1. Data Collection and Storage
At Envira Gallery, your privacy is very important to us.
As our plugins are installed and hosted on your own WordPress website, we do not collect or store any of your Instagram or Facebook Platform Data as described in the Facebook Platform Terms (Platform Terms 3(e)). On your WordPress site, only the data you request for us to store is stored (encrypted), and it is stored only for the time period you select for it to be stored for (once this time period passes, it will be automatically deleted). You can permanently, and instantly delete all Platform Data at any time via the “Delete All Platform Data” button in the settings panel and through additional methods including uninstalling the plugin at any time. We do not collect any data from the visitors to your website or send any Platform Data to us or any third party at any time.
2. Types of Data Processed
When you use our plugin to connect to Facebook or Instagram, the following data is returned from their platform and processed by the plugin:
- The name and profile picture of your account.
- A list of the Facebook pages or Instagram profiles that you manage.
- An access token for your Facebook or Instagram account.
- Information posted to the Facebook page or Instagram profile which you choose to connect in the plugin, by you or others, such as posts, photos, videos, comments, and other similar content.
3. Purpose of Processed Data
The purpose of processing the data listed above in section 2 is as follows:
- Your name and profile picture is used in the plugin to provide a personalized experience.
- A list of the Facebook pages or Instagram profiles are used to allow you to select which of your pages or profiles you wish to connect in the plugin.
- An access token for your account is used to connect to the Facebook or Instagram API to retrieve content for the page or profile that you have connected. The access token is granted the permissions that you choose to allow when authenticating the app.
- Information from your Facebook page or Instagram profile is used to display your feed and allow the plugin to function as intended.
4. Permission Model: Grant of Least Access
The plugin is built to be “read only” and so is not able to publish any data to, or edit any data on, the Instagram/Facebook platform. The plugin can only display your Instagram/Facebook content and is not able to publish to Instagram/Facebook or access your Instagram/Facebook account in any way other than as “read only”. It does not allow you to like or comment on content, edit or delete photos, or perform any of the other actions that the Instagram/Facebook platform allows.
If you utilize our Instagram and Facebook plugins, which allows you to display content from an Instagram or Facebook account on your WordPress website, the plugin will ask you to authorize with Instagram or Facebook in our settings panel.
During this process, our application may request some or all of the following permissions:
instagram_graph_user_profile: this permission is used to retrieve the name of the Instagram account. As our Envira Gallery plugin allows you to connect multiple Instagram accounts, we use this permission to retrieve the name of each Instagram account that was authorized so that we can show you a list of the Instagram accounts authorized in our settings panel with their name, making it easy for you to identify which accounts you have authorized, and making it easy to reauthorize or deauthorize specific Instagram accounts. It’s required in combination with other permissions.
instagram_graph_user_media: We use this permission to retrieve the content from your Instagram account to show in your feeds.
5. Removal of Platform Data
You can permanently, and instantly delete all Platform Data at any time via the “Delete All Platform Data” button in the settings panel and through additional methods including uninstalling the plugin at any time.
To open a request for data removal or assistance removing data yourself, please contact [email protected] by email.
6. Third Party APIs
Our products utilize, and are enabled by, various third party APIs such as those from Facebook and Instagram. Any data retrieved using these APIs is strictly restricted to the site on which our products are installed. This data is stored in the database that is used by the site where the product is installed.
The Facebook and Instagram APIs, which are used by our products, may collect usage data. You can visit the Data Policy pages from the individual API vendors for more information about how these APIs may collect or use your data:
7. Cookies
Cookies are used to handle the connection between your browser and your Instagram/Facebook account when authorizing your account. The cookies are stored locally on your computer. The plugin does not store cookies on your visitors computers.
8. Changes to this Policy
We may revise this Privacy Policy in the future. If a change is made to this policy that we believe is material then we will update this page. By continuing to use the plugin after those changes become effective, you agree to be bound by the revised Privacy Policy.
If you have any questions or comments about this Privacy Policy, please contact us here.