You must have a privacy policy when your website or app connects to Instagram’s application programming interface (API). Instagram states this in its platform policy.
An Instagram privacy policy should outline how your website or app collects and uses personal information, including the type of information collected, how it’s used, and whether it’s shared or sold to third parties.
Your privacy policy must always be visible and accessible to your users. For example, you can include it near the top or at the bottom of your webpage. If it’s in an app, you can include it in the Settings section.
Instagram’s privacy policy link is always visible on its website. You can also find it under Settings in the app. This can empower users, making them feel safe when using these platforms.
Instagram’s Platform Policy Requirements
Your privacy policy must meet several requirements to satisfy Instagram’s platform policy. Read on to learn more about requirements from several of the key platform policy sections.
Section 3: Data Use
Section 3 of Instagram’s platform policy addresses the use of collected data. It covers everything from prohibited practices to exceptions to the restrictions.
Your privacy policy must inform users of the data you collect and the ways you intend to use it.
Section 4: Privacy Policy
Instagram provides clear guidance on how to create a compliant privacy policy. Take a look at Section 4 of its platform policy:
If you’re subject to Instagram’s platform rules, your privacy policy will need to be clear, accurate, and easy to access. It needs to be compliant with Instagram’s rules and policies.
Instagram also states that privacy policies “must comply with applicable law and regulations.” This means that if you’re subject to laws like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), your privacy policy will also need to comply with those laws’ privacy policy requirements.
Section 5: Service Providers and Tech Providers
Instagram provides additional rules for service and tech providers in section 5.
For example, Instagram clearly states that your service providers must have a signed policy in place before gaining access to any data:
The additional rules for tech providers cover client-related information. Data use for a client must be solely for that specific client’s purpose, as seen here:
Tech providers are also subject to rules regarding client information, data sharing with clients, and client termination.
How to Create a Privacy Policy for Instagram
These are some key components your privacy policy needs in order to comply with Instagram’s platform policy:
- Make your policy clear and freely accessible. People can’t be charged to access it.
- Clearly define compliance rules, like age and content restrictions.
- Clearly define what information you’ll access and how you’ll use it.
- Explain how you’ll utilize user-generated content.
- Tell users how you protect their data and what security measures are in place.
- Include any relevant contact information in case users have questions about your privacy policy.
- Include information on international privacy laws, like the GDPR and CCPA.
If you are subject to privacy laws like the GDPR, your privacy policy will need to comply with additional rules. To create a GDPR-compliant privacy policy, you’ll need to clearly explain how you collect, share, and process user data, among other requirements. The CCPA also has requirements for privacy policy compliance.
Displaying Your Instagram Privacy Policy
If you have an app that connects to Instagram’s API, you must include your privacy policy in the settings drop-down menu. Your users must always be able to see it when they access their information.
Consider Reddit’s privacy policy placement, which is easily visible in a menu on its site:
Include a privacy policy link on every page of your website. You can add a link at the bottom with your other important information.
Instagram Privacy Policy URL
You need a privacy policy webpage to use as a link on Instagram. This means you need to have a dedicated web or app privacy policy page you can send people to when they click on the URL.
Instagram Privacy Policy URL Example
As an example, here’s Pinterest’s privacy policy URL: policy.pinterest.com/en/privacy-policy. They’ve included their privacy policy on a page with clear links to their other policies and guidelines.
Next Steps
You now know more about Instagram privacy policy requirements for apps that connect to Instagram’s API. Creating or editing your privacy policy should be your next step.
Privacy policies often need to cover a variety of requirements. You may need to adhere to platform or partner rules, like the Instagram privacy policy requirements detailed here, as well as legal rules listed in privacy legislation. If you need help creating a customized policy right for you, try Termly’s privacy policy generator today.
More about the author
Written by Christine Hennel
Christine is a product specialist and writer for Termly. She writes support articles, user FAQs, and documentation for Termly’s policy generators and cookie consent manager. More about the author
