InPerson Platforma

Back

Privacy Policy

Last updated: December 6, 2025

This privacy policy describes how the InPerson Platform application (hereinafter: the Application) collects, uses, processes, and protects users' personal data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Slovenian legislation.

1. Data Controller

The personal data controller is:

Športno kulturno društvo Vrh

Address: Vrh Sv. Treh Kraljev 11, 1373 Rovte, Slovenia
Data protection email: martin@inperson-platform.com

2. Purpose and Legal Basis of Processing

The Application processes data exclusively for the following purposes:

2.1. Connection with Meta (Facebook and Instagram) Accounts

  • enabling login via Meta OAuth (Facebook Login)
  • obtaining access to Facebook pages or Instagram profiles managed by the user
  • managing content on behalf of the user (publishing, scheduling posts)

Legal basis: performance of a contract (Article 6(1)(b) GDPR).

2.1a. Connection with Google Account for Sending Email

  • access to basic Google account data (email address, public profile)
  • sending email messages on behalf of the user via Gmail API
  • enabling the sending of notifications, invitations, and other messages to association members

Scope of permissions (Google OAuth scopes):

  • .../auth/userinfo.email - access to email address
  • .../auth/userinfo.profile - access to public profile data
  • .../auth/gmail.send - sending email on your behalf

Legal basis: performance of a contract (Article 6(1)(b) GDPR).

The Application uses sensitive scopes that have been verified by the Google team. The Application sends email exclusively based on your explicit instructions and does not access your inbox or other folders.

2.2. Editing and Publishing Content

The Application enables:

  • creating events, announcements, and other content
  • designing templates
  • converting templates to images
  • manual or scheduled publishing on Facebook and Instagram

Data is processed solely for the execution of these functionalities.

2.3. Technical Operation of the Application

To ensure the operation of the Application, we may collect technical data such as:

  • device information
  • browser information
  • server logs
  • post metadata (date, time, post ID)

Legal basis: legitimate interest (Article 6(1)(f) GDPR).

3. What Data We Collect

The Application may process the following data:

3.1. Data from Meta (Facebook/Instagram) APIs

In accordance with permissions:

  • basic information about the Facebook page you manage (page name, page ID)
  • basic information about the Instagram business profile (profile name, ID)
  • permissions for publishing content (e.g., pages_manage_posts, pages_read_engagement, instagram_basic, instagram_content_publish)
  • list of pages/profiles to which you have management rights
  • content you create within the application and wish to publish

The Application does not access personal data of your members, followers, or other users.

3.1a. Data from Google APIs

In accordance with permissions (OAuth scopes):

  • email address of your Google account
  • basic public profile data (name, profile picture)
  • content of email messages you create within the application and wish to send

The Application does NOT access your inbox, archived messages, drafts, or other folders in your Gmail account. The Application exclusively sends email that you explicitly create and approve.

3.2. Data You Enter Yourself

  • text of posts and events
  • images or graphics you create in the application
  • publication time (if you use scheduling)

3.3. Technical Data

  • IP address
  • device type
  • diagnostic data about application operation

4. Sharing Data with Third Parties

The Application does not sell, rent, or share personal data with third parties.

We only share data with:

  • Meta Platforms, Inc., when publishing content on their platforms (Facebook, Instagram) – in accordance with permissions you explicitly grant.
  • Google LLC, when sending email via Gmail API – in accordance with permissions you explicitly grant.

Both external services (Meta and Google) act as data processors in the execution of our services.

5. Data Retention

Data is retained:

  • as long as you have an active account in the application
  • or until you request deletion

Data about created posts may be retained for activity tracking and application operation purposes, but you can request their deletion at any time.

6. User Rights Under GDPR

Users have the following rights:

  • right of access to their data
  • right to rectification of data
  • right to erasure ("right to be forgotten")
  • right to restriction of processing
  • right to data portability
  • right to object to processing
  • right to revoke permissions on Facebook/Instagram via Meta Account Center
  • right to revoke permissions (OAuth scopes) for Google account via Google Account Settings

To exercise your rights, contact us at: martin@inperson-platform.com

7. Data Protection

We protect data with appropriate technical and organizational measures, including:

  • encryption of data in transit (HTTPS)
  • data access restrictions
  • security protocols against unauthorized access
  • regular security updates

8. Cookies

The Application may use essential cookies for system operation and login.

We do not use cookies for advertising or tracking.

9. Changes to the Privacy Policy

We may update this privacy policy from time to time.

We will notify you of significant changes within the application or by email.

10. Contact

For any questions regarding data protection, you can contact us:

InPerson Platforma
Email: martin@inperson-platform.com