InstaPi InstaPi Privacy Policy

Privacy Policy

Last updated: March 8, 2026

The Short Version

InstaPi does not collect, store, or transmit any of your personal data. Everything runs locally on your own Raspberry Pi. We have no servers that process your information.

How InstaPi Works

InstaPi is open-source software that runs entirely on your own Raspberry Pi hardware. It connects to Google Photos so you can select photos to display on your picture frame. Here's what's important to understand:

  • No central server. There is no InstaPi server that processes your data. Your Raspberry Pi is both the client and the server.
  • Your photos stay on your Pi. Selected photos are downloaded directly from Google to your Raspberry Pi and stored locally. They are never transmitted to us or any third party.
  • Open source. You can verify every claim in this policy by reviewing the source code.

Google Account Access

InstaPi uses Google OAuth to let you sign in with your Google account and select photos. Here's exactly what happens:

  • Minimal permissions. InstaPi requests only the photospicker.mediaitems.readonly scope, which allows you to pick specific photos to share. It cannot browse your full library, upload, or delete anything.
  • Tokens stay on your device. Your OAuth access token exists only in your Raspberry Pi's memory during the active session. It is never persisted to disk, never transmitted to any external server, and is lost when the Pi restarts.
  • No token storage by us. The InstaPi developer has no server that receives, processes, or stores your Google credentials. The OAuth flow happens directly between your Pi and Google.
  • Revoke anytime. You can revoke InstaPi's access to your Google account at any time from your Google Account settings.

Data We Do Not Collect

To be explicit, InstaPi does not collect:

  • Personal information (name, email, phone number)
  • Usage analytics or telemetry
  • Device identifiers or IP addresses
  • Cookies or tracking data
  • Photos or photo metadata
  • Google account credentials or tokens
  • Location data

Local Data Storage

On your Raspberry Pi, InstaPi stores the following locally:

  • Downloaded photos in the Pi's local filesystem for display on your frame.
  • Slideshow settings (duration, transition style) in a local JSON file.
  • Device state (photo list, display status) in a local JSON file.

All of this data is stored on your hardware, under your control. You can delete it at any time using the admin panel's Factory Reset feature.

Third-Party Services

InstaPi interacts with one third-party service:

  • Google Photos Picker API — Used to let you select photos from your Google Photos library. This interaction is governed by Google's Privacy Policy. InstaPi uses the Picker API's limited access scope, meaning it can only access photos you explicitly select.

Children's Privacy

InstaPi does not collect any data from anyone, including children. Since no personal information is collected or processed, there are no age-specific concerns.

Changes to This Policy

If this privacy policy is updated, the changes will be reflected on this page with an updated date. Since InstaPi is open source, any changes to data handling would also be visible in the source code.

Contact

If you have questions about this privacy policy, email hello@instapi.dev or open an issue on GitHub.