Privacy Policy
Last updated: May 2026
1. Overview
Whispurr is built around the principle of minimal data collection. This policy explains what information we collect, how we use it, and what we never do with it.
2. Information We Collect
We collect only what is strictly necessary to operate the service:
- Your email address or phone number (for authentication)
- Encrypted message ciphertext (we cannot read the content)
- Encrypted media files (we cannot view them)
- Timestamps required for message delivery
3. End-to-End Encryption
All messages and media are encrypted on your device using AES-256 before transmission. The encryption keys are derived locally and are never sent to our servers. We have no ability to decrypt your communications.
4. What We Never Do
- We never sell, rent, or share your data with third parties
- We never serve ads based on your conversations
- We never build profiles for advertising purposes
- We never store your plaintext messages
5. Data Retention
Messages are stored on our servers only for the purpose of delivery. Once delivered, messages may be deleted automatically. You can also delete conversations from your device at any time.
6. Third-Party Services
Whispurr uses the following third-party services:
- Clerk — Secure authentication. Subject to their privacy policy.
- Convex — Backend data storage. Encrypted data only.
- Giphy — GIF search (subject to Giphy's privacy policy).
7. Children's Privacy
Whispurr is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us.
8. Your Rights
You can request deletion of your account and all associated data at any time by contacting us. We will process your request within 30 days.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via the App or email.
10. Contact
For privacy questions or data deletion requests, contact us at hello@jaimenguyen.com.
