Privacy Policy for WFM
Last updated: April 2, 2026
This Privacy Policy explains how ИП ООО "ROYA BEAUTY" ("ROYA", "WFM", "we", "us", or "our") collects, uses, stores, shares, and deletes personal data in connection with WFM, available at https://test.roya.uz.
WFM is a software service that allows businesses and creators to connect Instagram professional accounts, view inbound Instagram direct messages, and use related workspace and diagnostic tools.
1. Who We Are
The operator of WFM is:
ИП ООО "ROYA BEAUTY" Legal address: ГОРОД ТАШКЕНТ, ЯККАСАРАЙСКИЙ РАЙОН, TEPA MFY , YUSUF XOS XOJIB KO'CHASI, 64-UY Email: roya.uzbekistan@gmail.com Privacy contact / messenger: https://www.instagram.com/roya.esthetician/ Website: https://test.roya.uz
2. Scope of This Policy
This Privacy Policy applies to:
- visitors to https://test.roya.uz;
- businesses, creators, and authorized users who use WFM;
- individuals whose information appears in Instagram conversations retrieved through WFM at the request of a connected business or creator.
Where WFM processes Instagram conversation data for a connected business or creator, that business or creator may also be responsible for its own notices, permissions, and compliance obligations under applicable law.
3. Data We Collect
We may collect and process the following categories of data:
a) Account and contact data
Name, email address, company or workspace name, user role, and other information you provide to us.
b) Instagram and integration data
Instagram account ID, username, profile-related data, granted permissions, business-related identifiers, webhook subscription status, and connection status information.
c) Authentication data
Access tokens, refresh tokens if applicable, token expiry information, and related authentication and authorization records.
d) Message and conversation data
Message content, timestamps, conversation identifiers, sender and recipient Instagram-scoped identifiers, attachments or attachment metadata, and related conversation metadata made available through the Instagram integration.
e) Technical, log, and diagnostic data
IP address, browser and device information, request logs, error logs, API responses, webhook events, diagnostic records, and security-related logs.
f) Support and communications data
Messages, emails, screenshots, logs, and other materials you send to us when requesting support.
4. Sources of Data
We collect data:
- directly from you;
- from Meta and Instagram when you connect an Instagram professional account and authorize WFM;
- automatically when you use WFM;
- from your organization, where an administrator or teammate creates or manages your workspace access;
- from Instagram conversation flows, solely to provide the functionality requested by the connected business or creator.
5. How We Use Data
We use personal data to:
- create and manage user accounts and workspaces;
- authenticate users and maintain secure access;
- connect, maintain, and troubleshoot Instagram integrations;
- retrieve, display, organize, and monitor inbound Instagram direct messages and related conversation data;
- store and manage access credentials and connection status;
- provide diagnostics, logs, and service monitoring;
- protect WFM against fraud, abuse, unauthorized access, and security incidents;
- respond to support requests and communicate with users;
- comply with applicable law, lawful requests, and platform obligations;
- enforce our Terms of Service and protect our rights and users.
6. Legal Bases
Where required by applicable law, we rely on one or more of the following legal bases:
- performance of a contract;
- legitimate interests in operating, securing, and improving WFM;
- compliance with legal obligations;
- consent, where consent is required.
7. How We Use Meta Platform Data
Data received from Meta technologies is used only to provide, maintain, secure, support, and improve the WFM features requested by the user.
We do not sell or rent Meta Platform Data.
We do not use Meta Platform Data for data brokerage or unrelated advertising purposes.
8. Sharing of Data
We may share personal data:
- with hosting, infrastructure, support, and security service providers that help us operate WFM;
- with Meta or Instagram where necessary to enable the integration or comply with platform requirements;
- within your organization or workspace, based on roles and permissions;
- with advisers, regulators, law enforcement, courts, or other third parties where required by law or reasonably necessary to protect rights, safety, or security;
- in connection with a merger, acquisition, financing, restructuring, or sale of assets, subject to appropriate safeguards.
We do not sell personal data.
9. International Transfers
Your data may be processed in countries other than your own. Where required, we will use reasonable safeguards for international transfers.
10. Data Retention
We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the service, maintain security and auditability, resolve disputes, and comply with legal obligations.
As a general rule:
- active account and integration data is retained while the account or workspace remains active;
- technical logs and diagnostic records may be retained for up to 12 months, unless a longer period is required for security or legal reasons;
- backup copies may be retained for up to 90 days before deletion or overwrite in the normal backup cycle;
- after a verified deletion request, relevant data will be deleted or de-identified from active systems within a commercially reasonable period, typically within 30 days, subject to legal, security, and backup limitations.
11. Security
We use reasonable administrative, technical, and organizational measures designed to protect personal data, including access controls, credential protection, logging, and security monitoring.
No method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.
12. Your Rights
Depending on your location and applicable law, you may have the right to request access, correction, deletion, restriction, objection, or portability in relation to your personal data.
To submit a privacy request, contact:
Email: roya.uzbekistan@gmail.com Messenger / Instagram: https://www.instagram.com/roya.esthetician/
If you are an Instagram user who contacted a business or creator using Instagram and your information appears in WFM because of that interaction, please first contact that business or creator directly. You may also contact us using the details above.
13. Data Deletion Requests
You may request deletion of your data by contacting us at roya.uzbekistan@gmail.com or via https://www.instagram.com/roya.esthetician/.
Please provide enough information for us to identify your account or workspace, such as your full name, account email, workspace or company name, and connected Instagram username. We may request reasonable verification before processing your request.
14. Third-Party Services
WFM may rely on third-party services, including Meta, Instagram, hosting providers, email providers, and other technical service providers. Those third parties have their own terms and privacy practices.
15. Children’s Privacy
WFM is not directed to children. You must have reached the minimum age required by applicable law and Meta / Instagram rules to use WFM and operate or access a connected Instagram professional account.
16. Changes to This Policy
We may update this Privacy Policy from time to time. The updated version will be posted at this URL with a new "Last updated" date. Material changes may also be communicated through the service or by email where appropriate.
17. Contact
ИП ООО "ROYA BEAUTY" Legal address: ГОРОД ТАШКЕНТ, ЯККАСАРАЙСКИЙ РАЙОН, TEPA MFY , YUSUF XOS XOJIB KO'CHASI, 64-UY Email: roya.uzbekistan@gmail.com Messenger / Instagram: https://www.instagram.com/roya.esthetician/ Website: https://test.roya.uz