Privacy Policy
Effective date: [Effective Date] · Last updated: [Last Updated Date]
1. What We Collect
We collect the following categories of information:
- Account info: your email and name, provided by your sign-in method (Google).
- Profile content: whatever you choose to add to your profile — name, handle, photo, location, headline, values, interests, current focus, and any other fields you fill in.
- Connections and messages: who you’ve requested/accepted as connections, and the content of messages you send.
- Usage data: basic technical information (e.g. that you searched, viewed a profile, or sent a connection request) used to operate and improve the Service, and to detect abuse.
2. How We Use It
We use your information to:
- Create and display your profile according to your visibility settings.
- Power search, QR/link sharing, connection requests, and messaging.
- Keep the Service secure and prevent abuse (e.g. rate-limiting, spam prevention, enforcing our Terms).
- Communicate with you about your account (e.g. security notices), if we ever need to.
We do not sell your personal information, and we do not use your profile content to train third-party models.
3. Profile Visibility and Who Can See What
Your profile has a visibility setting: preview-until-connected (the default), fully public, or hidden from search. Regardless of setting, anyone with your link or QR code can view the limited preview (name, handle, photo, headline, and any location/status/what-you-do fields you’ve chosen to show). Your full profile is visible only to you, your accepted connections, or — if you set your profile to public — anyone. Fields you turn off in your visibility toggles are never included in what strangers, search results, or previews can see.
Search results and profile previews only ever include the limited preview fields — never your full About section, values, current focus, personality details, or anything you’ve marked hidden.
4. Messages
Messages are only exchanged between accepted connections and are stored so the messaging feature works — they are not end-to-end encrypted. We do not read your messages as a matter of course, but we may access message content if required to investigate abuse, enforce our Terms, or comply with law.
6. Data Retention and Deletion
We retain your profile and message data for as long as your account is active. You can request deletion of your account and data at any time from your account settings or by emailing support@getwho.app. Deleting your account removes your profile, connections, and messages; some information may be retained briefly in backups or logs for security and legal-compliance purposes before being fully purged.
7. Your Choices
- Control what’s visible on your profile via the visibility toggles on each field.
- Set your overall profile visibility to preview-only, public, or hidden from search.
- Delete individual profile fields at any time.
- Request full account deletion at any time.
- Contact us with any privacy question at support@getwho.app.
8. Children’s Privacy
who. is not directed to, and is not intended for use by, anyone under the age of 13, and the Service overall is intended for users 18 and older. If we learn we’ve collected information from a child under 13, we will delete it promptly. See our Terms of Service for our full age policy.
9. Security
We use industry-standard practices to protect your data, including row-level database access controls that restrict who can read your profile and messages at the database layer, not just in the app’s interface. No method of transmission or storage is 100% secure, and we can’t guarantee absolute security.
10. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we’ll make reasonable efforts to notify you (e.g. by posting a notice on the Service or updating the “Last updated” date above).
11. Contact
Questions about this policy or your data? Contact us at privacy@getwho.app or support@getwho.app.