ShutterPost Back to home
Legal

Privacy Policy

Effective date: March 31, 2026  ·  Last updated: March 31, 2026

Overview

ShutterPost ("we", "us", or "our") operates the ShutterPost service at shutterpost.net and app.shutterpost.net. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

By using ShutterPost, you agree to the collection and use of information in accordance with this policy.

Information We Collect

We collect the following types of information when you use ShutterPost:

  • Account information: Your email address and password (stored as a secure hash) when you register.
  • Instagram credentials: OAuth access tokens issued by Meta that allow ShutterPost to publish content to your Instagram account on your behalf. We never store your Instagram username or password.
  • Facebook credentials: OAuth access tokens and Page access tokens issued by Meta that allow ShutterPost to publish content to your connected Facebook Page on your behalf. We never store your Facebook password.
  • Dropbox credentials: OAuth access tokens provided by Dropbox to monitor your designated folder for new photos and videos.
  • Photos and videos: Media files are accessed from your Dropbox folder or directly uploaded to ShutterPost solely to publish them to your connected social accounts. Standard-resolution processed images are retained for up to 30 days, after which they are automatically and permanently deleted from our servers.
  • High-resolution output: When you use the High-Resolution enhancement feature, output files are delivered directly to your device as a download and are never stored on our servers.
  • Posting history: Logs of posts made on your behalf, including timestamps and captions, to enable history tracking and prevent duplicate posting.
  • Billing information: Subscription status, credit balances, and payment metadata managed by Stripe. We do not store your full credit card number.
  • Usage data: Basic server logs including IP addresses and request timestamps for security and debugging purposes.

How We Use Your Information

We use the information we collect to:

  • Provide and operate the ShutterPost service — detecting new photos and videos, generating AI captions and hashtags, enhancing images, generating AI video Reels, and posting to your connected social accounts on your behalf.
  • Send transactional emails such as subscription confirmations, billing notices, inactivity reminders, and service alerts.
  • Prevent abuse, fraud, and unauthorized access to your account.
  • Improve the service based on aggregate, anonymized usage patterns.

We do not sell your personal information. We do not use your photos, videos, captions, or social media content to train AI models.

Instagram and Meta Platform Data

ShutterPost uses the Instagram Graph API and Meta's Facebook Platform APIs. Our use of Meta platform data is strictly limited to enabling the core functionality of the service: publishing media to your Instagram account and/or Facebook Page on your behalf.

Specifically regarding Meta platform data:

  • We request only the permissions necessary to publish media on your behalf to the platforms you choose to connect.
  • Instagram and Facebook connections are independent. You may connect either or both platforms; connecting one does not require the other.
  • We do not access your Instagram or Facebook followers, direct messages, private profile data, or friend lists.
  • We do not share your Instagram or Facebook data with third parties, except as required to operate the service (e.g., Stripe for billing).
  • Your Instagram access token and Facebook Page access tokens are stored encrypted at rest and are used solely to authenticate API calls made on your behalf.
  • You may revoke ShutterPost's access to your Instagram or Facebook account at any time via the respective platform's app settings, or by disconnecting from within ShutterPost's Connections settings.
  • Upon account deletion, all stored Meta access tokens are permanently deleted within 30 days.

Our use and transfer of information received from Meta APIs adheres to the Meta Platform Terms, including the Limited Use requirements.

Dropbox Data

ShutterPost connects to your Dropbox account to monitor a folder you designate during setup. We access only that specific folder path. We do not access, store, or read any other files or folders in your Dropbox. You can revoke access at any time through your Dropbox account settings at dropbox.com/account/connected_apps.

AI Caption and Hashtag Generation

ShutterPost uses the Anthropic Claude API to generate Instagram and Facebook captions and hashtag suggestions based on your photos and post context. Metadata about your images (such as image count and post type) is sent to Anthropic's API for processing. Full image data is not transmitted for caption generation. Anthropic's data handling is governed by their Privacy Policy. We do not use your images, captions, or hashtags to fine-tune or train any AI models.

AI Image Enhancement (Photo Studio)

ShutterPost's Photo Studio feature uses Google's Gemini image editing API to enhance your photos. Images you submit for enhancement are transmitted to Google's API for processing. Enhanced images are stored on our servers for up to 30 days and then permanently deleted. You may delete your enhanced images at any time from within the app. Google's data handling is governed by their Privacy Policy. We do not use your images to train any AI models.

AI Video (Reels Studio)

ShutterPost's Reels Studio feature uses third-party AI video generation providers — including Runway, Luma, and Google Veo — to generate short-form video content from your images and prompts. Images and prompts you submit are transmitted to the selected provider's API for processing. Generated videos are stored on our servers for up to 30 days and then permanently deleted. Each provider's data handling is governed by their respective privacy policies. We do not use your content to train any AI models.

Agency and Client Workspace Data

Agency plan subscribers may create client workspaces within their ShutterPost account. Each workspace maintains its own isolated set of social account connections, Dropbox configuration, posting history, and settings. The agency account holder has administrative access to all workspaces they manage. Client workspace data is subject to the same retention and deletion policies as standard accounts. If the agency account is deleted, all associated workspace data is deleted within 30 days.

Data Retention

  • Account data: Retained for as long as your account is active.
  • Enhanced images and generated videos: Automatically deleted after 30 days. You may delete them earlier from within the app.
  • High-resolution outputs: Delivered directly to your device. Never stored on our servers.
  • Posting history and captions: Retained until you delete your account.
  • Access tokens (Instagram, Facebook, Dropbox): Deleted permanently within 30 days of account deletion or disconnection.
  • Server logs: Retained for up to 90 days for security purposes.

If you delete your account, all personal data is permanently deleted within 30 days.

Third-Party Services

ShutterPost integrates with the following third-party services, each governed by their own privacy policies:

  • Stripe — payment processing (stripe.com/privacy)
  • Meta / Instagram / Facebook — social media publishing (Meta Privacy Policy)
  • Dropbox — file storage access (dropbox.com/privacy)
  • Anthropic — AI caption generation (anthropic.com/privacy)
  • Google — AI image enhancement and video generation (policies.google.com/privacy)
  • Runway — AI video generation (runwayml.com/privacy-policy)
  • Luma AI — AI video generation (lumalabs.ai/privacy)

Content Moderation

ShutterPost uses automated content moderation tools, including AWS Rekognition and AI-based screening, to detect potentially inappropriate content before it is published to your social accounts. Images are screened at upload. No human reviewers access your images as part of this process. Images that fail moderation are flagged in your dashboard and are not published.

Security

We use industry-standard practices to protect your data, including encrypted storage of all OAuth access tokens, HTTPS for all data transmission, and hashed password storage. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Children's Privacy

ShutterPost is not intended for users under the age of 13. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us and we will delete it promptly.

Your Rights

You have the right to access, correct, or delete your personal data at any time. You may:

  • Delete your account from the ShutterPost dashboard, which triggers deletion of all your data within 30 days.
  • Disconnect Instagram or Facebook at any time from the Connections settings page, which revokes our access and deletes the stored token.
  • Delete enhanced images and generated videos from the Photo Folders and Reels Studio galleries at any time.
  • Request a copy of your data or ask questions about our data practices by emailing privacy@shutterpost.net.

Data Deletion Requests

You may request deletion of your data at any time by deleting your account from the dashboard, or by submitting a request to privacy@shutterpost.net. In compliance with Meta's platform requirements, we also provide a data deletion callback at https://app.shutterpost.net/instagram/data-deletion for requests initiated through Meta's platforms.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via a notice in the app. Continued use of ShutterPost after changes are posted constitutes your acceptance of the revised policy.

Contact

Questions about this Privacy Policy? Contact us at privacy@shutterpost.net.

ShutterPost
  • Home
  • Privacy
  • Terms
© 2026 ShutterPost