theSHFT ← Back to Home

Privacy Policy

Last Updated: June 10, 2026

Effective Date: May 18, 2026

Version: 7.0

theSHFT ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our mobile application and web application (collectively, the "Application" or "App"). The web application provides equal functionality to the mobile application and adheres to the same privacy and data-collection standards described in this Policy. This Policy applies globally to all users regardless of location.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY USING THE APPLICATION, YOU CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR INFORMATION AS DESCRIBED HEREIN. IF YOU DO NOT AGREE WITH THIS POLICY, DO NOT USE THE APPLICATION.

1. INFORMATION WE COLLECT

1.1 Information You Provide Directly

  • Username: A unique identifier you choose during account creation. This is the only personally identifiable information we require.
  • Recovery Phrase: A 12-word BIP39 mnemonic phrase used for account recovery. The phrase itself is generated locally on your device and is NEVER transmitted to or stored by our servers. A salted SHA-256 hash of the phrase IS stored under your owner-only private subcollection so you can restore your account on a new device — the hash cannot be reversed to recover the phrase.
  • PIN: Your access code for the Application. This is stored ONLY on your device using encrypted local storage and is NEVER transmitted to our servers.
  • Contact List: Usernames of people you add as contacts within the Application.
  • Community Posts: Messages you post in Community channels. Community messages are NOT end-to-end encrypted and are stored on our servers in a form accessible to us.
  • Community Votes: Upvotes and downvotes you cast on Community posts are recorded and associated with your anonymous user ID.
  • Stories: Photos or media you share as Stories. Stories are ephemeral and automatically deleted after twenty-four (24) hours. Story media is encrypted at rest using a random per-asset key stored alongside the Story record; this protects against leaked Storage URLs but is NOT end-to-end encryption, because the per-asset key is server-readable.
  • Profile Pictures (Avatars): The image you set as your profile photo, stored as an encrypted blob with a random per-asset key on your user record. Same posture as Stories — encrypted at rest, not end-to-end encrypted.
  • User Reports: Information you voluntarily provide when reporting abuse or contacting support.

1.2 Information Collected Automatically

  • Device Identifier: An anonymous, non-personally identifiable device ID used to ensure account uniqueness and prevent fraud.
  • Crash Reports (Sentry): We use Sentry (sentry.io) to receive crash reports — stack traces of unhandled errors that cause the App to fail. Sentry receives the exception type and stack trace at the moment of the crash, the App build number, the operating system version, and the device model. Before any crash report is sent, an aggressive scrubber strips user IDs, usernames, push tokens, session tokens, message content, contact data, recovery phrase fragments, file paths, and URLs that could fingerprint a user. Sentry never receives message content, call media, contact lists, location data, or any field that could identify a specific user. You can disable crash reporting at any time in the mobile App at Settings → Privacy → "Send crash reports". When disabled, no events are sent to Sentry.
  • Push Notification Token: If you enable notifications, we receive a device token from Apple Push Notification Service (APNs) to deliver notifications.

We do NOT collect product-analytics, behavioral telemetry, feature-usage events, session durations, or screen-visit metrics. We do not use Mixpanel, Amplitude, Segment, Firebase Analytics, Adjust, AppsFlyer, Branch, or any similar SDK.

1.3 Information We Do NOT Collect

Due to our privacy-focused design and end-to-end encryption, we explicitly DO NOT collect:

  • Direct message and group chat content (these are end-to-end encrypted; we cannot read them). Community posts and Stories use per-asset encryption with server-side keys so they can be served to other community members and viewers — see §1.1 for what we do collect from those surfaces.
  • Photos, images, or media you send
  • Voice messages, audio recordings, or voice call content
  • Your real name, legal name, or identity
  • Phone number or email address
  • Physical address or location data
  • Contacts from your device's address book
  • Browsing history or search history
  • Photos, files, or other content from your device
  • Voice or video call content (all calls are end-to-end encrypted)
  • Group chat content or membership details beyond usernames
  • QR code sharing data (QR codes are generated locally on your device)
  • Biometric data (biometric authentication data stays on your device)
  • Financial information (payments processed by Apple)
  • Social Security numbers or government IDs
  • Health or medical information
  • Racial or ethnic origin, political opinions, religious beliefs
  • Sexual orientation or gender identity
  • Trade union membership
  • Genetic or biometric data for identification

2. HOW WE USE YOUR INFORMATION

We use the limited information we collect for the following purposes:

  • Provide Services: To operate, maintain, and provide the features of the Application
  • User Discovery: To enable you to find and message other users by username
  • Account Management: To manage your account and verify account uniqueness
  • Purchases: To process and manage your Pro subscription through Apple
  • Notifications: To send push notifications if you enable them
  • Bug Fixes: To identify and fix technical issues and crashes (via Sentry crash reports, scoped per §1.2)
  • Security: To prevent fraud, abuse, and unauthorized access
  • Legal Compliance: To comply with applicable laws and legal processes
  • Support: To respond to your inquiries and provide customer support

3. END-TO-END ENCRYPTION

theSHFT uses end-to-end encryption for direct messages, group chats, voice and video calls, voice messages, and shared media within those surfaces. Community posts and Stories are not end-to-end encrypted — they use per-asset encryption with server-side keys so they can be served to other community members and viewers. This is a fundamental architectural decision that affects your privacy:

  • Encryption Protocols: Direct messages use X3DH (Extended Triple Diffie-Hellman) for initial key agreement, the Double Ratchet protocol for forward secrecy, NaCl (Curve25519-XSalsa20-Poly1305) for message payload encryption, and ML-KEM-768 — a NIST-standardized post-quantum key encapsulation mechanism — layered alongside Curve25519 so an adversary must defeat both classical and post-quantum primitives to derive a session key. Group chats use Sender Keys for efficient group messaging encryption. Voice and video calls use AES-256-GCM with per-call keys derived locally via X25519 ECDH.
  • Message Privacy: Only you and your intended recipients can read messages. Messages are encrypted on your device before transmission. This applies to direct messages, group chats, voice messages, and all shared media.
  • Calls Encrypted Regardless of Plan: All voice and video calls are end-to-end encrypted for every user. Encryption does not depend on your subscription tier, and any limits on call length or features (described in our Terms of Service and EULA) do not change the encryption applied to your calls.
  • No Server Access: We cannot access, read, decrypt, or store the content of your messages. We do not have the encryption keys.
  • No Content Moderation: Due to encryption, we cannot moderate or review message content.
  • Legal Requests: We cannot comply with requests for message content because we do not have access to it. We can only provide the limited metadata we collect.
  • Automatic Deletion: Messages are automatically deleted based on your timer setting (ranging from 10 seconds to 24 hours; Pro extends the lower bound to 5 seconds).
  • Transit Storage: Messages may be temporarily stored in encrypted form on our servers only for the purpose of delivery. Undelivered messages are automatically deleted after 30 days.

4. DATA STORAGE AND SECURITY

4.1 Local Device Storage

The following data is stored ONLY on your device using encrypted local storage:

  • Your PIN (never transmitted)
  • Your recovery phrase words (the phrase itself is never transmitted — only a salted hash is sent to our servers for account-restore lookup; see §1.1)
  • Application settings and preferences
  • Decrypted message content (until timer expiration)
  • Biometric authentication data (managed by your device OS)

4.2 Cloud Storage

The following limited data is stored on our servers (Firebase/Google Cloud):

  • Your username (for account identification and discovery)
  • Anonymous device identifier (for account uniqueness)
  • Contact list (usernames only)
  • Push notification token (if notifications enabled)
  • Pro purchase status (synced from Apple)
  • Account creation timestamp

4.3 Security Measures

We implement industry-standard security measures including:

  • End-to-end encryption for direct messages, group chats, voice and video calls, and voice messages (community posts and Stories use server-side per-asset encryption — see §3)
  • Encrypted data transmission (TLS/HTTPS)
  • Secure cloud infrastructure (Google Cloud/Firebase)
  • Regular security assessments
  • Access controls and authentication

However, no security system is 100% secure. We cannot guarantee absolute security. You use the Application at your own risk.

5. DATA SHARING AND DISCLOSURE

We do NOT sell, trade, rent, or otherwise share your personal information with third parties for their marketing purposes. We may share information only in these limited circumstances:

5.1 Service Providers

We use the following third-party service providers who may have access to limited data:

  • Firebase (Google): Cloud infrastructure, authentication, database, encrypted file storage, push notification delivery. We do NOT use Firebase Analytics.
  • Agora: Voice and video call infrastructure. Agora receives an anonymous session token to facilitate call connections and processes only the end-to-end encrypted (AES-256-GCM) media stream and routing metadata. Agora does not receive your username, identity, or any personal information, and cannot read call audio or video content.
  • Apple Inc.: In-app purchases, push notifications, App Store distribution
  • RevenueCat: Purchase management and payment processing
  • Expo: Push notification delivery. Expo receives your device push token and generic notification payloads only. Expo does not receive message content, sender information, or any personal data.
  • Sentry: Crash reporting only, scoped per §1.2. You can disable this in the mobile App at Settings → Privacy → "Send crash reports".

These providers are bound by their own privacy policies and data processing agreements.

5.2 Legal Requirements

We may disclose information if required by law, subpoena, court order, or government request. However, due to our encryption design:

  • We CAN provide: username, anonymous device identifier, account creation date, subscription/purchase status, in-app contact list (usernames only), public encryption keys, Community message content, and Community vote data (Community posts and votes are not end-to-end encrypted)
  • We CANNOT provide: the content of direct messages or group chat messages, private media files, voice messages, voice/video call content or recordings, PIN codes, recovery phrases, or private encryption keys (these are end-to-end encrypted and we do not have access)

5.3 Safety and Protection

We may disclose information to protect the safety of any person, to address fraud or security issues, or to protect our rights and property.

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the successor entity. We will provide notice before your information becomes subject to a different privacy policy.

5.5 With Your Consent

We may share information with third parties when you explicitly consent to such sharing.

6. DATA RETENTION

We retain different types of data for different periods:

  • Messages: Deleted based on your timer setting (10 seconds to 24 hours; Pro extends the lower bound to 5 seconds)
  • Undelivered Messages: Deleted after 30 days
  • Account Data: Retained until you delete your account
  • Crash Reports (Sentry): Retained by Sentry for 90 days, scoped per §1.2. Removal before then can be requested at support@theshft.app.
  • Support Requests: Retained for up to 3 years for legal compliance
  • Legal Hold: Data may be retained longer if required for legal proceedings

7. YOUR PRIVACY RIGHTS

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Update or correct your username
  • Deletion: Delete your account and all associated data
  • Portability: Request your data in a portable format
  • Opt-Out (Crash Reports): Disable Sentry crash reporting in the mobile App at Settings → Privacy → "Send crash reports"
  • Withdraw Consent: Withdraw consent for optional data processing
  • Restrict Processing: Request restriction of certain processing activities
  • Object: Object to certain types of processing

To exercise these rights, contact us at support@theshft.app. We will respond within 30 days (or as required by applicable law).

8. ACCOUNT DELETION

You can delete your account at any time through Settings → Delete Account. Upon deletion:

  • Your username is immediately released and may be claimed by others
  • All local data on your device is permanently erased
  • Your account record is deleted from our servers
  • Your contact relationships are removed
  • This action is PERMANENT and CANNOT be undone

Note: Messages you previously sent may still appear on recipients' devices until their timers expire. We cannot delete messages from other users' devices.

9. CHILDREN'S PRIVACY

9.1. Age Restriction: theSHFT is not intended for children under seventeen (17) years of age. We do not knowingly collect personal information from children under 17.

9.2. Parental Notice: If you are a parent or guardian and believe your child under 17 has provided personal information to us, please contact us immediately at support@theshft.app.

9.3. Deletion: If we discover that we have collected personal information from a child under 17, we will take immediate steps to delete that information.

9.4. COPPA Compliance: We comply with the Children's Online Privacy Protection Act (COPPA) by not knowingly collecting information from children under 13.

10. INTERNATIONAL DATA TRANSFERS

10.1. Server Location: Our servers are primarily located in the United States.

10.2. Cross-Border Transfers: If you access the Application from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

10.3. Legal Basis: For transfers from the European Economic Area (EEA), UK, or Switzerland, we rely on: (a) Standard Contractual Clauses approved by the European Commission; (b) adequacy decisions; (c) your explicit consent where applicable.

10.4. Different Laws: Data protection laws in the United States and other countries may differ from those in your jurisdiction. By using the Application, you consent to such transfers.

11. CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

11.1 Right to Know

You have the right to request disclosure of:

  • Categories of personal information collected
  • Specific pieces of personal information collected
  • Categories of sources from which information is collected
  • Purpose for collecting or selling personal information
  • Categories of third parties with whom information is shared

11.2 Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions.

11.3 Right to Opt-Out

You have the right to opt-out of the "sale" or "sharing" of personal information. WE DO NOT SELL YOUR PERSONAL INFORMATION.

11.4 Right to Non-Discrimination

We will not discriminate against you for exercising your privacy rights.

11.5 Right to Correct

You have the right to request correction of inaccurate personal information.

11.6 Right to Limit Use of Sensitive Information

We do not collect sensitive personal information as defined under CPRA.

11.7 Contact for California Requests

To exercise your California privacy rights, contact us at support@theshft.app with subject line "California Privacy Request."

11.8 "Do Not Sell My Personal Information"

We do not sell personal information. We do not have a "Do Not Sell" link because we do not sell data.

12. EUROPEAN PRIVACY RIGHTS (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and similar laws:

12.1 Legal Basis for Processing

We process your personal data based on:

  • Contract Performance: Processing necessary to provide the Application services you requested
  • Legitimate Interests: Processing necessary for our legitimate business interests (e.g., security, fraud prevention, improvement)
  • Consent: Where you have given explicit consent (e.g., crash reporting, push notifications)
  • Legal Obligation: Processing necessary to comply with legal requirements

12.2 Your GDPR Rights

You have the following rights under GDPR:

  • Right of Access (Art. 15): Obtain confirmation of processing and access to your data
  • Right to Rectification (Art. 16): Correct inaccurate personal data
  • Right to Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing (Art. 18): Limit how we use your data
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
  • Right to Object (Art. 21): Object to processing based on legitimate interests
  • Right to Withdraw Consent (Art. 7): Withdraw consent at any time for consent-based processing
  • Right to Lodge a Complaint (Art. 77): File a complaint with a supervisory authority

12.3 Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer at: support@theshft.app

12.4 Supervisory Authority

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

13. OTHER INTERNATIONAL PRIVACY LAWS

13.1 Brazil (LGPD)

If you are located in Brazil, you have rights under the Lei Geral de Proteção de Dados (LGPD), including rights to access, correction, deletion, portability, and information about data sharing.

13.2 Canada (PIPEDA)

If you are located in Canada, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA), including rights to access and correct your personal information.

13.3 Australia (Privacy Act)

If you are located in Australia, you have rights under the Privacy Act 1988, including the Australian Privacy Principles (APPs).

13.4 Other Jurisdictions

We strive to comply with applicable privacy laws in all jurisdictions where we operate. If you have questions about your specific rights, contact us at support@theshft.app.

14. DO NOT TRACK

14.1. Browser Signal: The Application does not respond to "Do Not Track" browser signals because we do not track users across third-party websites.

14.2. No Cross-Site Tracking: We do not track your activities across websites or applications owned by other companies.

15. APP TRACKING TRANSPARENCY (iOS)

15.1. No Cross-App Tracking: theSHFT does not track you across apps or websites owned by other companies.

15.2. No IDFA: We do not use or collect the Identifier for Advertisers (IDFA).

15.3. No Ad Networks: We do not participate in advertising networks or display third-party advertisements.

15.4. ATT Framework: We comply with Apple's App Tracking Transparency framework by not engaging in tracking activities that require user permission.

16. PUSH NOTIFICATIONS

16.1. Optional Feature: Push notifications are optional. You can enable or disable them in your device settings.

16.2. Delivery Infrastructure: Notifications are delivered through Expo Push Notification Service and Apple Push Notification Service (APNs). These services receive only your device push token and the generic notification payload.

16.3. Generic Content Only: Push notifications sent by theSHFT contain only generic content. Notifications do NOT include message text, message previews, sender names, sender usernames, or any information about the content or source of a message. A typical notification says only that you have a new message, without revealing who sent it or what it says.

16.4. Token Storage: We store your push notification token to deliver notifications. This token is deleted if you disable notifications or delete your account.

17. COOKIES AND SIMILAR TECHNOLOGIES

17.1. No Cookies: As a mobile application, theSHFT does not use browser cookies.

17.2. Local Storage: We use encrypted local storage on your device to store settings and preferences.

17.3. Third-Party SDKs: Third-party SDKs we use (Firebase, RevenueCat) may use their own data collection technologies. See their privacy policies for details.

18. THIRD-PARTY LINKS AND SERVICES

18.1. External Links: The Application may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties.

18.2. Review Policies: We encourage you to review the privacy policies of any third-party services you access.

19. CHANGES TO THIS PRIVACY POLICY

19.1. Updates: We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

19.2. Notice: We will notify you of material changes by posting the updated policy in the Application and updating the "Last Updated" date. For significant changes, we may also provide additional notice (e.g., in-app notification).

19.3. Continued Use: Your continued use of the Application after changes are posted constitutes your acceptance of the updated Privacy Policy.

19.4. Review: We encourage you to periodically review this Privacy Policy to stay informed about our data practices.

20. DATA CONTROLLER INFORMATION

For the purposes of applicable data protection laws:

Data Controller: theSHFT

Contact Email: support@theshft.app

Data Protection Officer: support@theshft.app

21. APPLE APP STORE DISCLOSURES

21.1. Distribution: This Application is distributed through the Apple App Store. Apple's Privacy Policy applies to information collected by Apple.

21.2. Data Controller: We are the data controller for information collected through the Application. Apple is not the data controller for Application data.

21.3. Privacy Nutrition Labels: We provide accurate information to Apple for display in App Store privacy nutrition labels.

22. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data:

Privacy Inquiries: support@theshft.app

Data Protection Officer: support@theshft.app

GDPR Requests: support@theshft.app

California Requests: support@theshft.app

General Support: support@theshft.app

Please include your username and a detailed description of your request. We will respond within 30 days (or as required by applicable law).

© 2026 theSHFT. All rights reserved. | Home | Terms of Service | EULA