Privacy Policy

Effective Date: October 19, 2025

Introduction

InstantOF ("we," "our," or "us") operates a web-based platform that enables users to create personalized apps with integrated blockchain, AI, e-commerce, and social features. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our platform.

1. Information We Collect

1.1 Account Information

• Ticker/Username: Your unique identifier (e.g., YES21) used for your custom URL
• PIN: Your authentication credential (encrypted with bcrypt)
• Email Address: Optional, for contact and notifications
• Business Information: Business name, type, city, description, and other profile details
• Phone Number: Optional, for SMS notifications and contact

1.2 Session and Technical Data

• Session Cookies: We use persistent session cookies (30-day duration) to maintain your login state
• IP Addresses: Collected for security, rate limiting, and geographic services
• Device Information: Browser type, operating system, device type
• Usage Analytics: Page views, feature usage, interaction patterns
• Error Logs: Technical logs for debugging and system monitoring

1.3 Content and User Data

• Bloc Cards: Your created content (code, text, images, videos, links)
• Bytes: Your media files and uploaded content
• Shop Items: Product listings, descriptions, prices, and inventory
• Market Listings: NFT listings and marketplace data
• Vibes Posts: Your social media content and interactions
• Bookings: Appointment schedules and booking information
• API Keys: Third-party service credentials (encrypted with Fernet)

1.4 Financial and Blockchain Data

• Payment Information: Transaction data from Square and Stripe (we do NOT store credit card numbers)
• Cryptocurrency Wallets: Solana wallet addresses you connect
• Blockchain Transactions: Public transaction hashes and signatures
• Token Balances: SPL token holdings and NFT ownership
• Transaction History: Payment records, refunds, and financial activity
• Subscription Data: Plan type, billing cycle, payment status

1.5 Location Data

• Business Location: Address, city, state for business profile and mapping
• User Location: Optional GPS coordinates for location-based features (with explicit permission)
• IP-Based Location: Approximate location derived from IP address

1.6 Communication Data

• Push Notifications: Subscription tokens for browser push notifications
• Customer Messages: Support inquiries and communication history
• AI Conversations: Your prompts and interactions with AI assistants (Claude, GPT-4)

2. Third-Party Services

We integrate with the following third-party services that may collect and process your data according to their own privacy policies:

2.1 AI Services

• OpenAI: GPT-4, GPT-Image-1 for AI text and image generation - Privacy Policy
• Anthropic Claude: AI assistant for code generation and analysis - Privacy Policy
• Groq: Fast AI inference - Privacy Policy

2.2 Payment Processors

• Square: Credit card processing and point-of-sale - Privacy Policy

2.3 Blockchain Services

• Solana: Blockchain network for cryptocurrency transactions (public blockchain)
• Helius: Solana RPC and blockchain data - Privacy Policy

2.4 E-Commerce and Content Services

• Printful: Print-on-demand fulfillment - Privacy Policy
• Meshy: 3D model generation - Privacy Policy
• ImgBB: Image hosting - Privacy Policy

2.5 Mapping and Social Media

• Google Maps: Location services and mapping - Privacy Policy
• Meta/Instagram: Social media integration - Privacy Policy

2.6 Infrastructure

• Render: Cloud hosting provider - Privacy Policy
• Ngrok: Webhook tunneling for development - Privacy Policy

3. How We Use Your Information

• Service Delivery: To provide and maintain your InstantOF app
• Authentication: To verify your identity and secure your account
• Features: To enable AI generation, e-commerce, blockchain transactions, and all platform features
• Payment Processing: To process transactions and manage subscriptions
• Communications: To send notifications, updates, and support responses
• Analytics: To improve platform performance and user experience
• Security: To detect fraud, prevent abuse, and protect platform integrity
• Legal Compliance: To comply with applicable laws and regulations

4. Data Sharing and Disclosure

We do NOT sell your personal data. We may share your data in the following circumstances:

• Third-Party Services: With service providers listed in Section 2 to deliver features you use
• Blockchain Networks: Transaction data is publicly visible on the Solana blockchain
• Legal Requirements: If required by law, court order, or government request
• Business Transfer: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly authorize data sharing

5. Cookies and Tracking

We use the following types of cookies:

• Session Cookies: Essential for authentication and platform functionality (30-day duration)
• Analytics Cookies: To track usage patterns and improve services
• Security Cookies: To detect suspicious activity and prevent fraud

You can disable cookies in your browser settings, but this may limit platform functionality.

6. Data Security

We implement industry-standard security measures:

• Encryption: PINs encrypted with bcrypt, API keys encrypted with Fernet
• HTTPS: All data transmission uses TLS/SSL encryption
• Database Security: SQLite with WAL mode, access controls, and regular backups
• Rate Limiting: Protection against brute force attacks
• Secure Storage: Environment variables for sensitive credentials

7. Data Retention

• Active Accounts: Data retained while your account is active
• Deleted Accounts: Data permanently deleted within 30 days of account deletion request
• Blockchain Data: Cannot be deleted (public blockchain records are immutable)
• Legal Hold: Data retained longer if required for legal compliance
• Backups: Backup copies deleted within 90 days

8. Your Rights (GDPR/CCPA)

Depending on your location, you may have the following rights:

8.1 Access and Portability

• Request a copy of your personal data
• Export your data in machine-readable format
• Access all data we hold about you

8.2 Correction and Deletion

• Update or correct inaccurate information
• Request deletion of your account and data
• Remove specific content or information

8.3 Control and Objection

• Opt out of marketing communications
• Disable push notifications
• Object to data processing for specific purposes
• Withdraw consent at any time

8.4 How to Exercise Your Rights

To exercise any of these rights, use the settings in your InstantOF app or contact us. We will respond within 30 days for GDPR requests and 45 days for CCPA requests.

9. International Data Transfers

InstantOF is hosted in the United States. If you access our platform from outside the US, your data will be transferred to and processed in the United States. By using InstantOF, you consent to this transfer.

10. Children's Privacy

InstantOF is not intended for users under 13 years old (or 16 in the EU). We do not knowingly collect data from children. If we discover we have collected data from a child, we will delete it immediately.

11. California Privacy Rights (CCPA)

California residents have additional rights:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt out of the sale of personal information (we do NOT sell data)
• Right to deletion of personal information
• Right to non-discrimination for exercising CCPA rights

12. European Privacy Rights (GDPR)

EU/EEA residents have additional rights under GDPR:

• Legal basis for processing: Consent, contract performance, legitimate interests
• Right to lodge a complaint with your local data protection authority
• Right to restriction of processing
• Right to object to automated decision-making

13. Do Not Track

We currently do not respond to Do Not Track (DNT) browser signals. We use cookies and analytics as described in Section 5.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of InstantOF after changes constitutes acceptance of the updated policy.

15. Contact Us

For privacy-related questions, data requests, or concerns, contact us:

• Website: InstantOF.com
• Email: privacy@InstantOF.com

16. Summary of Key Points

• We collect account data, session cookies, usage analytics, payment data, and blockchain transactions
• We use 15+ third-party services (AI, payments, blockchain, etc.) that process your data
• We do NOT sell your personal data
• Blockchain transactions are public and cannot be deleted
• You can request data access, correction, or deletion at any time
• We encrypt sensitive data and use HTTPS everywhere
• Data hosted in the United States
• You own your content and can delete your account anytime

← Back to Home