Privacy Policy

Last updated: March 2026

VoidGram is a desktop application developed by REMvisual that lets you post to Instagram from your computer. VoidGram is designed around a simple principle: your data belongs to you. Everything stays on your device unless you explicitly choose otherwise.

This policy explains what data VoidGram handles, how it is stored, and what control you have over it.

What We Collect

When you connect your Instagram account through Meta's OAuth flow, VoidGram receives and stores the following on your local device:

• OAuth access token (encrypted locally with AES-256-GCM)
• Instagram username, profile picture URL, and account type
• Follower count and media count
• Connected Facebook Page ID and name (if applicable)

When you create posts, VoidGram stores:

• Media files you upload (images and videos)
• Captions, hashtags, and location data you provide
• Scheduling data (date, time, timezone)
• User tags and collaborator usernames
• Post status and publishing history

If you enable the Story Repost feature, VoidGram stores an encrypted session on your device to facilitate automated reposting.

How Data Is Stored

All data is stored locally on your computer in an encrypted SQLite database using AES-256-GCM encryption. VoidGram has no servers that collect, store, or process your data.

• No analytics or usage tracking
• No telemetry or crash reporting sent to us
• No cookies or fingerprinting
• No third-party analytics SDKs

Your database, media files, and configuration all reside in your local application data directory. Nothing leaves your machine unless you explicitly publish to Instagram or enable optional cloud scheduling.

Cloud Scheduling (Optional)

VoidGram offers an optional cloud scheduling feature that lets posts publish even when your computer is off. This feature uses your own Cloudflare account — you deploy a Cloudflare Worker to your own infrastructure.

• Scheduled post data is encrypted in transit and at rest
• Media is uploaded to your own Cloudflare R2 bucket
• You own and control the entire infrastructure
• VoidGram has no access to your Cloudflare account or Worker data

If you do not enable cloud scheduling, no data ever leaves your device beyond the direct Instagram publishing API calls.

OAuth Proxy

During the Instagram login process, auth.voidgram.org acts as a lightweight OAuth proxy to handle the token exchange with Meta. This is required because Meta's OAuth flow needs a public redirect URL.

• The proxy only handles the token exchange, which takes less than 2 minutes
• Tokens are not logged, cached, or stored on the proxy beyond the brief transit
• The proxy immediately redirects the token back to your local application
• No user data, profile information, or media passes through the proxy

Third-Party Services

VoidGram interacts with the following third-party services:

• Meta / Instagram — for authenticating your account and publishing content via the Instagram Graph API. Subject to Meta's Privacy Policy.
• Cloudflare — hosts the OAuth proxy (auth.voidgram.org) and, if you opt in, your cloud scheduling Worker. Subject to Cloudflare's Privacy Policy.

VoidGram does not sell, share, rent, or trade your data with any third party. We do not use your data for advertising or behavioral profiling.

Data Retention

All data is retained locally on your device until you choose to delete it. There is no remote retention of your data by VoidGram. You can delete individual posts, media files, or your entire database at any time. Uninstalling the application removes all stored data.

Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

• Right of access — Your data is already on your device. You have full access at all times.
• Right to erasure — Delete the app and its database to remove all data. You can also delete individual records within the app.
• Right to portability — Your data is stored in a standard SQLite database that can be read by any compatible tool.
• Right to object — You can disconnect your Instagram account at any time from within the app.

Data controller: REMvisual. Legal basis: Consent, granted through the Meta OAuth authorization flow.

Your Rights Under CCPA

If you are a California resident, you have the right to know what personal information is collected, to request deletion, and to opt out of the sale of your personal information.

• VoidGram does not sell your personal information
• VoidGram does not share your data for cross-context behavioral advertising
• We honor all CCPA rights regardless of whether we meet the statutory thresholds

Children's Privacy

VoidGram is intended for users aged 13 and older, consistent with Instagram's own age requirements. We do not knowingly collect personal information from children under the age of 13. If you believe a child under 13 has used VoidGram, please contact us so we can provide guidance on removing any stored data.

Data Deletion

Because VoidGram stores all data locally on your device, you have complete control over deletion:

• Disconnect your Instagram account from within the app settings
• Delete individual posts, media, or scheduled items from within the app
• Uninstall VoidGram to remove all application data
• Delete the SQLite database file directly from your application data folder

For formal data deletion requests or additional instructions, visit our Data Deletion page or contact us at the email below.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be communicated through application updates or posted on this page. We encourage you to review this policy periodically. The "Last updated" date at the top of this page indicates when the policy was last revised.

Contact

If you have questions about this Privacy Policy or how VoidGram handles your data, you can reach us through:

• Developer: REMvisual
• GitHub: github.com/REMvisual/VoidGram
• Support: GitHub Issues