LocalWhat never leaves your device
When you drop the DM export, your browser does all the heavy lifting with JSZip and our classifier. These stay on your device the whole time:
- The Instagram export file itself (the
.zipMeta sent you) - All message content inside it (including attachments, shared media, reactions)
- Your Instagram handle, your contacts' handles, thread IDs
- The regex classification (zone, country, city, role, booking level)
- Any conversation we filter out as spam / Meta AI / empty
You can literally unplug your wifi after the file is parsed and the regex classification still completes. Proof: look at classifier.js — it runs in your browser, no network calls.
SentWhat goes through our proxy
The only thing that leaves your browser: the text of qualified conversations (those we classified as booker / promoter / label / collab / relevant) gets sent to Anthropic's Claude API for narrative summarization. We proxy those requests because your browser can't call Claude directly with our API key.
- For each qualified conversation: a condensed message history (sender names, timestamps, text)
- Your license key (to validate your plan and quota)
- Basic rate-limit signals (IP, timestamp)
The proxy is a Cloudflare Worker. Its source is in the repo. It does not log or store the conversation text — requests are forwarded to Anthropic and the response streams back to your browser.
Third-partyWhat Anthropic does
The summarization itself runs on Claude Sonnet 4.6 (Anthropic). Their commercial terms apply to the content you send them via our proxy:
- Anthropic does not train on API traffic by default
- They retain inputs/outputs for 30 days for safety monitoring, then delete
- Enterprise zero-retention is available for business-critical use cases — not currently enabled on our tier
If you're doing genuinely sensitive conversation analysis (journalism, legal, medical), use BYOK (Bring Your Own Key) and enable zero-retention on your own Anthropic account. Backline never sees your conversations either way.
StoredWhat we actually store on our side
Two things, both minimal:
- Your license key metadata, in Cloudflare KV: tier, uses remaining, expiry date, the IP of first use (for anti-sharing). No email, no name, no personal info tied to the key unless you bought via Lemon Squeezy (which hands us your purchase email).
- Anonymous rate-limit counters: hashed IP + request count per window, to stop bots from burning the free tier. Retained for 24h, auto-expired.
That's it. No analytics beacon, no Google Analytics, no Facebook pixel, no Plausible, no Umami. The only network calls your browser makes to us are: GET /index.html, GET /src/*.js, static asset fetches, and your Claude summarization calls through the proxy.
LocalCookies & local storage
No cookies. One entry in your browser's localStorage:
backline_license— your license key, so you don't have to re-enter it next visit
That's the entire client-side footprint. Clear it anytime from your browser's devtools → Application → Local Storage.
RightsYour data rights
Since we store almost nothing linked to you, the standard GDPR rights (access, rectify, erase, port) mostly don't apply in practice — there's just nothing to access or erase about you.
If you did buy a license and want the record of your purchase deleted, email josh@backline.so. We nuke the license entry within 48h. You'll lose access to the paid features, obviously.
ChangesIf this ever changes
If we ever add analytics, third-party pixels, or any new data flow — we update this page before shipping, and we email every license holder. The privacy pillar is load-bearing for the whole product. We don't break it in silence.
//LAST UPDATED · 2026-04-24