Privacy Policy

1. Introduction

Welcome to Unspoken ("we," "our," or "us"). Unspoken is an end-to-end encrypted anonymous chat application. This Privacy Policy explains what information we handle, how we handle it, and your rights. By using Unspoken, you agree to this policy.

2. Age Restriction

Unspoken is intended for users aged 17 and older. By using this app, you confirm that you are at least 17 years old.

3. No Account Required

Unspoken does not require registration. There is no account, no username, no email address, and no phone number associated with your use of the app. Each session uses an anonymous, randomly generated identifier.

4. Information We Do Not Collect

Because all messages are end-to-end encrypted, we cannot access the content of your conversations. Specifically:

• We do not collect your name, email, phone number, or any personal identifier
• We do not store or read the content of your messages, images, or typing activity
• We do not collect location data
• We do not track usage analytics or build behavioral profiles

5. Information We Do Handle

To provide the service, our server handles the following in a minimal and transient way:

• Encrypted message payloads — relayed between peers in real time; never stored in readable form. For pinned rooms, encrypted messages may be queued temporarily on the server while a peer is offline, and are deleted once delivered and acknowledged.
• Public keys — stored per pinned room to enable rejoining with the same encryption keys. Cleared when a room is unpinned.
• Anonymous session IDs — randomly generated per session, not linked to any personal identity.
• Server logs — standard connection logs (IP address, timestamps) for security and operational purposes. Retained for a limited period.

6. Third-Party Services

Unspoken does not use any third-party analytics, advertising, or crash reporting SDKs. No data is shared with or transmitted to any third-party service. We do not sell personal data — there is no personal data to sell.

7. Health Data

If you use the heart rate sharing feature, your Apple Watch reads heart rate data via HealthKit. This data is transmitted in real time directly to your conversation peer, end-to-end encrypted. It is not stored on our servers.

HealthKit data is never used for advertising or shared with third parties.

8. User Generated Content and Code of Conduct

Unspoken has zero tolerance for objectionable content or abusive behavior. Users are prohibited from sending content that is illegal, harmful, threatening, abusive, harassing, defamatory, obscene, or otherwise objectionable.

We reserve the right to block users who violate these terms.

9. Content Moderation

Unspoken implements the following measures to maintain a safe environment:

• User reporting mechanism to flag abusive users
• User blocking to prevent interactions with reported users
• Blocked users are prevented from using the service
• We aim to review reports within 24 hours

10. Data Security

All communications between the app and server use TLS encryption in transit. Message content is additionally protected by end-to-end encryption (RSA-2048 + AES-256-GCM), meaning even we cannot read what you send.

The server source code is publicly available for independent security review at github.com/bones7456/Unspoken.

11. Pricing

The Unspoken iOS app is available as a one-time purchase on the App Store. There are no subscriptions or in-app purchases. If you prefer, you can build and host the app yourself using the open-source code at no cost.

12. Your Rights

Because we do not collect personal data tied to your identity, there is generally no personal data to access, correct, or delete. If you have concerns about data related to your IP address in server logs, or wish to request deletion, please contact us.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the app after changes constitutes acceptance of the revised policy.

14. Contact

For privacy questions, to report inappropriate activity, or for support:

Email: bones7456+unspoken@gmail.com