Legal entity
It's always good to idea to understand who is behind the things you sign in to. So, some introductions! This app is built by me, Stef Lewandowski, @stef on Twitter and Instagram. I'm a designer and software developer in London, UK. It's... just me. But to make sure things are set up well for privacy and data ownership reasons, I've set up Year of Colour as a limited company. So the legal entity we're talking about here is Year of Colour Ltd., a UK company, number 13075471.
Why you have to sign in
In 2020 Instagram went through some major changes with its API (Application Programming Interface). The new terms of service for app developers are that you cannot use Instagram login as a way to identify users. To be able to use the API we have to implement our own login system in addition to Instagrams. One side benefit of this is that with the new accounts system you can more easily switch between Instagram accounts and connect more than one to your email address. It also means that multiple people can get access to reports for the same Instagram account. Oh, and in the future, maybe this won't just be about Instagram!
Signing in
When you sign in to Year of Colour you can use your email or an account on Google or Facebook. The app never sees your password on these services, and store a temporary "authentication token" in your browser after you've done that. That tells the app that you really are who you say you are. The app doesn't do anything else with those details, except store a user in our Firebase account so we know who you are. It stores an email address and an ID.
When you then sign in using Instagram, you are redirected to Instagram.com to approve access to your account.
Signing in happens in Instagram.com, and there is no way for us to see your account password. Instead, Instagram allows us temporary access to your account to be able to view your images. This happens by Instagram issuing us a "token", that we use to call Instagram's API (Application Programming Interface). You can read more about the Instagram API on their website if you like.
Us viewing your images
Once you are signed in and we have a "token", we're able to view all of your images in your account in order to generate your colour report. If you are concerned about a third party service being able to do this, then please do not sign in. If you are concerned about this being possible after you have finished using the app, you can disconnect your account from the profile page. This will expire your token and it will mean that we are no longer able to view your images.
Why the app asks for email
This is a side project built by me, Stef. As such, it can be a little bit temperamental and prone to errors at times. Plus, the colour reports sometimes take a long time, or even sometimes fail to generate. So the safest thing is to be able to email everyone their reports. After you sign up, you'll occasionally hear from Year of Colour to say that new report types are available - "Your Spring colours" and things like that. You can opt out of these.
Generating a report
To generate a report, we request "pages" of images from the Instagram API. We check each page and gather any images that are in the period of time the report covers. We store the information about each Instagram post that's within the period locally in your browser. The app does not store all the information about individual posts in our database.
Then, the system downloads each of the images, temporarily into memory, checks out the awesome colours it contains, stores those colours in the database and then *poof*, we forget the image and don't store it anywhere. So, we deliberately don't take copies of your images, but we do store the colour values. This means that your actual images shouldn't "leak" to anyone accidentally.
Then, your reports are stored in the database. We remove the URL to the actual image. So if you have a private account, you can safely use the app in the knowledge that only information about your colours actually leave your account. These reports are publicly available to anyone, but only if they know the ID of the report (the long, random string of characters you see in the web address). If you're not comfortable with your report being public, then either please don't use the service, or use it, and then delete your Year of Colour account once you're done (see below).
A note about advertising
We have a Facebook pixel and use Google Analytics. Both of these are set up so that we can run advertising when we have products or services that we want to promote. You can opt out of that tracking using the cookie popup.
Pro and e-commerce data
When you sign up for a pro account, you set up a subscription using our subscription service on Chargebee. You'll be asked for your card details and potentially your physical address. Card details are stored securely in Stripe and we never see them, but you give permission to set up a recurring payment. You can cancel and delete your data using the Chargebee portal.
It's likely that Year of Colour will start selling physical products - prints and the like. To do that, we'll also store your physical address in Shopify.
Cookies
The app sets a cookie when you log in and we use this to authenticate requests. That's kind of crucial, so you can't turn that off!
You'll also see cookies set by Facebook and Google Analytics. These are for advertising and analytics. You can turn those off if you like, using the cookie popup.
Commercial use of your data
I don't have any data sharing arrangements with any third parties.
Your user data
I've designed the system to only store a minimal amount of information about you, but we do need to store your Instagram ID, username, email (as I've explained above), your image data (temporarily while we are generating reports), and your colour reports.
To erase all that data, you can delete your account. That wipes everything out - all your colours, images, everything. But this does not in any way affect your Instagram account. You won't lose anything.
For now, to request deletion, please email me at [email protected] with the title "Deletion". I'll be adding a way to delete your data yourself in the coming weeks.