Anngage

Privacy Policy

Last updated: 2026-05-13

Grievance Redressal

In accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act), the following Grievance Officer is appointed to handle data-related queries and complaints:

  • Grievance Officer: Akhil Mishra
  • Email: privacy@anngage.com
  • Phone: +91-8742904488
  • Address: H-502, Sunrise Jaipuria Greens, Ahinsa Khand-1, Indirapuram, Ghaziabad, Uttar Pradesh, 201014, India
  • Response time: We acknowledge grievances within 7 days and resolve them within 30 days of receipt, in compliance with the DPDP Act.

For any data-related concern — including access, correction, deletion, or portability requests — please contact the Grievance Officer above.

Introduction

This Privacy Policy describes how GN Global (“we”, “us”, or “our”), the operator of the Anngage platform, collects, uses, and protects information when you use our service. We are committed to safeguarding your privacy and complying with applicable data protection laws, including India’s Digital Personal Data Protection Act, 2023 (DPDP Act).

Information We Collect

We collect the following categories of information:

  • Account information: name, email address, and authentication identifiers collected through Clerk when you create an Anngage account.
  • Instagram account data: public profile information, account ID, and access tokens obtained through Instagram’s official Graph API after you authorize the connection. Access tokens are encrypted at rest using AES-256-GCM and are never included in data exports.
  • Comment and DM activity: comments matched by your keyword triggers and DMs we send on your behalf, retained for reporting and audit purposes.
  • Payment information: billing details, subscription status, and payment identifiers processed through Cashfree. We never see or store full card numbers, CVV codes, or UPI credentials — these are handled directly by Cashfree.
  • Usage data: log data, device and browser information, IP address, and aggregate analytics about how you interact with the dashboard.
  • Error telemetry: when you consent to analytics cookies, anonymized browser metadata and error stack traces are sent to Sentry to help us diagnose and fix bugs. Telemetry is disabled by default and you can change your choice at any time from the “Cookie preferences” link in the footer.
  • Audit logs: we maintain audit logs of security-relevant events (sign-ins, subscription changes, automation create/delete, data exports, and account deletions) for security investigations and compliance purposes.

How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the Anngage service
  • Process subscription payments and send billing-related communications
  • Send transactional emails about your account, automations, and service updates
  • Improve product features, debug issues, and prevent abuse
  • Comply with legal obligations and enforce our Terms of Service

Data Sharing and Subprocessors

We share data only with vetted subprocessors that are contractually required to protect your information. Current subprocessors include:

  • Clerk — authentication and user identity (United States)
  • Cashfree Payments — subscription billing and payment processing (India)
  • Resend — transactional email delivery (United States)
  • Supabase — managed PostgreSQL database storage (AWS Mumbai primary)
  • Cloudflare — CDN, link redirection, and edge runtime (Global)
  • Vercel — hosting for our web dashboard and marketing site (Global)
  • Railway — hosting for our API, webhook, and worker services (United States / Asia-Southeast)
  • Sentry (Functional Software, Inc.) — error monitoring and application performance tracking. Data shared: browser metadata, error stack traces, anonymized user IDs. Location: United States. See sentry.io/privacy.
  • Meta (Instagram) — the platform we integrate with on your behalf (Global)

We do not sell your personal data. We do not share your information with advertisers.

Cross-Border Data Transfer

Some of our service providers process your data outside of India. We rely on the following third parties whose data centers may be located in jurisdictions other than India:

  • Supabase — Database hosting. AWS ap-south-1 (Mumbai, India) is the primary region; failover may use other regions.
  • Vercel — Frontend hosting. Global CDN, primarily United States edge nodes.
  • Railway — Backend hosting. AWS US-East / Asia-Southeast regions.
  • Sentry — Error monitoring. United States.
  • Resend — Transactional email. United States (AWS).
  • Cashfree — Payment processing. India.
  • Meta (Instagram) — Instagram API integration. Global, primarily United States.

By using Anngage, you consent to the transfer of your data to these jurisdictions for the purposes described above. We rely on standard contractual safeguards with each provider to protect your data.

Data Retention

  • Account data: retained while your account is active. When you request deletion via the in-app “Delete account” flow, your tenant profile, automations, Instagram connections, DM logs, and (non-statutory) subscription history are erased immediately.
  • Logs and DM history: retained for 30 to 90 days depending on plan tier while your account is active.
  • Payment records: retained for 7 years as required by Indian tax and financial-records law, even after account deletion.
  • Audit logs: the row recording an account deletion request is preserved for compliance trail; all other audit log entries are erased with the account.

Your Rights

Subject to applicable law, you have the right to access, correct, delete, or export your personal data, and to withdraw consent for processing. You can exercise the export and deletion rights yourself from Settings → Privacy & data in the dashboard. For any other request, email the Grievance Officer at privacy@anngage.com. We will respond within the timeframes required by applicable law.

Cookies

We use essential cookies to keep you signed in (set by Clerk) and to process payments (set by Cashfree on their domain). These cookies are required for the service to function and do not require consent under the DPDP Act.

Non-essential cookies and trackers — specifically Sentry error telemetry — are only loaded after you give explicit consent through the cookie banner. You can change your choice at any time using the “Cookie preferences” link in the footer.

Children’s Policy

Anngage is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors. If we learn that we have collected information from a minor, we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify registered users at least 30 days before changes take effect. Continued use of the service after changes take effect constitutes acceptance of the updated policy.

Contact

Data-related questions: privacy@anngage.com
General questions: support@anngage.com