Privacy Policy

Effective date: June 10, 2026 · Last updated: June 10, 2026

1. Data Controller

The data controller responsible for the processing of personal data described in this policy is:

ten2 (company in formation)
Jannis Bewersdorf
Appener Weg 6, 20251 Hamburg, Germany
Email: hello@ten2.xyz

2. Scope of this Policy

This policy applies to (a) visitors of the ten2.xyz website and (b) users of ten2's products and marketing tools that connect to third-party platforms such as Meta / Instagram on the user's behalf.

3. Data We Collect

3.1 Website data

3.2 Meta / Instagram platform data

When you connect an Instagram account to a ten2 marketing tool, we obtain the following information from Meta via the Instagram Graph API and the Meta Marketing / Pages APIs, strictly under the permissions you grant:

We do not collect Meta passwords. Authentication is handled by Meta via OAuth.

4. Purposes of Processing

Legal bases under the GDPR: performance of a contract (Art. 6(1)(b)), your consent for analytics and platform connection (Art. 6(1)(a)), and our legitimate interests in operating and securing the service (Art. 6(1)(f)).

5. Storage, Processors and Sub-processors

All processors are bound by data processing agreements. Where data is transferred outside the EU/EEA, we rely on Standard Contractual Clauses.

6. Data Retention

Meta / Instagram platform data is retained for as long as your account connection to ten2 is active. You can disconnect your account at any time inside the product, which immediately revokes our access tokens and triggers deletion of the associated platform data within 30 days. You can also request deletion directly — see our Data Deletion Instructions.

Aggregated, fully anonymised metrics that can no longer be tied to an individual or account may be retained for product analytics.

7. Security

We apply industry-standard measures to protect your data: TLS in transit, encryption of secrets and access tokens at rest, role-based access control, row-level security on the database, audit logging and the principle of least privilege for staff access. Access to production data is limited to a small number of authorised personnel.

8. Your Rights

Under the GDPR you have the right to:

To exercise any of these rights, contact us at hello@ten2.xyz.

9. Compliance with Meta Platform Terms

ten2 complies with the Meta Platform Terms and Developer Policies. Data obtained from Meta is used only to provide the functionality described in this policy (publishing on your behalf and surfacing analytics back to you). We do not sell, rent or trade Meta platform data, we do not use it for advertising targeting, and we do not share it with data brokers, ad networks or any party other than the sub-processors listed in section 5, who act on our instructions.

10. Cookies & Analytics

Our website uses essential cookies for proper functionality. With your consent, Google Analytics 4 collects anonymised usage data (pages visited, time spent, referring URLs) to help us improve the website. Your IP address is anonymised before processing. You can change your cookie preferences at any time via the cookie banner.

11. Changes to this Policy

We may update this policy from time to time. Material changes will be announced on this page with an updated effective date.

12. Contact

Questions about this policy or your data? Email hello@ten2.xyz.