Privacy Policy

OPT2IN LLC (“Opt2In,” “we,” “us,” “our”) is a Florida limited liability company that operates opt2in.com. We are the controller of any personal information described in this policy.

• Mailing address: OPT2IN LLC, Miami, Florida, USA
• Email: privacy@opt2in.com
• Founder / contact: Robert Maatougui

This policy applies to visitors and users of opt2in.com and any subdomains or pages we operate. It does not apply to third-party websites that our site may link to.

Data you intentionally give us

• Email address — only if you submit it through the email-capture form after your report. We use this to notify you when the personalized matches page launches and nothing else.
• Questions you type into the AI analyst chat — these are sent to Anthropic (the company that provides Claude, the AI model we use) along with an anonymized summary of your report numbers (advertiser count, topic count, etc.) so the AI can answer accurately. We do not store these conversations on our servers.
• Feedback messages — if you email us, we store that email thread.

Data collected automatically

• Basic web logs — when you visit our site, our hosting provider (Netlify) automatically logs your IP address, browser user-agent, and the page you requested. This is standard for any website and is used for security and debugging.
• Netlify Analytics (aggregate) — visitor counts, country-level geography, page views. Not tied to an identity. Netlify’s analytics is server-side; there is no tracking pixel or cookie on your browser.
• localStorage summary — after you run your report, your browser (not our servers) stores a compact summary of the results locally so the monetize page can personalize offers. This summary includes counts (number of advertisers, topic names, app names) and your username from the export. This data never leaves your device. You can clear it anytime by using the “Clear” button on the monetize page or by clearing your browser storage.

We want to be explicit about what we never see, because most data-related services exist by collecting exactly these things:

• Your Instagram data export. The ZIP file you upload stays in your browser. We have no access to its contents, no server-side copy, and no way to retrieve it after your session ends.
• Your synced contacts, DMs, photos, or any personal content from the export. These are parsed and summarized on your device for the report and never transmitted.
• Your browsing history across other sites. We do not place tracking cookies or fingerprinting scripts.
• Ad-tech tracker data. We do not run third-party advertising analytics, social-media tracking pixels, or remarketing tags.
• Payment information. Opt2In is free. We never ask for payment details, so we don’t collect or process them.
• Your data sold to anyone. We do not sell personal information. This is not a data-broker business.

We use the data listed above for these specific purposes and no others:

• Deliver the service — parse your data export in your browser, render the report, power the AI chat when you ask a question.
• Communicate with you — email you when a feature you asked to be notified about goes live, or reply when you email us.
• Improve the product — understand which features are used based on aggregate page-view counts (Netlify Analytics).
• Protect the service — use server logs to diagnose bugs, catch abuse (scraping, brute-force attempts), and keep the site online.
• Legal compliance — respond to lawful requests (subpoenas, court orders) and comply with applicable US law.

We use a small number of well-known service providers. Each is contractually required to handle data appropriately. Providers listed here are sub-processors under our agreement with them.

Netlify (hosting + analytics)

Netlify hosts the opt2in.com site and runs a small number of serverless functions (see below). Server access logs include IP address and browser user-agent. Netlify Analytics is aggregate and cookie-free. Netlify’s privacy policy is at netlify.com/privacy.

Anthropic (Claude AI)

When you use the AI analyst chat, your typed question and a summary of your report numbers are sent to Anthropic’s Claude API to generate a response. Anthropic does not use API data to train models and deletes it within a short retention window. Anthropic’s privacy policy is at anthropic.com/privacy. If you do not want your question sent to a third party, do not use the chat input.

ConvertKit / Kit (email)

If you submit your email via the capture form, it is added to a list managed by Kit (formerly ConvertKit). Kit sends the single launch-notification email and stores your address until you unsubscribe. You can unsubscribe with one click from any email we send, or email us to remove it manually. Kit’s privacy policy is at kit.com/privacy.

OpenStreetMap / Nominatim (map display)

The “Locations of interest” section of your report uses OpenStreetMap map tiles and Nominatim (OSM’s geocoder) to display the place names Meta inferred about you on a map. The place names (e.g. “Miami, Florida”) are sent to Nominatim to look up coordinates. No other personal data is sent. OSM’s privacy notice is at osmfoundation.org.

DuckDuckGo favicon service

Brand logos on the monetize and report pages are loaded from DuckDuckGo’s public favicon service, which receives the domain name of the logo being requested. This is a standard practice and does not transfer personal data.

Google Fonts / cdnjs

Font files and a few front-end libraries (JSZip, Leaflet) load from Google Fonts and cdnjs. These are content-delivery services. They receive the fact that your browser requested a font or script file.

Our business model is referral commissions. When you click a brand’s affiliate link in the monetize section and sign up for their service, the brand may pay Opt2In a referral fee. We plan to share a portion of that fee with users once our affiliate-network partnerships are approved and fully operational.

• Affiliate links are clearly labeled. We indicate which referral model applies to each offer (Opt2In-mediated vs. your personal invite code).
• Click tracking is handled by the destination brand or its affiliate network (not by us directly), and is standard practice under US advertising law.
• We never recommend an offer because we earn more from it. Offers are matched to your actual interests, topics, and off-platform activity. Payout differences don’t change which offer gets surfaced.

We comply with the FTC’s endorsement guidelines: Opt2In earns commissions from some links; we disclose this on the monetize page and in our offer library.

You have the following rights regarding the limited personal information we do hold about you. These rights apply under the California Consumer Privacy Act (CCPA/CPRA) and equivalent laws in Colorado, Connecticut, Virginia, Utah, Texas, and other states with active privacy laws as of 2026.

Right to know

You can ask what personal information we have about you. Email privacy@opt2in.com. For most users, the answer is simply “your email address, if you submitted it,” because we don’t collect much else.

Right to delete

You can ask us to delete your personal information. Email the same address. We’ll delete your email from our newsletter list within 10 business days and confirm when it’s done.

Right to correct

You can ask us to correct inaccurate personal information about you. Same email.

Right to opt out of sale or sharing

We do not sell or share personal information as those terms are defined under CCPA. If this ever changes, we will update this policy and provide an opt-out mechanism. Until then, there is nothing to opt out of.

Right to non-discrimination

We will not deny service, charge different prices, or provide a different level of service because you exercise any of the rights above.

Response times

We respond to verified consumer rights requests within 45 days. To verify your request, we may ask you to confirm you have access to the email address the request mentions.

Authorized agents

You may designate an authorized agent to make a request on your behalf. We will require proof of authorization (such as a signed permission letter) before processing the request.

• Your Instagram data export: never stored. Exists only in your browser’s memory during the session.
• localStorage summary: stays on your device until you clear it. We cannot see or delete it remotely.
• Email address (if submitted): retained until you unsubscribe or request deletion.
• AI chat questions: not retained by us. Anthropic retains per their policy (typically 30 days or less for API calls).
• Server access logs: retained by Netlify for 30 days for security and debugging.
• Support emails you send us: retained for as long as the conversation remains relevant, typically under 2 years.

Opt2In is intended for adults age 18 and older. We do not knowingly collect personal information from anyone under 18. If you believe a minor has submitted information to us, email privacy@opt2in.com and we will delete it promptly.

We will update this policy when our practices change. When we make a material change, we will update the “Last updated” date at the top and, where appropriate, notify current email subscribers. If you strongly disagree with a change, you can request deletion of your data.

Questions, requests, complaints, or anything else privacy-related:

• Email: privacy@opt2in.com
• General: robert@opt2in.com
• Postal: OPT2IN LLC, Miami, Florida, USA (email first for faster response)

If you are a California resident and believe we have not responded to a rights request in a reasonable time, you may also contact the California Attorney General’s office at oag.ca.gov/privacy.