TL;DR

We (obviously) don’t collect or store any information about you, except the minimal subscription information we need and which outbox is yours, if you are a subscriber.

It is cryptographically guaranteed that no information that we or any third parties collect or possess, even briefly, can be used to tell that you are even using the service for something.

What data do we collect?

If you become a subscriber, we technically have to collect the following data: what you ordered (the order id), and the proof (purchase token) that we can use to check your subscription at Google. We also store how long that subscription lasts (expiration data).

We also store which outbox you are using on our servers. The outbox however contains only encrypted information for which only your recipient(s) have access to. No other parties, including us can tell what’s in the outbox, or even if there is something in it or not.

We specifically don’t keep your name, address, email, or any identifiers specifically referring to you in our database.

Optionally you can register your telephone number to enable others to find you. You retain full functionality of our app if you don’t do this.

How do we use data that is collected?

We use the subscription data to make sure you have access to our services. To do this we call the appropriate Google services.

The outbox id is used to know which file to write on our servers.

How and where do we store data?

The above data is always stored in an encrypted form at DigitalOcean’s Frankfurt / Germany facility.

What information do we (or third parties) actually have?

If you are a subscriber of our service the only information any third party (including us!) is able to know is that you are a subscriber.

This is the only information at risk on our servers, or on third-party servers, like that of Google. It is cryptographically guaranteed that we can’t know anything more, including whether you have even sent or received a single message.

How long is this data stored?

This data is stored from the point where you become a subscriber to when you explicitly delete it. You can still delete your data anytime after your subscription expired. We don’t do this automatically in case you choose to become a subscriber again.

Note, that as subscription information is managed by Google, where this same data is under Google’s Privacy Policy.

Additional third parties

We do not use any trackers, advertisements, or any third party libraries that collect data.

How to delete your data

As this feature in the app is currently under development, you can delete all your data by contacting us at privacy@crowdymous.com.

Contact

Any questions and requests can be sent to: privacy@crowdymous.com.

History

This is a brief overview of changes on this document for transparency reasons:

  • 07.07.2020: Add telephone number handling, change data deletion policy to manual
  • 03.09.2020: Initial version