Privacy Policy
Last updated: 6/17/2026
1. Controller and contact
WhoDitched.me is the data controller for the personal data processed through the service. Privacy inquiries can be directed to [email protected].
2. What we collect
Account data: email address, name and an encrypted password (hash). Service data: the Instagram usernames you submit and the resulting publicly available follower data. Usage and technical data: IP address, browser type and similar logs.
3. Purposes and legal basis
We process data to provide and improve the service (performance of contract), for optional features you enable (consent), and to secure and develop the service (legitimate interest).
4. Processors and third parties
We share necessary data with: our payment provider (as Merchant of Record), the email provider MailerSend, a third-party Instagram-data provider, and the hosting provider Hetzner. All act as data processors under data processing agreements.
5. International transfers
Some providers may process data outside the EEA. In such cases we ensure a lawful transfer mechanism, for example the EU Standard Contractual Clauses (SCCs).
6. Retention
We retain data for as long as you have an active account. If you delete your account, related personal data is deleted within a reasonable time, unless statutory retention (e.g. accounting) requires longer storage.
7. Your rights
You have the right to access, rectification, erasure, data portability, restriction and objection, as well as the right to withdraw consent. You may also lodge a complaint with your local data protection authority.
8. Cookies
We use only a minimum of essential cookies necessary for the service to function. We do not use tracking or advertising cookies.
9. Changes
We may update this policy. Material changes will be communicated in a reasonable manner.
10. Contact
Questions about privacy? Contact WhoDitched.me, [email protected].