What are the requirements to use this platform?

You need an Instagram Business or Creator account connected to a Facebook Page. Personal Instagram accounts are not supported due to Instagram API limitations. The setup takes just a few minutes through our secure OAuth2 connection.

How does the AI caption generation work?

Our platform uses advanced AI to analyze your images for composition, mood, and content, then generates contextually relevant captions based on your brand voice and preferences. Each caption is unique and tailored to your specific image.

Can I use this with multiple Instagram accounts?

Yes! You can connect unlimited Instagram accounts. Each account has its own subscription tier, settings, and quotas. This makes it perfect for agencies managing multiple clients or brands with different strategies.

What languages are supported?

FREE tier: German & English. STARTER/PRO include 24 European languages: German, English, French, Spanish, Italian, Dutch, Portuguese, Polish, Swedish, Norwegian, Danish, Finnish, Greek, Czech, Hungarian, Romanian, Bulgarian, Croatian, Slovak, Slovenian, Lithuanian, Latvian, Estonian, Turkish. Asian Languages Pack (+€7.99/month): Japanese, Korean, Chinese, Hindi.

What add-ons are available?

European Languages Pack (+€5/month): Unlock all 24 EU languages for FREE tier users. Asian Languages Pack (+€7.99/month): Japanese, Korean, Chinese, Hindi. GIF Stories (+€5/month): Create animated stories with GIF stickers, drag/resize/opacity controls. All add-ons are billed monthly and aligned with your plan's billing cycle.

Is there a free trial?

Yes! Start with our FREE tier (10 stories/month, no credit card required). You can upgrade to STARTER or PRO anytime, and we offer a 30-day money-back guarantee on paid plans.

How does the per-account pricing work for agencies?

Each Instagram account you manage has its own subscription. Mix and match tiers based on client needs - use FREE for testing, STARTER for growing clients, and PRO for high-volume accounts. This transparent model makes client billing simple.

What's the difference between the plans?

FREE gives you 10 stories/month to test the platform (images only). STARTER adds 100 stories, video support (15s), and more regenerations. PRO removes all limits with unlimited stories, longer videos (30s), and shorter posting intervals.

Is my Instagram account safe?

Absolutely. We use OAuth2 authentication approved by Facebook/Meta. We never ask for your Instagram password and can only access what you explicitly grant us permission to. Your account security is our top priority.

Can I cancel anytime?

Yes, you can cancel your subscription at any time with no penalties. You'll continue to have access until the end of your billing period. You can also downgrade to FREE tier if you want to keep using the platform.

How does the ecommerce integration work?

Import your product feed and the AI automatically creates product videos for your stories. With the link-in-bio page, you make your profile shoppable. Click analytics show you which products perform best. Available from STARTER, with premium features in the Ecommerce addon.

Back

Privacy Policy

Story Planner Pro

Information pursuant to Art. 13, 14 GDPR — Last updated: January 2026

1. Controller

Emporion Innovations GmbH

Ludwigstr. 32

63067 Offenbach am Main

Germany

Email: info@emporion.technology
Phone: +49 (0) 69 99998088

Managing Directors: Alexander Kuchta, Dennis Schmitz

Commercial Register: District Court Offenbach am Main
Registration Number: HRB 51283
VAT ID: DE284997944

Data Protection Inquiries:
Email: datenschutz@storyplannerpro.de

2. Overview of Data Processing

Story Planner Pro is a SaaS platform for automating Instagram Stories with AI-generated captions and providing link-in-bio pages. In the course of our operations, we process the following categories of personal data:

User account data
Instagram account information
Uploaded images and videos
AI-generated content
Product data from Google Shopping Feeds
Analytics and usage data
Payment information

2.1 Our Different Roles

Context	Our Role	Description
Website storyplannerpro.de	Controller	Marketing website, registration, dashboard
SaaS Platform (User Account)	Controller	Account management, billing, support
Users' link-in-bio pages	Processor	Technical hosting on behalf of our users

3. Legal Bases

The processing of personal data is based on the following legal bases:

Legal Basis	Use Case
Art. 6(1)(b) GDPR (Contractual Necessity)	Provision of our services pursuant to the user agreement
Art. 6(1)(a) GDPR (Consent)	Use of optional cookies, analytics, marketing
Art. 6(1)(f) GDPR (Legitimate Interests)	IT security, fraud prevention, optimization
Art. 6(1)(c) GDPR (Legal Obligation)	Tax retention obligations

4. Collection and Processing of Personal Data

4.1 User Account Data

Data Collected:

Email address
Encrypted password (stored as hash only)
Name / company name
Account creation date
Legal notice data (for link-in-bio pages)

Purpose: Service provision, authentication, customer support

Legal Basis: Art. 6(1)(b) GDPR (contractual necessity)

Retention Period: Until account deletion by the user, then 30 days until final deletion

Service Provider: Supabase (USA) – Processing based on EU Standard Contractual Clauses and EU-US Data Privacy Framework

4.2 Instagram Account Data

Data Collected:

Instagram username and profile ID
Profile picture URL
Access token (stored encrypted)
Account verification status

Purpose: Automated posting of stories, retrieval of analytics data

Legal Basis: Art. 6(1)(b) GDPR (contractual necessity)

Third-Party Provider: Meta/Instagram Graph API

Note: We do not permanently store Instagram content. Processing is carried out in accordance with Meta Platform Terms of Use.

4.3 Image and Video Content

Data Collected:

Uploaded images and videos
Image metadata (size, format, upload time)
AI-generated image analyses and captions
Approval and rejection decisions

Purpose: AI caption generation, story scheduling and publishing

Legal Basis: Art. 6(1)(b) GDPR (contractual necessity)

Processing:

Azure Blob Storage (Microsoft): Secure storage in EU data centers
OpenAI GPT-4 (USA): AI analysis for caption generation. OpenAI processes your data in accordance with their privacy policy and does not use data submitted via our API to train their models.

4.4 Google Shopping Feed and Product Data

Data Collected:

Feed URL
Product data (titles, descriptions, prices, images, links)

Purpose: Display of products on link-in-bio pages

Legal Basis: Art. 6(1)(b) GDPR (contractual necessity)

4.5 Payment Data

Data Collected:

Stripe Customer-ID
Subscription ID and status
Selected pricing plan
Billing address

Important: We do NOT store any credit card data. All payment information is processed exclusively by Stripe.

Payment Service Provider:

Stripe Inc.

510 Townsend Street, San Francisco, CA 94103, USA

Stripe is PCI-DSS Level 1 certified and certified under the EU-US Data Privacy Framework. Additionally, EU Standard Contractual Clauses apply.

More information: https://stripe.com/de/privacy

Retention Period: Billing data is retained for 10 years pursuant to Section 147 of the German Fiscal Code (AO).

4.6 Analytics and Usage Data

Data Collected:

Story performance metrics (impressions, reach, taps)
Usage statistics (uploaded images, scheduled stories)
Feature usage and quota consumption

Source: Instagram Graph API (Instagram Insights)

Legal Basis: Art. 6(1)(b) GDPR (contractual necessity)

5. Data Processing on Link-in-Bio Pages

5.1 Our Role: Processor (Art. 28 GDPR)

For the link-in-bio pages created by our users, we act as a processor pursuant to Art. 28 GDPR. The respective user (shop operator) is the controller under data protection law.

The details of data processing are governed by our Data Processing Agreement (DPA): https://storyplannerpro.de/avv

5.2 Data We Process on Link-in-Bio Pages

Data	Storage	Note
IP Addresses	No	Technically transmitted but not stored
Click counts, page views	Yes, anonymized	No personal data
Cookie consent status	Yes	If the user integrates tracking tools

5.3 No Proprietary Tracking Tools on User Pages

We do NOT deploy any proprietary tracking tools on our users' link-in-bio pages. Specifically, we do not use:

❌ No Facebook Pixel
❌ No Google Analytics
❌ No other analytics or marketing tools for our purposes

5.4 Optional Tracking Tools by Users

Our users may optionally integrate their own tracking tools (Facebook Pixel, Google Analytics 4) on their link-in-bio pages. In this case:

The user (shop operator) is the controller under data protection law
The user must obtain consent from visitors
We provide a cookie consent solution that activates tracking only after consent is given

6. Cookies and Similar Technologies

6.1 Essential Cookies (Required)

Session management and authentication
Cookie consent preferences
Security features (CSRF protection)

Legal Basis: Section 25(2)(2) TDDDG (technically necessary), Art. 6(1)(f) GDPR

6.2 Analytics Cookies (Optional)

Anonymized usage statistics
Performance monitoring
Hotjar – heatmaps and session recordings to improve usability

Legal Basis: Art. 6(1)(a) GDPR (consent), Section 25(1) TDDDG

6.3 Marketing Cookies (Optional)

Meta Pixel / Conversions API
Content personalization

Legal Basis: Art. 6(1)(a) GDPR (consent), Section 25(1) TDDDG

7. Meta Conversions API and Facebook Pixel

Data Subjects	Visitors of the website storyplannerpro.de
Purpose	Optimization of our services and advertising campaigns
Processed Data	Event data, user behavior, device information, IP address, email (hashed)
Retention	Customer data is deleted within 48 hours after matching
Legal Basis	Art. 6(1)(a) GDPR (consent)

Important: This processing takes place only on our own website (storyplannerpro.de), not on our users' link-in-bio pages.

Technical Description

To measure the success of our advertisements, we use the Meta Conversions API. This is a server-side interface that transmits user interactions such as registrations or subscription completions directly from our server to Meta. Unlike the browser-based Meta Pixel, data transmission occurs server-to-server, enabling higher data quality and better data protection.

The entity responsible for data processing in Europe is Meta Platforms Ireland Limited (Grand Canal Square, Dublin 2, Ireland). The parent company Meta Platforms Inc. is based in the USA.

Purpose at Story Planner Pro

The use of this technology helps us understand which marketing channels bring new users to our platform. This allows us to allocate our advertising budget more effectively and continuously improve Story Planner Pro. The insights gained are used exclusively to optimize our own services.

Categories of Data Transmitted

Conversion Events: Type of action (e.g. registration, subscription completion), timestamp
Pseudonymized User Data: Email and internal user ID are cryptographically hashed via SHA256 before transmission
Technical Data: IP address, browser identifier, operating system, screen size
Meta-Specific Identifiers: Ad click ID (fbclid), browser cookie (fbp)
Context Data: URL of the visited page

Storage by Meta

According to Meta, the transmitted customer data is removed from their systems within 48 hours after matching with existing user profiles. Meta operates servers worldwide; aggregated statistics may be retained for longer periods.

Joint Controllership

For the collection and transmission of data to Meta, a joint controllership exists pursuant to Art. 26 GDPR. The joint controllership addendum is available here: https://www.facebook.com/legal/controller_addendum

Your Control Options

Data collection only takes place if you have consented via our cookie banner. You may withdraw your consent at any time via the cookie settings in the footer of our website.

Additionally, Meta offers its own settings:

Meta Ad Settings: https://www.facebook.com/settings/?tab=ads
European Opt-Out Platform: https://www.youronlinechoices.com/

International Data Transfer

Meta Platforms Inc. participates in the EU-US Data Privacy Framework and is accordingly certified. This ensures an adequate level of data protection for transfers to the USA. Additionally, EU Standard Contractual Clauses apply (Art. 46(2)(c) GDPR).

Further Information:

Meta Privacy Policy: https://www.facebook.com/privacy/policy/
Meta Data Processing Terms: https://www.facebook.com/legal/terms/dataprocessing
EU-US Data Privacy Framework: https://www.dataprivacyframework.gov/

8. Hotjar

We use Hotjar to analyze user behavior on our website (storyplannerpro.de) – not on our users' link-in-bio pages.

Provider:

Hotjar Ltd.

Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta

Processed Data:

Mouse movements, clicks, scroll behavior (heatmaps)
Session recordings (anonymized)
Device information

Legal Basis: Art. 6(1)(a) GDPR (consent)

Data Protection Measures:

IP addresses are anonymized
Form fields are automatically masked
Sensitive data is not captured

Opt-Out: You can prevent data collection by Hotjar by withdrawing your consent in the cookie banner or using the Hotjar opt-out: https://www.hotjar.com/legal/compliance/opt-out

More information: https://www.hotjar.com/legal/policies/privacy/

9. OpenAI (AI Processing)

We use the OpenAI API for generating AI captions.

Provider:

OpenAI, L.L.C.

3180 18th Street, San Francisco, CA 94110, USA

Processed Data:

Uploaded images (for analysis)
Generated captions

Purpose: AI-based image analysis and caption generation

Legal Basis: Art. 6(1)(b) GDPR (contractual necessity)

Important Note: We use the OpenAI API with training disabled. OpenAI does not use any data submitted via our API to train their models. Data is not permanently stored by OpenAI after processing.

International Data Transfer: OpenAI is certified under the EU-US Data Privacy Framework. Additionally, EU Standard Contractual Clauses apply.

More information: https://openai.com/policies/privacy-policy

10. Brevo (Email Service)

For sending transactional emails (registration confirmation, password reset, invoices, notifications) and, where applicable, newsletters, we use Brevo (formerly Sendinblue).

Provider:

Brevo (Sendinblue GmbH)

Köpenicker Str. 126, 10179 Berlin, Germany

(Parent company: Sendinblue SAS, Paris, France)

Processed Data:

Email address
Name (if provided)
Time and status of email delivery (opened, clicked)
IP address upon opening (for statistics)

Location: Brevo is an EU provider based in Germany/France. Data processing takes place exclusively within the EU.

More information: https://www.brevo.com/de/legal/privacypolicy/

11. Third-Party Disclosure and Processors

We only disclose your personal data to third parties to the extent necessary for the provision of our services or where there is a legal basis.

11.1 Processors

Provider	Location	Purpose	Safeguards
Microsoft (Azure)	USA	Cloud hosting, data storage, backend	EU data centers, EU-US DPF, SCCs
Supabase Inc.	USA	Database, authentication	EU region (Frankfurt), EU-US DPF, SCCs
Stripe Inc.	USA	Payment processing	PCI-DSS Level 1, EU-US DPF, SCCs
OpenAI, L.L.C.	USA	AI caption generation	EU-US DPF, SCCs, no training
Hotjar Ltd.	Malta (EU)	User analytics	EU provider
Brevo (Sendinblue)	France (EU)	Email delivery	EU provider, GDPR-compliant

11.2 Other Recipients

Recipient	Purpose	Legal Basis
Meta/Instagram	Story publishing, analytics, conversion tracking	Art. 6(1)(b) + (a) GDPR
Tax Authorities	Statutory retention obligations	Art. 6(1)(c) GDPR

12. International Data Transfers

Personal data is transferred to the USA to the following recipients:

Microsoft Corporation (Azure)
Supabase Inc.
Stripe Inc.
OpenAI, L.L.C.
Meta Platforms, Inc. (with consent only)

Safeguards

EU-US Data Privacy Framework: All aforementioned US companies are certified under the EU-US Data Privacy Framework. The European Commission adopted an adequacy decision on July 10, 2023 (Implementing Decision (EU) 2023/1795).

Standard Contractual Clauses: Additionally, we have entered into EU Standard Contractual Clauses pursuant to EU Implementing Decision 2021/914 with all providers.

Supplementary Measures: Primary data processing takes place in EU data centers where possible (Microsoft Azure: West Europe/Germany West Central; Supabase: Frankfurt).

13. Retention Periods

Data Category	Retention Period
Active accounts	As long as the account is active
Deleted accounts	Complete deletion within 30 days
Backup data	Automatic deletion after 90 days
Billing data	10 years (Section 147 AO, Section 257 HGB)
Support requests	3 years after resolution
Analytics data (Meta, Hotjar)	According to provider policies
Anonymized statistics (link-in-bio)	Indefinite (no personal data)

Upon expiration of the retention period, data is deleted or anonymized, unless statutory retention obligations apply.

14. Your Rights

Under the GDPR, you have the following rights with regard to your personal data:

Right	Description	Legal Basis
Access	You may request information about your stored data	Art. 15 GDPR
Rectification	You may request the correction of inaccurate data	Art. 16 GDPR
Erasure	You may request the erasure of your data	Art. 17 GDPR
Restriction	You may request the restriction of processing	Art. 18 GDPR
Data Portability	You may receive your data in a structured, machine-readable format	Art. 20 GDPR
Objection	You may object to the processing of your data	Art. 21 GDPR
Withdrawal of Consent	You may withdraw any consent given at any time	Art. 7(3) GDPR

Exercising Your Rights

To exercise your rights, please contact us at:

Email: datenschutz@storyplannerpro.de

or by post to:

Emporion Innovations GmbH
Data Protection
Ludwigstr. 32
63067 Offenbach am Main

We will process your request without undue delay, and in any event within one month. For complex requests, the deadline may be extended by a further two months.

15. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data infringes the GDPR.

Competent authority for Hesse:

The Hessian Commissioner for Data Protection and Freedom of Information

Postfach 3163

65021 Wiesbaden

Phone: +49 611 1408-0
Email: poststelle@datenschutz.hessen.de
Website: https://datenschutz.hessen.de

16. Data Security

We implement technical and organizational security measures to protect your personal data:

SSL/TLS encryption (TLS 1.3) for all data transmissions
Encrypted storage of sensitive data (AES-256)
Passwords are stored only as encrypted hash values (bcrypt)
Two-factor authentication for administrative access
Regular security updates and patches
Access control and permission management
Regular backups in certified data centers (ISO 27001)

Details of our technical and organizational measures can be found in Annex 1 of our Data Processing Agreement: https://storyplannerpro.de/avv

17. No Automated Decision-Making

We do not employ automated decision-making, including profiling, pursuant to Art. 22 GDPR that produces legal effects concerning you or similarly significantly affects you.

18. Social Media

We maintain presences on social networks. When you visit our social media pages, the respective platform's privacy policy applies:

Instagram: https://help.instagram.com/519522125107875

We have no control over data processing by the platform operators.

19. Changes to This Privacy Policy

We reserve the right to amend this privacy policy to reflect changes in the legal framework or modifications to our services. The current version is always available at:

https://storyplannerpro.de/datenschutz

In the event of material changes affecting your rights, we will inform you separately where possible.

Last updated: January 2026

Emporion Innovations GmbH

Ludwigstr. 32

63067 Offenbach am Main, Germany

Email: datenschutz@storyplannerpro.de
Web: https://storyplannerpro.de

Imprint Terms of Service Contact

🍪 We value your privacy

We use cookies to enhance your browsing experience, analyze site traffic, and personalize content. By clicking "Accept All", you consent to our use of cookies.

Learn more in ourPrivacy Policy