Privacy Policy

This Privacy Policy explains how we collect, use, share, and protect your information when you use our mobile application and website (together, the "Platform"). By using our Platform, you agree to the terms of this Privacy Policy.

1. Information We Collect

a. Information You Provide

• Account details: name, username, email, phone, gender, age.
• Profile information: Virtual profile name, bio, interests.
• Content: photos, videos, status updates, and shared materials.
• Communication data: messages and interactions.

b. Automatically Collected Data

• Device information (type, model, OS version).
• Log information (IP address, browser type, app version).
• Cookies and similar technologies for analytics.

c. Optional Data

• Camera and gallery access for uploads.
• Live location data only after permission is granted.

2. How We Use Your Information

• Provide and improve services and features.
• Help users connect, share content, and communicate.
• Personalize your feed and recommendations.
• Send notifications and updates.
• Enable live location sharing when you choose to share.
• Prevent fraud or abuse and ensure safety.
• Analyze trends and improve performance.

3. How We Share Your Information

We do not sell your personal information. We may share information:

• With other users based on your privacy settings.
• With service providers for hosting, analytics, or support.
• If required by law or legal process.
• In case of a business transfer or acquisition.

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data on the following legal bases:

• Contract: Processing necessary to provide our services — account creation, messaging, content sharing, and friend connections.
• Consent: Ad personalization and tracking (you can opt out via iOS App Tracking Transparency or in-app settings), optional location sharing, and analytics.
• Legitimate Interest: Fraud prevention, platform security, abuse detection, service improvement, and aggregated analytics.
• Legal Obligation: Compliance with applicable laws, responding to lawful requests from authorities.

5. Your Rights Under GDPR

If you are located in the EEA, UK, or Switzerland, you have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Update or correct inaccurate data via your profile settings or by contacting us.
• Right to Erasure: Delete your account and all associated data from Settings > Delete Account in the app, or by contacting us.
• Right to Data Portability: Request an export of your data in a structured, machine-readable format by contacting us at support@chatcript.com.
• Right to Restrict Processing: Request that we limit how we process your data in certain circumstances.
• Right to Object: Object to processing based on legitimate interest, including direct marketing and profiling.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at support@chatcript.com. We will respond within 30 days.

You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

6. Your Privacy Controls

• Edit or delete profile information any time.
• Manage who can see your posts and activity.
• Enable or disable live location sharing.
• Control ad tracking via iOS App Tracking Transparency prompt.
• Delete your account — all personal data is removed upon deletion. Residual copies in backups are purged within 30 days.

7. Data Retention

We retain your data as follows:

• Account data: Retained for as long as your account is active. Deleted when you delete your account.
• Messages and chats: Retained for as long as the chat exists. Deleted when both participants delete the chat or when an account is deleted.
• Posts: Retained until expiry (configurable: 4 days to 60 days for channel posts) or until you delete them.
• Location data: Deleted automatically when the sharing session ends (within 10 minutes of session expiry).
• Activity logs: Session activity data is automatically deleted after 48 hours.
• Email logs: Sent email records are automatically deleted after 7 days.
• Device and app info: Retained while your account is active. Deleted with your account.

8. Data Processors and Third Parties

We use the following third-party services to operate the Platform. These processors handle your data under Data Processing Agreements:

• Google Firebase (Google LLC) — Authentication, database, cloud functions, push notifications, and analytics. Data may be processed in the US. Firebase Privacy.
• Amazon Web Services (AWS) — Media storage (photos, videos, voice messages, documents). Data may be processed in the US. AWS Privacy.
• Google AdMob (Google LLC) — Advertising. Ads may be personalized if you grant tracking permission, otherwise non-personalized ads are shown. Google Privacy.

9. Advertising and Tracking

Our app displays ads served by Google AdMob. On iOS, we request your permission via the App Tracking Transparency (ATT) prompt before collecting your advertising identifier (IDFA). If you deny tracking, you will still see ads, but they will not be personalized based on your activity across other apps and websites.

You can change your tracking preference at any time in your device settings under Settings > Privacy & Security > Tracking.

10. Data Security

We use encryption in transit (TLS 1.2+), encryption at rest (AES-256), secure servers, and role-based access control. No system is 100% secure, and you share information at your own risk.

11. Children’s Privacy

Our Platform is not intended for children under 13 (or 16 in the EEA/UK). We do not knowingly collect data from minors. If we discover that we have collected data from a child, we will delete it promptly. Please contact us if you believe a child has provided us with personal data.

12. International Data Transfer

Your data may be stored or processed on servers in the United States and other countries outside your jurisdiction. Where data is transferred outside the EEA/UK, we rely on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms to ensure appropriate protection.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will update the “Last updated” date and notify you of significant changes through the app or by email.

14. Contact Us

If you have questions about this Privacy Policy, your data, or wish to exercise your rights, contact us at:

ChatCript Technologies (Pvt) Ltd
Email: support@chatcript.com
Website: chatcript.com