Privacy Policy

The Simple Version

Chatter is a voice-first friendship app for women. We collect the data needed to make the app work, we don't sell your information, and we're honest about what we do with it.

Who Can Use Chatter

Chatter is exclusively for women.

Only people who identify as women may create accounts and use the app. This is a core feature of our platform designed to create a safe, comfortable space for women to make friendships.

By creating an account, you confirm that you identify as a woman.

What We Collect

When You Sign Up

• Phone number - To log you in (we use a one-time code, no passwords)
• Name - How you appear to other users (max 15 characters)
• Birthdate - To verify you're 18 or older (we only show your age, not your exact birthday)
• Location - Your GPS coordinates to find people nearby
• Profile photo - So people can see who you are
• Voice bio - A 10-second voice introduction (the heart of Chatter)
• Emoji/hobby (optional) - A fun wallpaper for your profile

When You Use the App

• Voice messages - Your chats with matches
• Who you swipe on - To avoid showing you the same people
• Who you match with - To connect you with others
• Sent invites - Tracked for 24-hour expiration (auto-deleted after 24h)
• Push notification tokens - So we can notify you about new messages, invites, and cooldown resets
• Notification types sent to you - New invites, new messages, cooldown ended, invite expiring (6h and 2h warnings)
• Subscription status - Whether you're free or premium
• Invite token balance and cooldown timers - To manage free tier limits
• Reports and blocks - If you report or block someone
• Rate limit tracking - Counters to prevent spam/abuse (SMS sends, uploads, messages)
• Device identifiers - Anonymous device ID to enforce bans (prevents re-registration after ban)

What We DON'T Collect

We don't track you. Seriously.

• ❌ No email address (unless we add account recovery later)
• ❌ No browsing history or advertising tracking
• ❌ No social media profiles
• ❌ No contacts from your phone
• ❌ No payment card details (Apple handles all payments)
• ❌ No analytics companies watching what you do
• ❌ No cookies or tracking pixels
• ❌ No third-party advertising networks

How We Use Your Data

To Make Chatter Work

• Show your profile to other users nearby
• Calculate distances between you and potential matches
• Deliver voice messages in chats
• Send push notifications when someone messages you
• Process your subscription payments

To Keep You Safe

• Check photos for inappropriate content using AI (Sightengine)
• Review reported users and ban rule-breakers (manual admin review)
• Prevent spam and fake accounts
• Enforce permanent bans across accounts, phone numbers, and devices
• Rate limiting to prevent abuse (SMS bombing, storage attacks, spam harassment)
• Automatic flagging of accounts that exceed soft limits (e.g., 150 messages/hour)

Admin Access to Your Data

When you report a user or are reported, our admin team can manually access:

• Reported user's profile data (name, age, city, photo, voice bio)
• Voice messages exchanged between reporter and reported user
• Report details (reason, timestamp, evidence)
• Account history (previous reports, warnings, bans)

Why: To investigate violations, protect users, and enforce our rules. Admins review reports manually and decide on warnings or bans.

Who has access: Only authorized admin team members via secure admin dashboard (local-only access, not publicly accessible).

Automated Decision-Making

We use automated systems to make decisions about:

1. Profile Discovery Ranking

Your profile is shown to others based on multi-tier sorting:

• Tier 1 (Freshness gate): Profiles active in the last 7 days appear before older profiles
• Tier 2 (Age proximity): Within each freshness tier, profiles closest to the viewer's age appear first
• Tier 3 (Distance proximity): Within each age group, profiles closest to the viewer's location appear first
• Hard filters applied: Only profiles within 100km and ±15 years of your age are shown
• Activity filter: Only profiles active in the last 30 days appear in discovery
• You cannot opt-out of this ranking system (it's necessary for the app to work)

2. Photo Moderation

AI automatically rejects photos that are flagged as inappropriate or contain sexual content or nudity. You cannot opt-out of this (required for safety).

3. Report-Based Moderation

Accounts with multiple reports are subject to automated permanent bans:

• 5 reports (excluding "I know this person" blocks) → Automatic permanent ban applied immediately
• Ban scope: Account + phone number + all devices you've logged in from
• Effect: Cannot access Chatter or create new accounts from banned phone/devices
• No temporary bans: All automated bans are permanent
• Human review: Our moderation team monitors all automated bans to verify they're justified
• Right to appeal: Email us at support@chatterapp.co if you believe a ban was unfair (see Contact section)

What We Don't Do

• ❌ Sell your data to anyone
• ❌ Use your data for advertising
• ❌ Share your data with data brokers
• ❌ Track you across other apps or websites

Who Can See Your Data

Everyone on Chatter Sees:

• Your name, age (not exact birthdate), city/suburb
• Your profile photo
• Your voice bio
• Your emoji/hobby wallpaper

Only Your Matches See:

• Your voice messages in chat
• When you were last active

Nobody Else Sees:

• Your phone number
• Your exact birthdate
• Your exact GPS coordinates (we store them for distance calculations, but only show your city/suburb)
• Your subscription status
• Who you've blocked or reported

Your Location

Here's the truth:

• We collect your precise GPS location (latitude and longitude)
• We store those exact coordinates on our servers
• We use them to calculate distances between you and other users
• BUT other users only see your city or suburb name, never your exact coordinates
• You can turn off location permission in your phone settings anytime

We're being upfront about this because we want you to know exactly what we do.

Voice Messages Are NOT Moderated

Please read this carefully:

Voice messages are NOT automatically screened or moderated before delivery. We don't listen to your voice messages, transcribe them, or check them with AI.

Why? Privacy and cost. Automated voice moderation would require transcribing every message, which is expensive and invasive.

What this means for you:

• You might receive voice messages that are offensive, inappropriate, or disturbing
• It's your responsibility to block and report users who send inappropriate content
• We review reported content manually (case-by-case) and ban users who violate our rules

Where Your Data Lives

Your data is stored in the following locations:

• Profile data, matches, messages → USA (Amazon Web Services via Supabase)
• Photos and voice recordings → Global network (Cloudflare R2 - distributed worldwide for fast access)
• Subscription information → USA (RevenueCat servers)

International Data Transfers:

If you're located outside the USA (e.g., EU, Australia, Asia), your data is transferred to and stored on servers in the United States. This is necessary to provide the service.

Safeguards we use:

• Standard Contractual Clauses (SCCs) - Legal contracts approved by the EU Commission for transferring data to the USA
• Data Processing Agreements (DPAs) - Contracts with our providers that require them to protect your data
• Encryption - All data is encrypted in transit (HTTPS) and at rest (server-side encryption)

Third-Party Services We Use

We use trusted companies to help run Chatter. They only get the data they need to do their job.

Supabase (Database & Authentication)

• What they do: Store your profile data and handle logins
• Where: USA (Amazon Web Services - us-west-1 region, California)
• Their policy: https://supabase.com/privacy

Cloudflare R2 (File Storage)

• What they do: Store your photos and voice recordings
• Where: Distributed globally across Cloudflare's network
• Their policy: https://www.cloudflare.com/privacypolicy/

RevenueCat (Payments)

• What they do: Manage your subscription and sync with Apple
• Where: USA (cloud infrastructure)
• Their policy: https://www.revenuecat.com/privacy

Expo (Push Notifications)

• What they do: Deliver notifications to your phone via Apple Push Notification Service (APNs)
• Where: USA (Expo's notification service)
• Their policy: https://expo.dev/privacy

Mapbox (Location Lookup)

• What they do: Convert GPS coordinates to city names (geocoding)
• Where: USA (Mapbox API servers)
• Their policy: https://www.mapbox.com/legal/privacy

Sightengine (Photo Moderation)

• What they do: Check photos for inappropriate content using AI
• Where: USA (Sightengine API servers)
• Data retention: Photos are analyzed in real-time and immediately deleted after moderation check (not stored)
• Their policy: https://sightengine.com/privacy

Bird (SMS Delivery)

• What they do: Deliver one-time login codes via SMS to your phone
• Where: USA (Bird API servers)
• Data retention: SMS delivery logs retained per Bird's policy
• Their policy: https://www.bird.com/en/legal/privacy-policy

Upstash Redis (Rate Limiting)

• What they do: Track rate limits to prevent spam and abuse (SMS sends, uploads, messages)
• Where: USA (Upstash cloud infrastructure)
• Data stored: Anonymous counters with TTL expiry (e.g., "send-sms:phone:+1234567890: 3 attempts in 5 min")
• Data retention: Automatically deleted when rate limit window expires (5 min to 24 hours depending on action)
• Their policy: https://upstash.com/privacy

QStash (Scheduled Notifications)

• What they do: Schedule and deliver invite expiration warnings (6h and 2h before expiry)
• Where: USA (Upstash QStash infrastructure)
• Data sent: User ID, invite ID, expiration timestamp (no personal info like name/voice)
• Data retention: Deleted after notification is delivered
• Their policy: https://upstash.com/privacy

How Long We Keep Your Data

Voice Messages

• Active messages - Automatically deleted after 30 days (all messages, sent and received)
• Manually deleted messages - Retained for 30 days after deletion (for dispute resolution), then permanently deleted

Invites

• Pending invites - Automatically deleted after 24 hours if not responded to
• Expired invites - Immediately deleted, cannot be recovered

Profile Data

• Kept until you change it or delete your account

Technical Data

• IP addresses - Kept for 7 days (fraud prevention)
• Device info - Kept for 30 days (debugging)
• Rate limit counters - Automatically deleted when time window expires (5 min to 24 hours)

Subscription Data

• Payment history - Kept for 7 years (tax/accounting requirements)

Ban Records

• Banned accounts - Phone numbers and device IDs retained indefinitely (prevents ban evasion)
• Ban reason - Stored permanently for safety and abuse prevention
• Why? Users who violated rules cannot create new accounts or use new devices to bypass bans

Deleted Accounts

• Profile data - Immediately removed from our database
• Photos and voice recordings - Deleted within 24 hours
• Payment history - Retained for 7 years (legal requirement)
• Everything else - Permanently deleted, cannot be recovered

Your Rights

See Your Data

Check your profile anytime. Go to Settings to see your information.

Delete Your Data

Free users: Settings → Account → Delete Account. Type "DELETE" to confirm. This is permanent and irreversible.

Premium subscribers: You must cancel your subscription first (Settings → Manage Subscription), wait for it to expire, then delete your account.

Privacy Rights

If you're in the EU (GDPR), California (CCPA), Australia (Privacy Act), or other jurisdictions with privacy rights, you have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your data (right to be forgotten)
• Download your data in a portable format
• Object to processing

Security

We take security seriously:

• Encryption: All data is encrypted in transit (HTTPS) and at rest (AES-256)
• Access Control: Row-level security (RLS) means users can only access their own data
• Infrastructure: AWS and Cloudflare (both SOC 2 certified)
• Backups: Daily automated backups with 7-day retention

Data Breach Response

If we experience a data breach, we will:

1. Immediately investigate and contain the breach
2. Notify affected users within 72 hours (as required by GDPR)
3. Notify relevant authorities (e.g., GDPR supervisory authorities)
4. Provide clear information about what data was affected

Contact Us

Questions? Concerns? Requests?

Website: www.chatterapp.co

Email: hi@chatterapp.co

Response times:

• Privacy rights requests (GDPR, CCPA, etc.): 30 days (as required by law)
• General privacy questions: 48-72 hours

The Bottom Line

We built Chatter to help people make real friendships through voice, not text. We collect what we need to make that work, we're honest about what we do, and we don't sell your data or track you.

If you have questions or concerns, email us. We're real people and we'll respond.