Privacy Policy
Last updated: June 25, 2026
This Privacy Policy explains what information EngageCheck collects, how we use and share it, and the choices you have. It also explains how we handle the public Instagram data we process to produce audience-quality reports.
1. Who we are
Marketing Hog, the company that operates the EngageCheck product (“Marketing Hog”, “we”, “us”, or “our”), runs the website at engagecheck.com and the related audience-analysis tools (the “Service”). EngageCheck is a product of Marketing Hog. This policy applies to information we process through the Service. If you have any questions, contact us through our contact form.
2. Information we collect
Information you provide
- Account information. When you create an account, we collect your email address and a password. Passwords are stored only as a salted cryptographic hash; we never store your password in plain text and cannot recover it.
- Payments. When you buy credits, payment is processed by our payment providers (for example, Stripe for card payments). We receive a confirmation and limited transaction details (such as the amount, status, and an identifier). We do not collect or store your full card number. If you pay by another method, we collect the details you submit to verify the payment.
- The handles you audit. We collect the public Instagram usernames you submit so we can run a report and show you your audit history.
- Communications. If you email us or submit a request, we keep that message and our reply.
- API credentials. If you use our API, we generate and store API keys tied to your account so we can authenticate your requests. Keep your keys secret; you are responsible for activity under them.
Information we collect automatically
- Usage and log data. Pages and features you use, audits you run, timestamps, approximate location derived from IP, browser and device type, and error logs.
- Cookies and similar technologies. See “Cookies” below.
Public Instagram data we process
To produce a report, we read publicly available information about the account you submit, such as the profile's public counts, recent posts, captions, public comments and the handles of the people who left them, and Instagram's own publicly suggested related accounts. We access only what is public. We do not log in to Instagram on your behalf, we do not request access to private accounts, and we never ask you or the audited account for an Instagram password.
3. How we use information
- To provide the Service: run audits, generate and store reports, manage credits, and show your history.
- To analyze public engagement data, including running comment text through an AI language model to grade authenticity.
- To process payments and prevent fraud or abuse.
- To operate, secure, debug, and improve the Service.
- To communicate with you about your account, receipts, security, and support.
- To comply with law and enforce our Terms of Service.
We rely on the following legal bases where applicable: performance of our contract with you, our legitimate interests in operating and securing the Service, your consent (where required), and compliance with legal obligations.
4. Cookies
We use a small set of strictly necessary cookies to keep you signed in (a signed session cookie), to protect forms against cross-site request forgery, and to remember your appearance preferences. These are essential to the Service. We do not use third-party advertising cookies. You can clear or block cookies in your browser, but parts of the Service may stop working.
5. How we share information
We do not sell your personal information. We share information only as follows:
- Service providers. We use trusted vendors who process data on our behalf under contract, including a scraping provider that collects public Instagram data (Apify), an AI provider that grades comment text (OpenAI), a payment processor (such as Stripe), and infrastructure and security providers that host and protect the site (such as our hosting provider and Cloudflare).
- Legal and safety. When we believe disclosure is required by law, or is needed to protect the rights, safety, or property of EngageCheck, our users, or the public.
- Business transfers. In connection with a merger, acquisition, financing, or sale of assets, in which case we will continue to protect your information consistent with this policy.
We send comment text and public engagement data to our AI provider only to grade authenticity. We do not permit our providers to use your data to train their own models for unrelated purposes, and we ask them to handle data only as needed to perform their services.
6. About the people and accounts you audit
EngageCheck analyzes public information about Instagram accounts. The individuals behind those accounts are not our customers, and the data we read is already publicly visible. We process this data to provide an estimate of audience quality to the customer who requested the report. If you are the owner of an audited account and would like to ask a question about how your public data was processed, contact us through our contact form.
7. Data retention
We keep account information for as long as your account is active and as needed to provide the Service. We keep reports and audit history so you can return to them, and we keep transaction records as required for accounting, tax, and fraud-prevention purposes. Cached public scrape data is kept only for a short period to speed up repeat checks and is then refreshed. You can ask us to delete your account and associated reports as described below.
8. Security
We protect your information with measures appropriate to its sensitivity, including encryption in transit (HTTPS), salted hashing of passwords, scoped access controls, and a backend that is not directly exposed to the public internet. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
9. International transfers
We and our providers may process information in countries other than yours, including the United States. Where required, we use appropriate safeguards for such transfers. By using the Service, you understand your information may be processed in these locations.
10. Your rights and choices
Depending on where you live, you may have rights to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to withdraw consent. Residents of the EEA and UK have rights under the GDPR; residents of California have rights under the CCPA/CPRA, including the right not to be discriminated against for exercising them. We do not sell or share personal information for cross-context behavioral advertising.
To exercise any right, reach us through our contact form or use the controls in your account. We will verify your request and respond within the time required by law. You may also delete your account, which removes your sign-in credentials and associated reports.
11. Children
The Service is not directed to children and is intended only for users who are at least 18 years old. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.
12. Third-party links
Reports may link out to Instagram profiles and other sites we do not control. This policy does not apply to those sites, and we encourage you to read their privacy policies.
13. Changes to this policy
We may update this policy from time to time. When we do, we will revise the “Last updated” date above and, for material changes, provide additional notice. Your continued use of the Service after an update means you accept the revised policy.
14. Contact us
Questions, requests, or complaints? Reach us through our contact form and we will be glad to help.