Privacy Policy

Last updated June 2, 2026

TL;DR: Unsay runs almost entirely inside your browser. Your Instagram messages never leave your machine and we never see their content. A minimal licensing backend handles quota enforcement and license verification, receiving only anonymous, one-way identifiers (no name, no IP, no message content). Payments are processed by Gumroad on their own infrastructure.

1. Who we are

Unsay is a Chrome extension built in France by an independent developer. Contact: contact@unsay.me.

2. Data we touch

2.1 Instagram data (read, never transmitted)

• Your Instagram session cookies, read to authenticate API requests, never sent to any third party
• Active conversation IDs, read from the tab URL
• Message IDs and timestamps, read for the deletion loop, in memory only

We never read the content of your messages. Only IDs and counters.

2.2 Data held locally on your machine

• A short-lived cache (30 seconds) of your quota status and Pass license state, refreshed from our backend
• Your Pass license key, retained so the extension can revalidate it and let you deactivate it later from the side panel
• A random 256-bit installation identifier (UUID) generated locally on first launch, used to distinguish your installation from any other
• Current job state (scan, deletion, backup), ephemeral, lost when you close the browser

This local data does not contain any message content and is stored solely to support the extension's normal operation.

2.3 Data transmitted (and to whom)

• To Instagram: deletion requests (that is the purpose of the extension). We use Instagram's official API endpoints via your existing session.
• To our licensing backend (Cloudflare Workers): two anonymous identifiers and your license key, transmitted strictly for quota enforcement and license verification. Both identifiers are one-way SHA-256 derivatives designed so that the underlying values (your Instagram session identifier and your local installation UUID) cannot be recovered. No message content, no IP-based identifier, no Instagram authentication token is ever transmitted to our backend.
• To Gumroad: your license key is forwarded by our backend to Gumroad for activation, periodic revalidation, and deactivation. Payment information is collected directly by Gumroad on their checkout page and never reaches our infrastructure. Gumroad policy: gumroad.com/privacy

2.4 Anonymous identifiers used by our backend

To enforce the weekly free quota and bind one Pass license to one installation, our backend relies on two anonymous identifiers:

• User hash: a one-way SHA-256 hash of your Instagram session identifier (ds_user_id). Cannot be reversed to recover your Instagram username or any personal information.
• Installation fingerprint: a one-way SHA-256 hash combining your local installation UUID, the extension ID, your browser user-agent and your operating system platform. Cannot be reversed and contains no direct personal identifier.

These identifiers exist solely to count weekly unsends and to prevent license sharing across installations. They are not used for analytics, profiling, advertising, or any commercial purpose unrelated to the extension.

3. Tracking, analytics, audience measurement

The Unsay extension itself contains no tracking cookies, no analytics SDK, no behavioral telemetry. No Google Analytics, Plausible, Mixpanel, Sentry, Datadog or equivalent are embedded.

Our backend logs are limited to operational reporting (HTTP status codes, response timing) and contain no personal identifier beyond the anonymous hashes described in section 2.4. Commercial metrics (number of Passes sold, refund rate) are reported to us in aggregate by Gumroad.

This landing page (unsay.me) uses Google Tag Manager and Google Analytics 4 for aggregate, anonymous visit metrics (page views, traffic sources). No personal identifier is sent. You can opt out via your browser's Do Not Track setting or any GA opt-out extension.

4. Your rights (GDPR)

You have the following rights over your personal data:

• Access, rectification, deletion
• Portability
• Objection to processing
• Restriction

In practice, exercising these rights involves the following steps:

1. For Instagram data: it's your Instagram account, manage it directly from Instagram.
2. For your Pass license and the associated backend records: contact us at contact@unsay.me. We can deactivate your license, purge the associated anonymous identifiers from our backend, and confirm in writing. A Pass is a one-time purchase, there is no subscription and nothing to cancel.
3. For the extension's local data: uninstall the extension from chrome://extensions and the local cache is erased.

5. Security

Our backend runs on Cloudflare's serverless infrastructure (Workers and D1) with TLS in transit and standard access controls. The records we hold are limited to the anonymous identifiers, license metadata and quota counters described above. We do not store message content, Instagram authentication tokens, or IP-based identifiers.

Communication between the extension and our backend is authenticated and transmitted over HTTPS only.

6. Data retention

Anonymous identifiers and quota counters in our backend are retained while your Pass is active, and for a reasonable period after it expires or is deactivated (up to 90 days) to support re-activation and customer support. Beyond that period, inactive records are purged. Payment history is retained by Gumroad in accordance with their own retention policy and applicable accounting law (typically 10 years).

7. Changes to this policy

We keep this page up to date. Any material change will be announced by email to Pass holders and notified via the extension's Chrome changelog.

8. Contact

For any question about this policy or your data: contact@unsay.me

9. Chrome Web Store Limited Use compliance

Unsay's use of user data complies with the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically, we affirm that:

• We do not sell or transfer any user data to third parties, outside the explicitly authorized cases (Instagram, our own licensing backend, Gumroad, described in section 2.3).
• We do not use or transfer any user data for purposes unrelated to the single function of the extension (deleting your outgoing Instagram messages).
• We do not use or transfer any user data for creditworthiness or lending purposes.
• We use no user data for ad targeting or training AI models, and we transfer no data to ad platforms, data brokers, or information resellers.

10. Chrome permissions used

For transparency, here is what each permission requested in manifest.json is used for. This list is updated with every release.

• storage, hold locally the short-lived cache of your quota status, your Pass license state and the random installation UUID described in section 2.2.
• webRequest, read-only observation of outgoing Instagram XHR headers, so Unsay can talk to the IG API with the same security headers as your browser. No modification, no blocking.
• tabs, read only the active tab's URL when you are on instagram.com, to detect which conversation is open.
• cookies, read the ds_user_id cookie on instagram.com to identify your own messages (never anyone else's) and to derive the anonymous user hash described in section 2.4.
• alarms, trigger the periodic license revalidation every 6 hours.
• sidePanel, display the Chrome side panel, Unsay's single interactive surface.
• offscreen, generate the backup .zip file in a hidden document (technical limitation of Manifest V3 service workers).

Authorized hosts (host_permissions): strictly www.instagram.com, its media CDNs (*.cdninstagram.com, *.fbcdn.net, *.fbsbx.com) for the optional backup, our licensing backend on Cloudflare Workers, and api.gumroad.com for license verification. No other domain.