Privacy Policy

Overview

Whisprly ("the App") is an anonymous, end-to-end encrypted messaging application. Your privacy is our top priority. This Privacy Policy explains how we handle information when you use our App.

1. Information We Collect

• Anonymous Identity: We generate a random anonymous user ID on your device. We do not collect your name, email, phone number, or any personally identifiable information.
• Messages: All messages are encrypted using AES-256 encryption before leaving your device. We cannot read, access, or decrypt your messages.
• Room Data: Temporary room codes and participant counts are stored to facilitate chat sessions. This data is ephemeral and deleted when a session ends.
• Media Files: Any images or files shared are encrypted before upload. They are stored temporarily and deleted when the session ends.
• Call Data: Audio and video calls use WebRTC peer-to-peer connections. Call signaling data passes through our server but call content is transmitted directly between devices.

2. Information We Do NOT Collect

• Your real name, email address, or phone number
• Your contacts or address book
• Your location data
• Device identifiers (IMEI, advertising ID, etc.)
• Browsing history or app usage analytics
• The content of your encrypted messages

3. How We Use Information

• To create and manage temporary anonymous chat rooms
• To deliver encrypted messages between participants
• To facilitate audio and video calls via WebRTC
• To display participant counts in chat rooms

4. Data Storage & Retention

All data is ephemeral by design:

• Messages are deleted when a chat session is ended by the room creator.
• Room data is removed when the session ends.
• Encrypted media files are deleted when the session ends.
• We do not maintain long-term databases of user activity.

Our backend is hosted on Supabase with industry-standard security practices.

5. Third-Party Services

The App uses the following third-party services:

• Supabase: For backend database and real-time messaging infrastructure.
• Metered.ca: For TURN server relay services to facilitate WebRTC calls across different networks.

These services may process connection metadata (such as IP addresses) as part of their normal operation. Please refer to their respective privacy policies for details.

6. End-to-End Encryption

All messages and media are encrypted using AES-256 encryption on your device before being transmitted. Encryption keys are generated per session and shared only between room participants. We have no ability to decrypt your communications.

7. User Responsibility

You are solely and entirely responsible for your use of the App and any content you send, share, or transmit through the App. The developer of this App does not monitor, control, endorse, or assume any responsibility for any content shared by users.

By using this App, you acknowledge and agree that:

• The developer is NOT responsible for any misuse of the App by any user
• The developer has NO liability for any content sent, shared, or received through the App
• The developer is NOT responsible for any damages, losses, or harm arising from the use of the App
• The developer does NOT endorse, verify, or guarantee any content or communication made through the App
• Users bear full and exclusive responsibility for their actions and conduct while using the App

8. Disclaimer of Liability

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE DEVELOPER OF THIS APP DISCLAIMS ALL LIABILITY AND RESPONSIBILITY FOR ANY ACTIONS, CONTENT, COMMUNICATIONS, OR CONDUCT OF USERS. THE DEVELOPER SHALL NOT BE HELD LIABLE, UNDER ANY CIRCUMSTANCES, FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES ARISING FROM OR RELATED TO:

• Any content shared, sent, or received by users
• Any illegal, harmful, threatening, abusive, or objectionable activity conducted through the App
• Any loss of data, privacy breaches caused by third parties, or unauthorized access
• Any interactions between users of the App
• Any reliance on the anonymity features of the App

The App is provided as a communication tool only. The developer makes no representations or warranties regarding the suitability of this App for any particular purpose.

9. Indemnification

You agree to indemnify, defend, and hold harmless the developer from and against any and all claims, liabilities, damages, losses, costs, and expenses (including legal fees) arising from or related to your use of the App, your violation of these policies, or your violation of any rights of a third party.

10. Children's Privacy

The App is not intended for use by children under the age of 13. We do not knowingly collect information from children under 13.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected in the App with an updated effective date.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: spyterminal@gmail.com