PRIVACY POLICY - SPILLR
Last updated: February 2026

Spillr ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our mobile application.

INFORMATION WE COLLECT
When you use Spillr, we collect:
• Account Information: Email address, alias (username), city, and gender (optional)
• Content: Vents you post, comments you leave, scroll messages, and reactions
• Usage Data: App interactions, impression counts, and engagement metrics
• Device Information: Device type and operating system (for error tracking)
• Push Notification Data: Device push tokens and notification preferences (if enabled)

HOW WE USE YOUR INFORMATION
• To provide and maintain the Spillr service
• To display vents anonymously to other users in your city
• To show you analytics about your vents' performance
• To moderate content for safety using AI (see AI Content Moderation section)
• To send push notifications about reactions, comments, and scroll replies
• To enforce rate limits and prevent abuse
• To diagnose technical issues and improve the app

PUSH NOTIFICATIONS
We collect device identifiers (push tokens) to send you notifications about:
• Reactions on your vents
• Comments on your vents
• Replies to your scrolls
• Streak reminders

You can control which notifications you receive in Settings > Notifications, or disable all notifications through your device settings. We do NOT use push tokens for advertising or tracking. Push tokens are deleted when you uninstall the app or delete your account.

ANONYMITY & PRIVACY BY DESIGN
Your vents are anonymous. Other users only see your alias and gender - never your email or real identity. We designed Spillr to let you express yourself freely.

DATA RETENTION
• Vents: Expire based on your chosen duration (24 hours, 7 days, or permanent). Timed vents are archived when they expire.
• Comments: Archived with the vent when it expires
• Reactions: Deleted when the associated vent expires
• Push Tokens: Deleted when you uninstall the app or delete your account
• Notification Queue: Deleted within 7 days of sending
• Account Data: Retained until you delete your account

AI CONTENT MODERATION
To maintain a safe and supportive community, we use artificial intelligence (AI) to moderate content before it is posted.

Explicit Consent Required: Before you can post any content (vents, comments, or messages), you must explicitly consent to AI moderation. Without consent, you can read content but cannot post.

What data is sent:
• The text content of your vents, comments, and messages
• No personal identifiers (email, username) are sent

Who processes the data: We use Anthropic's Claude AI service (api.anthropic.com) to analyze content for safety. Anthropic is a US-based AI safety company.

How it works:
• Your content is sent to Anthropic's API for real-time analysis
• The AI checks for harmful content, personal information exposure, and policy violations
• Anthropic does NOT store your content after processing
• Results are returned immediately and content is posted or flagged

Your rights: You can withdraw consent at any time in Settings. Withdrawing consent will prevent you from posting new content.

Learn more about Anthropic's privacy practices at anthropic.com/privacy.

THIRD-PARTY SERVICES
We use the following services:
• Supabase: Database hosting and authentication (data stored securely)
• Anthropic: AI content moderation (Claude API) - text content only, no personal identifiers
• Sentry: Error tracking to fix bugs (no personal content shared)
• Expo: App delivery, updates, and push notification delivery

DATA SECURITY
We implement industry-standard security measures including encrypted connections (HTTPS), secure authentication, and Row Level Security on our database to ensure users can only access their own data.

YOUR RIGHTS
You can:
• Access and update your profile information anytime
• Control which notification types you receive
• Disable notifications entirely through device settings
• Delete individual vents before they expire
• Delete your entire account and all associated data

CHILDREN'S PRIVACY
Spillr is not intended for children under 13. We do not knowingly collect information from children under 13.

CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date.

CONTACT US
If you have questions about this Privacy Policy, please contact us at:
hello@spillr.me