Your texts are never stored. When you use InstaText, the text you submit is processed in memory and deleted immediately – it is never saved on disk, in any database, or in our logs. Your texts are never used to train or improve our AI models.

We are committed to protecting your privacy and personal data. Therefore, we use your personal data strictly within the legal limits of the applicable data protection laws, i.e. the General Data Protection Regulation (GDPR) and other applicable legislation. With this privacy policy, we inform you of the personal data we collect when you use our services.

Personal data is processed on the following legal bases: Article 6(1)(b) GDPR (performance of a contract) for Sections 3, 4, and 5; Article 6(1)(f) GDPR (legitimate interests) for Section 2; Article 6(1)(a) GDPR (consent) for Sections 7 and 8. The legal basis for Google Analytics without consent (Section 7) is stated in that section.

1. Data controller/Contact

The data controller is: InstaText d.o.o., Tehnološki park 21, 1000 Ljubljana, Slovenia ([email protected]).

2. Automatic data collection via website and service access

When you access our website or use the InstaText service (including through browser extensions or editor plugins), your device automatically transmits certain data for technical reasons. The following data is stored separately from any other data you may transmit to us: date and time of access, browser type and version, type and version of the InstaText application used (e.g. browser extension, editor plugin), URL of the website visited prior to ours, amount of data sent and received, website or application where InstaText is used, notification of successful data retrieval or error response, response time (for performance monitoring), shortened/anonymized IP, and full IP address (for a maximum of 30 days).

This data is processed for technical and security purposes, particularly for error analysis, providing technical support, ensuring the security and stability of our systems, preventing misuse, logging access to paid services (e.g. InstaText One), and improving our service’s functionality. This data is automatically deleted after 30 days.

When you use the InstaText service, the above technical data may be associated with your account identifier for the purposes of providing technical support, diagnosing errors, managing service capacity, and detecting misuse. Certain technical data, such as IP addresses, may constitute personal data under applicable law and is processed where necessary for the purposes described above. This data does not include the content of texts you submit for improvement.

Where this processing is based on Article 6(1)(f) GDPR, our legitimate interests are the security, integrity, proper functioning, and improvement of our services.

3. Texts and improvements

When you use our text improvement service, you transfer the texts you want to improve to our servers. When using InstaText services, the texts you submit and their improvements are never stored and are only used to the extent necessary to create the improvement. We do not use your texts to improve the quality of our services, nor are they used in anonymised or aggregated form.

While your texts are processed securely and deleted immediately, we recommend not including personal data of third parties in texts you submit for improvement.

4. Account registration

When you create an InstaText account, the following personal information is stored and processed for the purpose of providing you with the service. This applies to all users, including those on the free plan:

– Email address

– First name, last name

Your account data is retained for the duration of your active account. You may request deletion of your account at any time by contacting our support team at instatext.io/support/.

The legal basis for this processing is Article 6(1)(b) GDPR, as the processing is necessary to create and maintain your user account and provide the requested service.

5. Performance of contract – InstaText One Subscription

When signing up for InstaText One, the following personal information is stored and processed for purposes of billing and contract fulfilment:

– Email address

– Payment details

In order to process payments, we pass on the email address and payment details to our payment service provider: Paddle.com Market Ltd, Judd House 18-29 Mora Street, London, EC1V 8BT, United Kingdom (Company no.: 08172165). Any additional billing information (name, address, VAT number) is collected directly by Paddle and only if you choose to provide it.

Paddle.com is registered as an Authorised Electronic Money Institution with the FCA. Paddle is a UK-based company. Transfers of personal data from the EU to the UK are covered by the European Commission’s adequacy decision for the United Kingdom (Article 45 GDPR). Account and billing data is retained for the duration of your active account; financial records are kept for as long as required by applicable accounting law.

The legal basis for this processing is Article 6(1)(b) GDPR, as the processing is necessary for the performance of the subscription contract.

6. Cookies

We use cookies and similar technologies on our website. Some cookies are strictly necessary for the website to function and do not require your consent. Other cookies are used only with your prior consent, which you can give or withdraw at any time through our cookie settings.

We use the following categories of cookies:

– Functional cookies (strictly necessary, no consent required): These cookies are essential for the operation of our website and service. They include session and login tokens, language preferences, and custom settings. The InstaText editor application uses only functional cookies.

– Analytics cookies (require consent): These cookies are used by Google Analytics to analyse the use of our website. For details, see Section 7.

– Marketing cookies (require consent): These cookies are used by advertising services (Google Ads, Microsoft Advertising, Facebook) to show you relevant advertisements and to measure the effectiveness of advertising campaigns. For details, see Section 8.

You can manage your cookie preferences at any time through our cookie settings tool, accessible via the cookie banner on our website. You may also deactivate cookie storage through your browser settings, but this may impair the proper functioning of the website.

7. Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC (“Google”).

When you consent to analytics cookies, Google Analytics uses cookies to analyse your use of the website. The information generated (including your truncated IP address) is transmitted to Google’s servers in the USA. Google uses this information to compile reports on website activity and provide related services. We use Google Analytics with the IP anonymisation function, which shortens your IP address before transmission for users accessing our website from the EU/EEA. The legal basis for this processing is your consent under Article 6(1)(a) GDPR.

When you do not consent to analytics cookies, no cookies are set and no individual-level tracking takes place. However, limited technical data (such as timestamps, page URLs, and user agent strings) is still transmitted to Google through Google Consent Mode V2, which Google uses to produce aggregated estimates of website usage. No individual-level data is made available to us. The legal basis for this limited processing is Article 6(1)(f) GDPR (our legitimate interest in understanding the use of our website in aggregated form).

You can find detailed information about how Google uses your data in Google’s privacy policy.

You may withdraw your consent at any time through our cookie settings. You may also deactivate Google Analytics entirely with a browser add-on available at tools.google.com/dlpage/gaoptout.

Google is certified under the EU–US Data Privacy Framework (DPF). Where personal data is transferred to the United States in connection with Google Analytics, such transfers are based on the European Commission’s adequacy decision under Article 45 GDPR. Where applicable, Standard Contractual Clauses (SCCs) also apply.

8. Marketing services

With your consent, we may use third-party advertising services on our website for remarketing (showing you relevant advertisements on other websites based on your visit to our website) and conversion tracking (measuring the effectiveness of our advertising campaigns). These services use cookies and similar technologies that are activated only after you give your consent through our cookie settings. The services we use are Google Ads (Google LLC, USA), Microsoft Advertising (Microsoft Corporation, USA), and the Meta Pixel (Meta Platforms, Inc., USA). You can find more information in the privacy policies of Google, Microsoft, and Meta.

All three providers are certified under the EU–US Data Privacy Framework (DPF). Where personal data is transferred to the United States, such transfers are based on the European Commission’s adequacy decision under Article 45 GDPR. Where applicable, Standard Contractual Clauses (SCCs) also apply.

The legal basis for this processing is your consent under Article 6(1)(a) GDPR. You may withdraw your consent at any time through our cookie settings (see Section 9).

9. Your rights

You have the following rights under applicable data protection law. To exercise any of them, please contact us at [email protected] or at the address in Section 1.

– Right to confirmation and right to information – we will be happy to confirm whether we process your personal data, what data it is and for what purpose it is processed.

– Right to rectification – if the data we store is incorrect, we will of course be happy to correct it.

– Right of erasure – if you want your personal data to be deleted, we will, as far as legally possible, comply with your request. If data must be kept for legal reasons, it will be blocked. The data is then no longer available for further use.

– Right to restriction of processing – should you wish to restrict use, we will, as far as legally possible, comply with your request.

– Right to data portability – you may request your personal data in a structured, commonly used, machine-readable format.

– Right to object – where processing is based on our legitimate interests, you have the right to object on grounds relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds which override your interests, or for the establishment, exercise, or defence of legal claims.

– Right to withdraw consent – where processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

You also have the right to lodge a complaint to a supervisory authority about the processing of your personal data.

10. Changes to privacy policy

We reserve the right to modify this privacy policy. The current version is always accessible on our website at www.instatext.io.

Where changes materially affect how we process personal data, we will inform registered users in advance.

This version corrects and clarifies the previous policy to more accurately reflect InstaText’s data processing practices. No new processing activities have been introduced.

Last updated: 31 March 2026