Skip to main content
At DMRocket, we treat your business data with the highest level of security. From the leads you capture to the messages you send, your privacy is our priority.

Data Encryption & Storage

We utilize enterprise-grade infrastructure to ensure your data is never compromised.
  • Encryption in Transit: All communications between your browser, our servers, and the Meta API are encrypted using TLS 1.2 or higher.
  • Database Security: Your captured leads, flow configurations, and user data are stored in secure, SOC2-compliant databases (powered by Supabase) with strict row-level security policies.
  • Token Security: We do not store your passwords. The OAuth access tokens used to connect to Instagram are securely hashed and frequently rotated.

What Data Do We Access?

We only request the exact permissions necessary to execute your automations. We do not have access to:
  • Your personal Facebook profile messages.
  • Your Instagram Explore feed or browsing history.
  • The ability to post photos or Reels on your behalf without explicit action.
We do access:
  • Comments on your public posts (to trigger keyword automations).
  • Direct Messages sent to your connected business inbox.
  • Public profile information of users who interact with your automations (to personalize responses).

Lead Data Privacy

When you use the Lead Collection or Smart Email Capture nodes, the data provided by your users belongs exclusively to you. DMRocket acts only as a processor. We will never sell, rent, or use your captured leads for our own marketing purposes. You can export or permanently delete your lead data from the dashboard at any time.
For full legal details, please review our comprehensive policies: