly from Instagram, enhancing the accuracy of our creator discovery results.
• Instagram Public Content Access: We use the Hashtag Search API (ig_hashtag_search) to find public posts tagged with specific hashtags such as #beautyinfluencer or #mumbaifoodie. We extract creator profiles from these posts to enable hashtag-based creator discovery.
• pages_show_list: We retrieve the list of Facebook Pages managed by a user to identify the Instagram Business account linked to each Page. This is a technical prerequisite required by the Instagram Graph API.
• pages_read_engagement: We read engagement data (likes, comments, shares) through the Facebook Page node, which is required to access Instagram engagement metrics via the Graph API.

We comply with Meta's Platform Terms and Developer Policies. We do not store Instagram or Facebook login credentials. We do not post content on behalf of users without explicit consent. Users can request deletion of their Instagram-related data at any time via our data deletion page. When a user deauthorizes Oskkee from their Instagram settings, we automatically delete all stored Instagram data within 30 days. We use Instagram data solely for creator discovery services and do not sell or share this data with third parties for advertising purposes.

4.2 X (Twitter)

• We comply with X's Developer Agreement and Policy
• We access only public tweet data and profile information
• We respect rate limits and data retention requirements
• We do not perform automated actions (tweeting, following, etc.)

4.3 Pinterest

• We comply with Pinterest's Developer Terms and API Terms of Service
• We access only public pins and profile information
• We do not store Pinterest user credentials
• We respect Pinterest's data usage policies

4.4 YouTube

• We comply with YouTube's Terms of Service and API Services Terms
• We access only public video and channel information
• We link to YouTube's privacy policy: Google Privacy Policy

4.5 TikTok

• We comply with TikTok's Developer Terms of Service
• We access only publicly available content and metrics
• We do not access private user data

4.6 LinkedIn

• We comply with LinkedIn's API Terms of Use
• We access only public professional profile information
• We do not scrape or store private LinkedIn data

4.7 Threads

• We comply with Meta's Threads API Terms and Policies
• We access only public thread content and profile data
• We respect all data retention and usage limitations

5. WhatsApp Business Platform

Our primary communication channel is WhatsApp. We comply with:

• WhatsApp Business Terms of Service
• WhatsApp Business Policy and Commerce Policy
• Meta's data processing requirements

Messages are processed to provide our services and may be stored for service improvement and compliance purposes. We do not share your WhatsApp conversations with third parties except as required by law.

6. Data Sharing and Disclosure

We may share your information with:

• Service Providers: Third-party vendors who assist in operating our platform (hosting, analytics, payment processing)
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly authorize us to share information

We do not sell your personal information to third parties.

7. Data Retention

• Account Data: Retained while your account is active and for up to 2 years after deletion
• Search History: Retained for 1 year to improve recommendations
• Social Media Profile Data: Creator profiles and engagement metrics are cached for up to 90 days and refreshed periodically; we do not retain raw data beyond 90 days unless aggregated into anonymized metrics
• Instagram Comment and Hashtag Data: Processed in real time during the search session and not stored beyond the session unless aggregated into anonymized metrics
• Instagram Direct Messages: Message content and delivery status are retained for up to 90 days for service quality and compliance, then automatically deleted
• WhatsApp Communication Logs: Retained for 1 year for service improvement and compliance

You can request deletion of your data at any time by contacting us.

8. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit (TLS/SSL) and at rest
• Access controls and authentication mechanisms
• Regular security assessments and monitoring
• Secure cloud infrastructure with reputable providers

While we strive to protect your data, no method of transmission or storage is 100% secure.

9. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data
• Portability: Request transfer of your data
• Objection: Object to certain processing activities
• Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at the email below.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a minor, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us

For data protection inquiries or to exercise your rights, please email us with "Privacy Request" in the subject line.