What is InstaCollabs?

InstaCollabs is an influencer-first marketplace that connects Instagram creators with brands for paid and barter collaborations.

Who can join InstaCollabs?

Instagram creators, influencers of all sizes, and brands looking to run influencer marketing campaigns can join InstaCollabs.

How do campaigns work on InstaCollabs?

Brands publish campaign briefs; creators apply; brands select creators and manage collaborations directly or through the platform.

How are payments and deliverables handled?

Campaigns may be paid or barter-based depending on the brand. Payment terms and deliverables are agreed in the campaign brief or via platform messaging.

What is InstaCollabs?

InstaCollabs is an influencer-first marketplace that connects Instagram creators with brands for paid and barter collaborations.

Who can join InstaCollabs?

Instagram creators, influencers of all sizes, and brands looking to run influencer marketing campaigns can join InstaCollabs.

How do influencer campaigns work on InstaCollabs?

Brands publish campaign briefs and creators apply. Brands then select creators and manage collaborations directly or via the platform.

Are campaigns paid or barter based?

Campaigns can be paid, barter-based, or both, depending on the brand's collaboration model.

Privacy Policy

Last updated: 13 October 2025

Effective date: 13 October 2025

Controller / Operator:

XetaBytes Digital LLP (“XetaBytes”, “we”, “us”, “our”), operator of the InstaCollabs platform at instacollabs.com (the “Service” or “Platform”). This Privacy Policy governs all processing of Personal Data carried out by XetaBytes in connection with the Service.

Official contact for all privacy matters: contact@xetabytes.com

By using the Service you expressly consent to the collection, processing, transfer and retention of your Personal Data as described below and acknowledge the terms contained herein.

1. Scope & Applicability

This Privacy Policy applies to all Personal Data collected, stored, processed or transferred by XetaBytes in connection with the Service (including the website, mobile interfaces, email, phone, chat and other interactions). The Service is intended to operate in India only and users must be legally competent to enter contracts in India.

2. Definitions

For clarity:

- Personal Data / Personal Information: any information that identifies or can reasonably identify an individual.

- Creator: a user who registers to apply for collaborations.

- Brand: an entity or individual that posts campaigns and engages creators.

- Processing: any operation performed on Personal Data (collect, use, store, disclose, transfer, erase, etc.).

3. Data Controller

XetaBytes Digital LLP is the data controller. All privacy communications and requests must be sent to contact@xetabytes.com. Provide sufficient details to identify your account and the nature of the request. XetaBytes may require identity verification before acting on a request.

4. Categories of Personal Data Collected

We collect categories of Personal Data necessary to operate the Service and to protect XetaBytes’ legitimate business interests, including:

- Account & Profile Data: name, business name (brands), email, phone, postal address (optional), Instagram handle and related public information, profile photo, bio, niche, follower counts, sample post URLs, media kits and other profile fields you submit.

- Application & Campaign Data: Quick Apply submissions, pitches, uploaded media (images/videos/documents), shortlisting and approval records.

- Payment & Billing Data: transaction identifiers, billing name and address, payment confirmations and tokens from payment processors (XetaBytes does not store full card numbers).

- Support & Communication Data: support tickets, emails, chat transcripts, call notes.

- Technical & Usage Data: IP address, device identifiers, browser/OS, session logs, pages visited, clicks, referral URL, analytics and error logs.

- Third-party / Public Data: publicly-available Instagram profile data, vendor data (fraud prevention, analytics), and other third-party data used to verify profiles or campaign performance.

5. Purposes of Processing

XetaBytes processes Personal Data for the following purposes (including for its legitimate business interests):

1. Provision and administration of the Service: create/manage accounts, display campaigns, accept onboarding payments, manage applications and coordinate campaigns.

2. Verification & quality control: validate Instagram handles and public data, screen for fake or low-quality accounts, and maintain a trustworthy marketplace.

3. Payments & recordkeeping: process onboarding fees and retain transaction records for accounting, tax, audit and compliance.

4. Communications & support: respond to queries, provide administrative notices and coordinate campaign logistics.

5. Service improvement, analytics & security: analyze usage, improve services, detect and prevent fraud, abuse or security incidents.

6. Legal & regulatory compliance: comply with legal obligations, enforce Terms & Conditions, defend legal claims and cooperate with regulatory or law enforcement requests.

7. Business operations & corporate transactions: internal operations, audits, research, and transfers in connection with mergers, acquisitions or asset sales.

8. Marketing & profiling (company-controlled): profiling for campaign matching, product enhancement and promotional messaging where permitted; you may be sent marketing unless you opt out where consent is required.

6. Strong Company-Favouring Legal Bases & Consent

Where applicable law requires a legal basis, XetaBytes relies on the performance of contract, compliance with legal obligations, and XetaBytes’ legitimate interests (including fraud prevention, analytics, business improvement). Where consent is required (e.g., certain marketing or optional features), XetaBytes will seek such consent; however, continued use of the Service after material disclosures constitutes consent to this Policy to the fullest extent permitted by law.

7. Disclosure & Recipients

XetaBytes will not sell Personal Data. XetaBytes may disclose Personal Data to:

- Brands & campaign stakeholders: when you apply or are shortlisted we will provide necessary profile/application information to relevant brand(s) for evaluation. Only data necessary for evaluation will be shared.

- Service providers & processors: payment processors, cloud/hosting providers, email/CRM vendors, analytics providers, fraud prevention vendors and other third parties acting on XetaBytes’ instructions under contractual security/confidentiality obligations.

- Affiliates, contractors & partners: entities assisting XetaBytes with operations.

- Legal & regulatory recipients: as required to comply with law, court orders or to protect XetaBytes’ rights and property.

- Corporate transactions: to parties involved in mergers, acquisitions or sales (subject to confidentiality safeguards).

- With your explicit authorization: any other parties only if you expressly authorize such disclosure.

Third-party integration notice: XetaBytes may request or require that you integrate or connect your account with third-party services, APIs, tools or software (including analytics, verification and performance measurement services) in order to validate profile legitimacy, verify audience metrics, and confirm campaign performance. By connecting or authorizing such third-party integrations, you expressly consent to the third party collecting, storing and processing Personal Data for its own purposes as well as for XetaBytes’ purposes. XetaBytes is not responsible for third-party processing practices, storage, security, or compliance; you accept any risks associated with such integrations.

8. International Transfers & Express Consent

Although XetaBytes operates in India, Personal Data may be transferred to service providers or partners outside India. By using the Service you expressly consent to the transfer and processing of Personal Data outside India and accept the risks thereof. XetaBytes will implement commercially reasonable contractual and technical safeguards where possible but disclaims liability for foreign legal regimes, government access requests, or third-party processing practices beyond XetaBytes’ control.

9. Data Retention; Company Discretion

XetaBytes retains Personal Data as long as necessary for the purposes set out in this Policy and to comply with legal obligations — and reserves the right to retain data longer where necessary to protect its legitimate business interests (including fraud prevention, dispute resolution, recordkeeping and enforcement).

Typical retention guidelines (subject to company discretion and legal requirements):

- Account/profile data: retained while account is active and for up to 3 years thereafter (or longer where XetaBytes deems necessary).

- Transaction & billing records: retained for 7 years or longer for tax and audit.

- Campaign applications & materials: retained for the campaign period and typically up to 3 years after completion.

- Support logs & communications: retained for 2–3 years or as required.

XetaBytes may retain anonymized or aggregated data indefinitely and may keep backups and archives as necessary to support business operations.

10. Security; No Absolute Guarantee

XetaBytes implements reasonable administrative, technical and organizational measures (access controls, TLS encryption, secure hosting, role-based access) to protect Personal Data. However, no system is completely secure. XetaBytes does not guarantee absolute security and shall not be liable for unauthorized access or disclosure resulting from events beyond its reasonable control. In the event of a material incident affecting Personal Data, XetaBytes will investigate and take commercially reasonable measures; notice will be provided where required by law.

11. Cookies, Tracking & Analytics

We use cookies and similar technologies for functionality, analytics and marketing. Categories include:

- Essential cookies: required for basic functionality and session management.

- Performance & analytics cookies: aggregate usage data (e.g., analytics vendors) to improve the Service.

- Marketing cookies: used with consent to measure ads and target promotions.

You may manage cookie preferences via the cookie banner or browser settings; disabling non-essential cookies may limit functionality.

12. Profiling, Automated Matching & Decisioning

XetaBytes may use automated processing and profiling (including algorithms and scoring) to match creators with campaigns, prioritize shortlists, detect fraud, and improve the Service. Such processing is conducted for legitimate business purposes and to improve outcomes. By using the Service you consent to such automated processing. Where required by law, XetaBytes will provide available information about the logic involved and avenues for human review; however, XetaBytes’ business decisions and matching determinations are final and not subject to contestation except in limited circumstances permitted by law.

13. User Rights; Company Limitations & Fees

Subject to applicable law you may request access, correction, deletion, restriction, portability or objection to certain processing. To exercise rights, contact contact@xetabytes.com with sufficient information to verify your identity.

Company protective provisions: To the maximum extent permitted by law, XetaBytes may:

- refuse, limit, delay or impose a reasonable administrative fee for requests that are manifestly unfounded, excessive, repetitive or abusive;

- refuse deletion or other requests where retention/processing is necessary for legal compliance, tax obligations, fraud prevention, dispute resolution, enforcement of Terms & Conditions, or to protect XetaBytes’ legitimate interests;

- require identity verification and additional information before acting on requests; and

- exercise sole discretion (within legal bounds) in determining whether a request meets the foregoing criteria.

Requests will be processed within legally required timeframes where applicable; XetaBytes may notify you of refusal reasons where legally required.

14. Requests That Are Manifestly Unfounded or Excessive

Where permitted by law, XetaBytes may charge a reasonable fee to process manifestly unfounded or excessive requests (particularly repetitive requests) or refuse to act on such requests. Any fee will reflect administrative costs.

15. Payouts, Payments & Financial Data

Onboarding fees and any platform payments are processed via third-party payment processors. XetaBytes does not store full card details on its servers. For paid campaigns, payment terms are governed by campaign briefs and agreements between brands and creators. XetaBytes may assist in dispute resolution but is not obliged to act as escrow or to make direct payments unless expressly agreed in writing.

16. User-Generated Content & Public Information

Content you publish or make public (profile content, sample posts, campaign submissions) may be visible to brands and others. Creators are responsible for ensuring they have rights to the content and for complying with applicable disclosure rules. XetaBytes may use anonymized or aggregated campaign data and results for marketing and product improvement.

17. Third-Party Integrations & Disclaimer of Third-Party Liability

XetaBytes may require or request that creators and brands integrate their accounts with third-party services, tools or APIs (including analytics, audience verification, measurement, or CRM services) to validate profile legitimacy, verify metrics and validate campaign performance. By integrating or authorizing such third-party services you expressly permit those providers to collect, process and store your Personal Data.

Important disclaimer: XetaBytes is not responsible and expressly disclaims liability for how third-party services, applications or vendors collect, process, store, secure or disclose Personal Data. Any use of third-party integrations is at your sole risk. You should review third-party privacy policies and terms before authorizing any integration. XetaBytes’ decision to recommend, require or integrate with a third-party provider does not constitute an endorsement or guarantee of that provider’s practices.

18. Changes to this Privacy Policy Acceptance

XetaBytes may update this Privacy Policy at any time in its sole discretion. Material changes will be posted on the Platform with an updated “Last updated” date. XetaBytes is not required to provide individualized notices for non-material changes. Your continued use of the Service after posting constitutes your acceptance of the amended Policy.

19. Limitation of Liability; Remedies

To the fullest extent permitted by law: XetaBytes, its affiliates, officers, directors, employees and agents shall not be liable for any indirect, incidental, special, punitive or consequential damages (including loss of profits, loss of data, or business interruption) arising out of or related to this Privacy Policy, the Service, third-party acts, data breaches or cross-border transfers. XetaBytes’ aggregate liability for direct damages arising out of or relating to this Policy or the Service shall be strictly limited to the total onboarding fees actually paid by you to XetaBytes during the twelve (12) months preceding the event giving rise to the claim. This limitation applies regardless of legal theory and to the maximum extent permitted by law.

20. Governing Law, Jurisdiction & Dispute Resolution

This Privacy Policy and all disputes arising out of or relating to it shall be governed by the laws of India. Any dispute, claim or controversy shall be subject to the exclusive jurisdiction of the courts of New Delhi, India, to the fullest extent permitted by law.

21. Contact & Data-Protection Requests

All privacy enquiries, data requests, complaints or notices must be sent only to:

Email: contact@xetabytes.com

Provide clear account identification, a description of your request and supporting documentation. XetaBytes will verify identity and process requests in accordance with applicable law and the provisions of this Policy.

22. Miscellaneous Provisions

- No guarantee of uninterrupted service: XetaBytes may modify, suspend or discontinue the Service (or features) temporarily or permanently without liability.

- Third-party links: The Service may link to third-party platforms; XetaBytes is not responsible for third-party privacy practices.

- Severability: If any provision is held invalid, the remainder of this Policy remains in force.