Privacy Policy

Effective date: August 17, 2025 • Last updated: August 30, 2025

Who we are. Supervised Labs (“we”, “our”, “us”) provides AI-first B2B analytics and agentic solutions. This Privacy Policy explains how we collect, use, and share information when you visit supervisedlabs.com, use our products, or connect your Facebook/Instagram accounts to our applications.

Contact: privacy@supervisedlabs.com • Supervised Labs • Bengaluru, India

1) Scope

This Policy applies to our website, web apps, APIs, customer dashboards, and integrations including Facebook Login, Instagram Graph API, and related Meta products (collectively, the “Services”). If this Policy conflicts with a contract signed with a customer, the contract governs to the extent of the conflict.

2) Information We Collect

  • Account & Contact Data: name, business email, company, role, billing details.
  • Service Data: content, prompts, metrics, datasets, or outputs you process using our Services.
  • Log & Usage Data: IP address, device/browser info, pages viewed, referring URL, timestamps, diagnostics, and performance metrics.
  • Cookies & Similar Tech: session tokens, analytics, and preference cookies.
  • Facebook/Instagram Data (if you connect):
    • From Instagram Graph API (depending on permissions you authorize): account ID(s), username(s)/page(s) you manage, content and metadata you select for analytics (e.g., captions, hashtags, media IDs, insights), engagement metrics, and publish/read permissions strictly for agreed features.
    • From Facebook Login/Pages API (if applicable): page IDs, page access tokens, and basic profile information required to manage or analyze connected assets.

3) How We Use Information

  • Provide, secure, and improve the Services.
  • Perform analytics, reporting, and AI-powered automations you request.
  • Authenticate users and connect authorized Facebook/Instagram assets.
  • Communicate about service updates, security, and billing.
  • Comply with laws, enforce terms, and prevent abuse.

4) Instagram/Facebook Specific Disclosures

  • We only access data expressly authorized by you via Meta’s consent screens and only use it to provide the features you select.
  • We do not sell Instagram/Facebook data. We do not transfer it to third parties for independent use.
  • We store tokens securely and refresh/revoke them per Meta policies. If you remove our app from your Meta settings, we will lose access and subsequently delete related tokens.
  • You can revoke access anytime in your Facebook Settings → Business Integrations orInstagram → Settings → Accounts Center.

5) Legal Bases (EEA/UK)

Where GDPR/UK GDPR applies, we process data under these bases: performance of a contract (to deliver Services), legitimate interests (security, product improvement, fraud prevention), consent (where required, e.g., certain cookies/marketing), and legal obligation.

6) Data Sharing

  • Processors: vetted vendors that help us run the Services (e.g., hosting, error tracking, logging, analytics, payments). Examples: Vercel (hosting), Google Cloud. Processors act under written contracts and may only process data per our instructions.
  • Legal/Compliance: to comply with law, enforce terms, or protect rights, safety, and security.
  • Business Transfers: in a merger, acquisition, or asset sale, data may be transferred subject to this Policy or a successor policy with notice where required.

7) Retention

We keep personal data only as long as necessary for the purposes described, then delete or anonymize it. You can request deletion earlier (see “Your Rights”). Instagram/Facebook tokens and related data are typically removed within 30 days of disconnection or inactivity unless a longer period is required by law or your contract.

8) Your Rights

  • Access/Correction/Deletion: request a copy, correction, or deletion of your personal data.
  • Portability & Objection: request export, object to certain processing, or request restriction.
  • Consent Withdrawal: where processing relies on consent (e.g., marketing cookies), you may withdraw it anytime.
  • To exercise rights: email privacy@supervisedlabs.com. We may verify your identity. EEA/UK users can contact a supervisory authority; California residents see CCPA section below.

9) Data Security

We implement organizational and technical measures appropriate to risk (encryption in transit, access controls, least-privilege, logging, and vendor due diligence). No method of transmission or storage is 100% secure.

10) International Transfers

We may process data outside your country. Where required, we use safeguards such as EU Standard Contractual Clauses or UK IDTA, plus supplementary measures.

11) Children

Our Services are for business users and not directed to children under 13 (or the equivalent age in your jurisdiction). We do not knowingly collect such data. If you believe a child has provided data, contact us to delete it.

12) CCPA/CPRA Notice (California)

We are a “business” under California law for our direct relationships with customers. We collect identifiers, commercial information, internet activity, and in some cases inferences for business purposes described above. We do not “sell” personal information or “share” it for cross-context behavioral advertising. California residents have the rights to know, delete, correct, and limit use of sensitive personal information, and to not be discriminated against for exercising these rights. Submit a request toprivacy@supervisedlabs.com.

13) Data Deletion Instructions (Meta Requirement)

You can request deletion of your data associated with our Facebook/Instagram integrations by emailing privacy@supervisedlabs.com with subject “Meta Data Deletion”. We will confirm and complete deletion within 30 days, subject to lawful retention obligations. You may also:

  1. Remove our app in your Facebook → Settings → Business Integrations or Instagram → Settings → Accounts Center.

14) Cookies

We use strictly necessary cookies for authentication and security, and (optionally) analytics cookies to understand product usage. Manage preferences via your browser settings and, where offered, our cookie banner.

15) Third-Party Links

Our Services may link to third-party sites or services. Their privacy practices are governed by their own policies.

16) Changes to This Policy

We may update this Policy to reflect operational, legal, or regulatory changes. We will post the updated version with a new “Last updated” date and, when required, provide additional notice.

17) How to Contact Us

Email: privacy@supervisedlabs.com
Address: Supervised Labs, Bengaluru, India