Privacy Policy

01

Who We Are

Whatever is an independent app developed and operated by an individual developer. References to "we," "us," or "our" throughout this policy refer to the developer of the Whatever app.

02

What Data We Collect

We only collect data that is necessary to provide the app's functionality.

For any privacy-related questions, you can reach us at: lewinskialbert@gmail.com

We do not collect your location, contacts, microphone or camera data (other than photos you explicitly upload), or any data beyond what is listed above.

03

How We Use Your Data

Your data is used exclusively to:

• Authenticate you and keep your account secure

• Display your lists, items, and group activity to you and invited friends

• Calculate vote matches and present group results

• Process and manage your premium subscription

• Detect and fix bugs and crashes (via Sentry)

• Review and act on user reports of objectionable content or abusive behavior

• Enforce our Terms of Use, including removing content and banning users who violate them

We do not use your data for advertising, profiling, or any purpose not listed above.

04

Third-Party Services

Whatever uses the following third-party services. Each has its own privacy policy, linked below.

• Clerk

  • Handles authentication: sign-up, login, and session management for email, Google, and Apple sign-in. clerk.com/privacy

• Supabase

  • Our database and file storage provider. All app content (lists, items, votes) is stored here. Hosted on AWS infrastructure. supabase.com/privacy

• RevenueCat

  • Manages in-app purchases and subscription status. Payment processing itself is handled by Apple or Google. revenuecat.com/privacy

• Sentry

  • Error tracking and crash reporting. Collects device type, OS version, and app state to help diagnose bugs. No personal content from your lists is included in error reports. sentry.io/privacy

We do not sell, rent, or share your personal data with any other third parties.

05

Sharing Within the App

Whatever is a social app, some data is intentionally shared with other users you invite:

• Your display name and avatar are visible to friends on shared lists

• List items you add are visible to all members of that list

• Your individual swipe votes are private. Other members never see how you voted on a specific item - only the final group result is shown

• When you report content, the reported user is not notified of your identity

06

Data Retention

We keep your data for as long as you have an account with us. If you delete your account, your personal information (name, email, avatar) will be deleted. List content may persist in anonymised form if other members of a shared list remain active.

Error logs in Sentry are retained for 90 days by default.

Records of reports, blocks, and moderation actions may be retained longer where necessary for safety purposes or to comply with legal obligations.

07

Content Moderation

Whatever includes user-generated content (lists, item descriptions, images, profile info). To keep the app safe: 

• You can report objectionable content or block abusive users at any time from within the app

• We review all reports within 24 hours and take appropriate action, including removing content and banning users who violate our Terms of Use

• Blocked users' content is immediately removed from your feed and they can no longer interact with you

• We may use automated filtering in addition to human review

If you encounter content that violates our Terms of Use, please report it through the app or email b4611849@gmail.com

08

Your Rights

Regardless of where you live, you can exercise the following rights at any time by contacting us:

• Access - request a copy of the data we hold about you

• Correction - update or fix inaccurate personal data

• Deletion - request that your account and associated data be deleted

• Portability - request your data in a portable format

• Objection - object to how we process your data

EU/EEA users have additional rights under GDPR. To exercise any of these rights, email us at lewinskialbert@gmail.com and we will respond within 30 days.

09

Children's Privacy

Whatever is not directed at children under the age of 13 (or 16 in the EU). We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

10

Security

All data is transmitted over HTTPS. Authentication is handled by Clerk using industry-standard JWT tokens. Write operations to our database are protected server-side, client apps never have direct write access using privileged credentials. We take reasonable measures to protect your data, but no system is 100% secure.

11

Push Notifications

Whatever does not currently send push notifications. When this feature is added in a future update, this policy will be updated and you will be asked for permission before any notifications are sent.

12

Changes to This Policy

We may update this policy as the app evolves. When we make significant changes, we will update the date at the top of this page and, where appropriate, notify you within the app. Continued use of the app after changes constitutes acceptance of the updated policy.

13

Contact

Questions, requests, or concerns about this privacy policy? Reach out: lewinskialbert@gmail.com