Privacy Policy

a. Authentication Data

• Email address – collected through Firebase Authentication (Email Sign-In or Google Sign-In). Purpose: Used for login, verification, and account management.

b. Device and Session Data

To maintain account security and prevent abuse, we record specific login session details.

IP Address Policy: Anonime does not store IP addresses in user profiles, activity logs, or audit trails. Note: Our infrastructure providers (e.g., Google Cloud, Firebase) may process connection data at the network layer for security purposes (such as DDoS protection), but this data is not accessible to Anonime for user tracking or profiling.

• deviceId – unique session identifier.
• deviceLabel – e.g., “Windows (Chrome)”.
• userAgent – browser and OS information.
• isActive – session activity state.
• Timestamps – createdAt, lastLoginAt, updatedAt, loggedOutAt for audit and security purposes.

c. Email Data & Encryption

Email content is encrypted in transit (TLS) and encrypted at rest (AES-256).

• Key Management: Anonime manages the encryption keys (Server-Side Encryption) to facilitate service delivery.
• Volatile Memory: During delivery, message content briefly exists in volatile memory on our servers before encryption.

Important: If legally compelled with a valid and binding order served prior to or during delivery, we may be required to capture message content before encryption. We do not otherwise disclose stored content.

d. Communication Preferences

• Subscription and marketing notifications (optional): If you opt in, we may send you updates, offers, or feature announcements via email. You can opt out at any time using the unsubscribe link or by contacting us at privacy@anonime.io.

e. "Whispers" (Anonymous Threads)

"Whispers" allow users to create temporary chat threads for external communication.

• Anonymity: External participants are not authenticated. Their identity is unknown to the Anonime user, to Anonime, and to themselves (no persistent profile).
• Retention: All Whisper threads have a user-defined duration. The maximum retention is 48 hours. Once the duration expires, the thread and all associated messages are permanently deleted.

f. "Private Drop" Data

"Private Drop" allows users to upload files or notes retrievable via a generated redeem code.

• Access: Data is accessible only via the unique redeem code.
• Deletion: This is a "burn-on-read" feature. Immediately upon successful retrieval (download or view), the file or note is automatically and permanently deleted from our servers.

3.b. Third-Party Processors (Subprocessors)

We use a limited number of vetted third-party service providers (“Subprocessors”) to assist us in providing the core service. These vendors are provided only the necessary data to perform their contractual functions and are bound by confidentiality and equivalent data protection requirements.

Our primary subprocessors are:

• Cloud Infrastructure: Google Cloud Platform
• Authentication: Google Firebase
• Payment Processing: Paystack (PCI-DSS compliant handling of billing data)

We review subprocessors annually to ensure continued compliance with security standards. An up-to-date list is available upon request at privacy@anonime.io.

a. Safeguards

• Encryption: TLS (in transit) and AES-256 (at rest).
• Authentication: Secure Firebase Authentication.
• Infrastructure: Google Cloud, ISO/IEC 27001 & GDPR-compliant.

Despite strong safeguards, no online system is entirely secure. You use Anonime at your own risk.

b. Data Breach Notification

If a data breach occurs involving unauthorized access to your data:

• We will notify you without undue delay, within 72 hours when required by law.
• The notice will describe the nature of the breach, consequences, and corrective actions.
• Notification will be sent via your registered email address.

a. Automated TTL Policies

• Emails & Notifications: All received emails and system notifications are subject to a TTL period, after which they are auto-deleted. We reserve the right to set and modify this duration and will inform users of the current policy.
• Whispers: Maximum retention of 48 hours.
• Private Drops: Deleted immediately upon retrieval.
• Account Deletion: If you delete your account, all remaining associated data (account details, sessions) is purged within 30 days.

b. Technical Deletion Latency

Due to the nature of distributed database systems, there may be a brief technical gap between the moment data becomes inaccessible (Logical Deletion/TTL Expiry) and the moment it is physically overwritten or purged from storage (Physical Deletion).

• Policy: The "point of deletion" is considered the moment the TTL expires or the delete action is triggered.
• Accessibility: Once the TTL expires, the data is immediately rendered inaccessible to the user and the system application layer, even if the background purging process takes slightly longer to complete.