Privacy Policy

Last Updated: January 13, 2026

1. Introduction

Stormi AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Instagram DM automation platform for fitness coaches.

By using Stormi AI, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies, please do not use our service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address
  • Business name and timezone
  • Coach profile information (background, credentials)
  • AI personality preferences and qualification criteria

2.2 Instagram Data

When you connect your Instagram Business account, we access:

  • Instagram account ID and username
  • Direct messages sent to and from your business account
  • Instagram page access tokens (securely encrypted)

2.3 Conversation Data

To provide our AI automation services, we collect:

  • Instagram DM conversation history
  • Lead information extracted from conversations
  • Qualification status and booking details
  • Voice messages (temporarily processed for transcription)

2.4 Google Calendar Data

If you connect your Google Calendar, we request the following permissions:

  • Read calendar events: To check your availability and find open time slots for bookings
  • Create calendar events: To schedule discovery calls when leads book appointments
  • Create Google Meet links: To automatically add video call links to booked appointments
  • OAuth tokens: Securely encrypted and stored to maintain calendar access

We only access calendar data necessary to provide scheduling functionality. We do not read event details, attendee information, or other calendar content beyond what is needed to determine availability and create booking events.

3. How We Use Your Information

We use collected information to:

  • Provide AI-powered responses to Instagram DMs on your behalf
  • Qualify leads based on your specified criteria
  • Schedule appointments on your connected calendar
  • Display conversation history and lead analytics in your dashboard
  • Improve our AI models and service quality
  • Send service-related notifications and updates
  • Ensure security and prevent fraud

4. Data Storage and Security

We implement industry-standard security measures to protect your data:

  • All OAuth tokens are encrypted using Fernet symmetric encryption
  • Data is transmitted over HTTPS/TLS encryption
  • Database access is restricted and monitored
  • Regular security audits and updates

Your data is stored on secure cloud infrastructure hosted by Railway. We retain your data for as long as your account is active or as needed to provide services.

5. Third-Party Services

We integrate with the following third-party services:

  • Meta/Instagram: For receiving and sending DMs
  • Anthropic (Claude): For AI-powered conversation responses
  • ElevenLabs: For voice message generation
  • Google Calendar / Calendly: For appointment scheduling
  • Clerk: For user authentication
  • Stripe: For payment processing and subscription billing
  • Sentry: For error monitoring and service reliability

Each third-party service has its own privacy policy. We encourage you to review their policies.

6. Data Sharing

We do not sell your personal information. We may share data only:

  • With third-party services as described above to provide our features
  • When required by law or legal process
  • To protect our rights or prevent fraud
  • In connection with a business transfer or acquisition

7. Your Rights and Choices

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your data
  • Disconnect: Revoke Instagram or calendar access at any time
  • Export: Request your data in a portable format

To exercise these rights, contact us at company@ssdigitalsolutions.org or use the settings in your dashboard to disconnect services.

8. Data Deletion

You can request deletion of your data in two ways:

  • Through your account settings by disconnecting Instagram
  • By removing Stormi AI from your Facebook/Instagram apps (triggers automatic deletion)
  • By contacting us directly at company@ssdigitalsolutions.org

When you request deletion, we remove all your data including conversation history, lead information, and OAuth tokens within 30 days.

9. Instagram and Meta Platform Terms

Our use of Instagram data is governed by Meta's Platform Terms and Policies. We only access data necessary to provide our services and comply with all Meta platform requirements.

We do not use Instagram data for advertising purposes or share it with third parties for their marketing.

10. AI and Automated Responses

Our service uses artificial intelligence to respond to Instagram DMs on your behalf. Important disclosures:

  • AI responses are generated based on your configured personality and criteria
  • Conversation content may be processed by Anthropic's Claude API
  • You maintain responsibility for the content sent through your account
  • You can take over conversations manually at any time

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the service. Your continued use of Stormi AI after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

  • Email: company@ssdigitalsolutions.org
Back to HomeTerms of Service