The privacy-first Instagram scheduling tool
The privacy-first Instagram scheduling tool that keeps your data on your desktop.
VoidGram is a self-hosted, no-cloud Instagram scheduler for Windows. Every photo, caption, hashtag, and access token is stored on your machine in an encrypted local database. There is no subscription, no account to create, no server retaining your posts. If you have been looking for a private Instagram scheduling app that treats your data as yours, you are in the right place.
Why privacy matters for Instagram scheduling
When you schedule a post through Buffer, Later, Hootsuite, or any other cloud SaaS, a copy of your image, your caption, and a long-lived Instagram access token sit on that vendor's infrastructure. That is how the service works — it has to publish for you while you sleep. The question is whether the trade is worth it.
A single platform breach exposes creative work, unreleased campaigns, and tokens that grant direct Instagram posting privileges. Closure of a SaaS account — voluntarily or involuntarily — can mean weeks of work evaporating along with the subscription. And the standard data-use clauses in those terms of service give the vendor broad latitude to analyse, aggregate, and train on your content.
A privacy-first Instagram scheduling tool flips that model. The scheduler runs where your files already live: your desktop. Publishing happens from your IP. Tokens never cross a shared-tenant server. You get the workflow of a scheduler without donating your content pipeline to a third party.
How VoidGram protects your privacy
VoidGram is built on four design commitments, and they are deliberate rather than incidental:
- No VoidGram servers hold your content. The desktop app talks directly to the Instagram Graph API. The only VoidGram endpoint you touch is the OAuth proxy at auth.voidgram.org, and that proxy handles a single redirect during login.
- Tokens are encrypted on disk with AES-256-GCM. Instagram access tokens, Facebook Page tokens, and optional Private API session data are never stored in plain text.
- No analytics, no telemetry, no tracking. The desktop app has zero third-party SDKs. This website has zero advertising pixels and no Google Analytics.
- No account required. You download the installer, you sign in with Instagram, you post. There is no VoidGram account to create, no email to hand over, no billing relationship.
The result is a desktop Instagram scheduler that is structurally incapable of the most common data-leakage failure modes: vendor breach, vendor acquisition, vendor pivot, and vendor shutdown.
What data VoidGram actually collects
Short answer: nothing beyond what your local device stores for its own operation.
When you sign in with Instagram, VoidGram receives a long-lived access token from Meta and stores it — encrypted — in a SQLite database on your disk. It reads basic profile metadata (username, profile picture, account type, follower count) so the app can render the UI. When you upload media, those files live in a local uploads/ folder. When you schedule a post, the schedule row lives in the same local database.
None of that touches a VoidGram server. There is no inbound HTTP endpoint on our side that receives your content. The auth.voidgram.org OAuth proxy brokers a single redirect during login and then gets out of the way. For complete detail, read the full privacy policy.
Self-hosted Instagram scheduler vs cloud SaaS: the trade-offs
A self-hosted Instagram scheduling tool is not strictly better than a cloud SaaS for every use case. It is different, and those differences matter depending on what you value.
| Consideration | VoidGram (self-hosted) | Cloud SaaS (Buffer, Later, Hootsuite) |
|---|---|---|
| Where content lives | Your disk | Vendor servers |
| Where tokens live | Encrypted locally | Vendor database |
| Cost | Free | Monthly subscription |
| Publishes while computer is off | Only with optional Cloudflare cloud scheduling (your account) | Always |
| Publishing IP address | Your residential IP | Data-center IP |
| Team collaboration | Single user | Multi-seat workflows |
| Vendor-breach blast radius | None — nothing to breach | All content + tokens |
If you run a large team with a continuous approval pipeline, cloud SaaS is likely a better fit. If you are a single creator, studio, or privacy-conscious small business, a self-hosted Instagram scheduling app removes the vendor from the picture without giving up automation.
Meta app verification — what it actually means for privacy
VoidGram is a verified Meta app. The phrase sounds heavier than it is. In plain terms: Meta reviewed and approved our OAuth client so you can sign in with Instagram in one click, instead of creating your own Meta developer profile and registering your own OAuth app.
Meta verification is strictly a registration fact. It does not give VoidGram server-side access to your Instagram account, it does not mean we receive a copy of your posts, and it does not grant us any administrative relationship with your content. The token Meta issues lives on your machine. Our OAuth proxy sees it for the duration of a single HTTP redirect and then your desktop app holds it encrypted.
The reason verification matters for you, the end user, is convenience. Without it, you would need a Meta developer account, you would have to submit your own app for review for certain permissions, and you would manage redirect URIs. With it, you click one button.
Encryption, source-available, and auditable
Claims about privacy are only as good as the ability to verify them. VoidGram's source code is published on GitHub under the Elastic License 2.0. You can inspect the encryption implementation, the OAuth flow, the Cloudflare Worker used for optional cloud scheduling, and every network call the desktop app makes.
Sensitive fields — Instagram access tokens, Facebook Page tokens, optional Private API sessions, OAuth state — are encrypted with AES-256-GCM before they are written to the SQLite database. The encryption key is generated locally on first run and stored in your user configuration directory. Key rotation is handled conservatively because rotating a key invalidates existing encrypted data.
If you care about independent verification, clone the repository, read the code, and compare the network calls with the claims made on this page. Transparency is the mechanism that makes "privacy-first" meaningful rather than marketing.
When you need cloud scheduling without giving up privacy
The most common limit of a local-only scheduler is that posts only publish while your computer is on. VoidGram addresses this without reintroducing a third-party vendor.
The cloud scheduling feature is opt-in. When you enable it, VoidGram deploys a Cloudflare Worker and an R2 bucket to your own Cloudflare account — not ours. The Worker runs publishing jobs on a cron schedule. Your media sits in your R2 bucket. Your tokens, encrypted, sit in your KV namespace. VoidGram has no operational access to any of it.
This is still a no-cloud Instagram scheduler as far as VoidGram is concerned — no VoidGram-operated cloud is involved. You are choosing to use your own cloud resources, which is a very different trust model from uploading to a shared-tenant SaaS.
Frequently asked questions
What makes VoidGram a privacy-first Instagram scheduling tool?
VoidGram runs as a desktop application on your own machine. Your media, captions, drafts, scheduled posts, and Instagram access tokens are stored in a local SQLite database encrypted with AES-256-GCM. There is no VoidGram server that stores user content, no analytics, no telemetry, and no account required. Cloud SaaS schedulers like Buffer, Later, and Hootsuite route every post through their servers — VoidGram does not.
Is there a self-hosted Instagram scheduler I can run locally?
Yes. VoidGram is a self-hosted Instagram scheduler that installs as a Windows desktop app. You run it on your own hardware, it publishes to Instagram directly from your IP address, and you retain full control over the database file. There are no shared-tenant servers and no cloud subscription.
Does VoidGram retain any of my data on its servers?
No. VoidGram operates no servers that store or log user content. The only VoidGram-controlled endpoint is a lightweight OAuth proxy at auth.voidgram.org that brokers the Meta login redirect. Access tokens pass through the proxy in a single redirect hop and are not logged, cached, or persisted. Everything else — your media, captions, schedules, publish history — lives on your local device.
Do I need a Meta developer account to use VoidGram?
No. VoidGram is a verified Meta app, so signing in with Instagram takes one click. You do not need to create a Meta developer account, register your own OAuth application, or configure a redirect URI. Meta verification means our OAuth client ID is registered with Meta — it does not give VoidGram any server-side access to your Instagram content.
How is VoidGram different from Buffer, Later, and Hootsuite?
Buffer, Later, and Hootsuite are cloud SaaS products — you upload your content to their servers, they hold your Instagram tokens, and you pay a monthly subscription. VoidGram is a free desktop app. Your content stays on your machine, your tokens are encrypted locally, and there is nothing to pay. The trade-off is that VoidGram posts while your computer is on, unless you enable the optional cloud scheduling feature on your own Cloudflare account.
Can I schedule Instagram posts without the cloud?
Yes, and that is the default. Local-only scheduling means posts publish through the desktop app while it is running. This is the no-cloud Instagram scheduler configuration — nothing leaves your device except the direct publish call to the Instagram Graph API. If you want posts to publish while your computer is off, you can optionally deploy a Cloudflare Worker to your own Cloudflare account. VoidGram has no access to that Worker.
What encryption does VoidGram use for stored tokens?
Instagram access tokens, Facebook Page tokens, and any optional Private API session data are encrypted at rest with AES-256-GCM. The encryption key is stored in a local configuration file outside the database. Media files are stored on disk using normal file-system permissions — encrypting media at rest on a single-user desktop would add little security and significantly degrade performance during publishing.
Is VoidGram open source?
The source code is publicly available on GitHub and is auditable. The license is Elastic License 2.0, which permits personal use, internal business use, and code inspection. It restricts offering VoidGram as a hosted SaaS product. If the privacy claims on this site matter to you, you can read the code and verify them for yourself.
Does VoidGram ship with analytics, telemetry, or tracking?
No. The desktop app contains zero analytics, zero telemetry, zero crash reporting, and zero third-party SDKs. This marketing website does not load Google Analytics, advertising pixels, or any other tracker. The only outbound calls from the desktop app go directly to the Instagram Graph API, the OAuth proxy during initial login, and optionally to your own Cloudflare Worker if you enable cloud scheduling.
What happens to my data if I uninstall VoidGram?
Uninstalling removes the application binaries. The database and media files live in your Windows AppData folder and can be deleted separately. Once you delete the database file, every post, draft, token, and schedule is gone — there is no remote backup, no cloud copy, and no way for VoidGram to restore anything. That is a deliberate design choice for an instagram scheduler with no data retention.
Ready for a private Instagram scheduling app?
Download VoidGram for Windows. No subscription, no account, no data leaving your machine.