## Introduction
Letters ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
## Information We Collect
### Personal Information
- **Account Information**: Phone number, first name, last name, and Letters address
- **Contact Information**: Access to your device contacts (only when you grant permission) - see detailed explanation below
- **User Content**: Letters you write and receive, including text content
### Contact Information - Detailed Disclosure
When you grant permission to access your contacts:
- **Phone Number Lookup**: We send your contacts' phone numbers to our server to identify which of your contacts already use Letters. These lookups are processed in memory and phone numbers from this check are not permanently stored on our servers.
- **Adding Contacts to Your Address Book**: When you add someone to your Letters address book who doesn't yet have a Letters account, their phone number is stored on our server. This creates a "pending" account that allows you to send them letters and is activated when they sign up for Letters.
- **Data Not Shared**: Phone numbers from your contacts are never shared with other users or third parties. They are used solely for the purposes described above.
### Automatically Collected Information
- **Device Information**: Device type, operating system version
- **Usage Data**: App features used, interaction patterns
- **Push Notification Tokens**: To deliver notifications about new letters
## How We Use Your Information
We use your information to:
- Create and manage your account
- Facilitate letter exchange between users
- Send notifications when letters are ready
- Help you find friends who use Letters
- Improve app functionality and user experience
- Provide customer support
## Data Storage and Security
- Your data is stored securely using Supabase (cloud infrastructure)
- Letters are encrypted in transit using industry-standard protocols
- We implement appropriate security measures to protect your information
- Your letters are private and only accessible to you and your intended recipients
## Information Sharing
We do NOT:
- Sell your personal information to third parties
- Share your letters with anyone except intended recipients
- Use your data for advertising purposes
- Share your contacts with other users without permission
We MAY share information:
- When required by law or legal process
- To protect our rights, privacy, safety, or property
- With service providers who assist in app operation (under strict confidentiality)
## Your Rights and Choices
You have the right to:
- **Access**: Request a copy of your personal data
- **Correction**: Update or correct your information
- **Deletion**: Request deletion of your account and data
- **Opt-out**: Disable push notifications in device settings
- **Contact Access**: Revoke contact permissions in device settings
## Data Retention
- Active account data is retained while your account is active
- Deleted letters are permanently removed from our servers
- Account deletion removes all associated data within 30 days
- Backup copies may persist for up to 90 days
## Children's Privacy
Letters is not intended for users under 13 years of age. We do not knowingly collect information from children under 13. If you believe we have collected information from a child under 13, please contact us.
## Third-Party Services
Letters uses the following third-party services:
- **Supabase**: Database and authentication services
- **Expo**: Mobile app development platform
- **Apple Push Notification Service**: For iOS notifications
These services have their own privacy policies governing their use of your information.
## Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes by:
- Posting the new policy in the app
- Updating the "Last Updated" date
- Sending a notification (for material changes)
Continued use of Letters after changes constitutes acceptance of the updated policy.
## Contact Information
For questions, concerns, or requests regarding this Privacy Policy or your data:
**Email**: [email protected]
**Telephone**: +447590520019
## Your California Privacy Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of sale of personal information (we don't sell data)
- Right to deletion of personal information
- Right to non-discrimination for exercising your rights
## International Users
Letters is operated in the United States. If you access the app from outside the US, your information may be transferred to, stored, and processed in the US where our servers are located.
## Consent
By using Letters, you consent to this Privacy Policy and agree to its terms.