Last updated: February 9, 2026
This Privacy Policy explains how PromoLink collects, stores and processes personal data in accordance with the General Data Protection Regulation (GDPR), the ePrivacy Directive, the Meta Platform Terms and other applicable laws. By using PromoLink, you agree to the practices described in this document.
PromoLink is a music promotion platform used by music labels, artists and agencies to send release campaigns via email and Instagram direct messages, manage Instagram comment engagement, and provide analytics for promotional activity. PromoLink acts primarily as a technical provider that routes and monitors campaigns on behalf of its users.
PromoLink is operated by:
IAMT Music 2021 SCP
c/ Suissa 8, 2-1
Barcelona, Spain
VAT ESJ05494513
If you have any questions regarding this Policy, you can contact us at: support@promolink.app
PromoLink collects only the data required to provide the service. This includes:
Users upload their own contact lists. This data may include:
Users are solely responsible for ensuring that contact data is collected lawfully under GDPR.
PromoLink never sells, shares or uses contact data for its own purposes.
When a contact opens a campaign via MagicLink, the following is collected:
The Receiver may optionally set a password and become a User.
When a User connects their Instagram Business Account to PromoLink, we access and store the following data through the Instagram Graph API:
When the User activates comment synchronization, we access:
This data is used to display comments in PromoLink's dashboard and to enable AI-assisted reply management.
When the User uses PromoLink's DM outreach feature, we access and store:
PromoLink sends direct messages only on explicit instruction from the User. Messages are sent to contacts whose Instagram usernames have been provided by the User.
PromoLink receives real-time notifications from Instagram via webhooks for:
Webhook data is processed to update conversation threads and comment feeds within the platform.
PromoLink uses cookies strictly for:
PromoLink does not use cookies for advertising, retargeting or cross-site tracking.
PromoLink processes data only for the purposes described below:
PromoLink sends emails and Instagram direct messages on behalf of the User to the selected contacts.
MagicLink allows contacts to view the release landing page and interact with the content without initial registration.
PromoLink synchronizes comments from the User's Instagram posts and provides tools to review, reply to or hide comments. AI-assisted replies may be generated as suggestions, but all replies require explicit User approval before being posted.
PromoLink enables Users to send personalized direct messages to their contacts via Instagram. This includes:
PromoLink tracks opens, plays, downloads, trust signals, geographic information and Instagram engagement metrics to provide aggregated analytics to the Sender.
We analyse usage patterns to improve the platform, performance and reliability.
We track unusual or abusive behaviour to protect our users and infrastructure.
As required by GDPR, PromoLink processes data under the following legal grounds:
For Users who create campaigns and use the platform's features, including Instagram integration.
For operating the platform, security and performance.
When a User connects their Instagram Business Account to PromoLink, they explicitly authorize PromoLink to access their Instagram data through the Meta authorization flow. This consent can be revoked at any time by disconnecting the Instagram account from PromoLink or by removing the app from Instagram settings.
The User is the Data Controller for their own contact lists and must have a lawful basis (such as consent or legitimate interest) for contacting these individuals via email or Instagram.
PromoLink is the Data Processor for contact data uploaded by Users.
PromoLink does not collect or source email addresses or Instagram usernames. Users upload their own contacts and act as the Data Controller.
The User is solely responsible for:
PromoLink does not verify, review, validate or approve contact lists, campaign content or direct message content.
PromoLink assumes no liability for any communication made by the User, whether via email or Instagram.
PromoLink does not sell or trade personal data.
Data may be shared only with:
All third party partners comply with GDPR. Instagram data is used solely for the purposes described in this policy and in compliance with the Meta Platform Terms.
PromoLink's use of Instagram data is governed by the Meta Platform Terms and the Meta Developer Policies.
PromoLink requests the following Instagram permissions:
Users can disconnect their Instagram account from PromoLink at any time through:
Upon disconnection, PromoLink will delete the stored access token and cease all API access to the User's Instagram account. Cached comment and media data will be removed. DM conversation history will be retained for the User's records unless explicit deletion is requested.
Users can request deletion of their account and all associated data by contacting support@promolink.app. Upon receiving a deletion request, we will:
Deletion will be completed within 30 days of the request.
In compliance with Meta Platform Terms, PromoLink provides a data deletion callback endpoint. When a User removes PromoLink from their Instagram account settings, Meta notifies PromoLink and we automatically:
Users can also check the status of a deletion request by visiting: promolink.app/api/meta/data-deletion-status
Under GDPR, individuals have the right to:
Requests can be made at any time by contacting support@promolink.app.
PromoLink uses industry standard security measures including encryption, access controls, logging and authentication systems to protect data.
Instagram access tokens are encrypted at rest. All API communications with Instagram use HTTPS. Access to Instagram data is restricted to authenticated Users who own the connected account.
No system is entirely secure, but we take reasonable steps to safeguard information.
Data may be stored or processed outside the EU, but always with GDPR compliant safeguards such as Standard Contractual Clauses.
PromoLink may update this Privacy Policy as needed. Significant changes will be communicated to Users.
For privacy related questions, please contact: support@promolink.app