Privacy and Security

• Distinction between "followed usernames" and "contacts"
• The term "contact" is used for people whose email addresses you know and whom you have added in the "Contacts" tab.
• The term "followed user" is used when a user follows another user's posts within the "Discussions" tab.
• Following a username in the "Discussion" tab does not make them a contact in the "Contacts" tab.
• Having a contact in the "Contacts" tab does not automatically trigger follow-up with that contact in the "Discussions" tab.


• In the "Discussions" tab, the following data is visible to all other users:
• Pseudo,
• your logo if you add one via the "Options" tab,
• number of usernames that follow you,
• Registration date,
• Number of posts, and one click allows you to see all your posts.
• Number of post shares,
• Number of comments on posts,
• Number of likes,
• Number of Dislikes,
• Date of last activity,
• Likely in the future, but not certain:
  • Number of usernames that follow you,
  • List of usernames you follow,
  • List of people who follow you


• In the "Contacts" tab and in the "Geolocation" tab, a contact is:
• a person you add as a contact via the "Create" button in the "Contacts" tab (by providing their email address, which is not initially provided by us)
• a person whose contact request you accept or ignore (this is therefore a person who knows your email address)
• In the future, additions can also be made by phone number (what applies to email addresses in the two sentences above will also apply to phone numbers)


• Mechanics of a contact request (conversely valid if you are the one sending the request...):
• Someone who knows your email address can add you to their contacts.
• You will then receive an invitation that you can accept or ignore.
• This invitation includes his email address, his username, and the temporary username he has chosen to identify you in his list.
• This allows you to decide whether or not to accept their invitation. For example, "I know them, I accept; I don't know them, I ignore them."
• The contacts you have ignored are still accessible by checking the "ignored" option in the contact list in order to accept them later for reasons we can guess (verification by you through another communication channel for example),
• You can delete a contact; if you delete a contact you previously accepted, that contact will be visible with the "ignored" option, becoming an "ignored" contact.


• Regarding your contacts, once they have been accepted:
1. You can then communicate with them via video calls (these calls are peer-to-peer unless a relay server is used, an option which is disabled by default)
2. If you have each installed the Android or iOS app, you can communicate with each other via private text messages.


• Regarding private text messages via Android and iOS applications (click on the contact's envelope in the "Contacts" tab, which appears after adding the contact):
• Three entities communicate in this way:
1. Your Android or iOS device with our HTTPS server
2. then our HTTPS server with the recipient's iOS or Android device.
• Storage on iOS or Android devices
• The messages are stored in plain text in the local database of your iOS or Android device.
• You can delete messages stored in the local iOS or Android database by tapping the contact's envelope icon (which appears after the person is added), then tapping the trash can icon in the top right corner. Alternatively, you can delete them individually by swiping them horizontally.
• * Your private messages are stored on the HTTPS server:
• We promise not to read your messages if they are not addressed to us as a "Contact".
• Asymmetric RSA end-to-end encryption is disabled because we are awaiting administrative feedback from the French government following the declaration of December 27, 2023, a declaration requested at least by Apple to use this encryption on an application available in the Apple Store.
• Your messages are therefore currently stored in the database in such a way that they are unreadable at first glance (base64 encoding).
• Currently we do not automatically delete delivered messages but we are considering it, so it is possible that by the time you read this commitment the messages will have been deleted from the server once delivered to the recipients.
• Future: Once we receive authorization to use asymmetric RSA encryption (date undetermined, perhaps never), new messages will be encrypted by your device with your recipient's public key, and only your recipient will be able to decrypt them using the private key that only they control. (This is already technically in place but disabled and cannot be enabled by users.) Therefore, even the HTTPS server will not be able to decrypt your private text messages.


• Usage data is stored on our HTTPS server (call history for example) but may be automatically deleted when you read this privacy commitment (in order to optimize our database, what can be deleted will be deleted).


• Vous pouvez supprimer votre compte à tout moment, en cliquant sur le bouton "Supprimer mon compte" de l'onglet "Options".
• si vous supprimez votre compte, toutes les données vous concernant sont automatiquement effacées.
• La seule chose qui subsiste dans la base de donnée est la trace des envois de email de nous vers vous (effectués pendant la création de compte, pendant le rappel des identifiants et dans le cas ou quelqqu'un vous invite en contact). Ceci afin de pouvoir gérer le lien "ne plus recevoir de emails de notre part" présents dans les corps de tous nos messages emails automatiques.


• Onglet Géolocalisation :
• Dans l'onglet "Options", vous pouvez activer la géolocalisation, vous êtes alors géolocalisé si vous avez installé l'application IOS ou ANDROID
• Votre géolocalisation est alors envoyée à notre serveur environ toutes les 30mn, nous ne gardons pas en mémoire l'historique de vos géolocalisations mais uniquement la dernière
• Par défaut, aucun de vos contacts ne reçoit votre géolocalisation, c'est à vous d'activer ce partage si vous le décidez via l'onglet contact en cochant la case "partager ma position" dans les paramètre du contact donné
• Vous pouvez décocher cette dernière case si l'avez précédemment cochée, l'effet sera que votre contact ne recevra plus vos nouvelles positions


• Tous les moyens que nous connaissons aujourd'hui sont mis en oeuvre afin d'éviter le piratage. Exemples :
• Bannissement automatique d'adresses IP douteuses pendant 6 mois au premier accès identifié comme douteux,
• Ouverture de ports entrants uniquement pour les protocoles connus et légitimes,
• Mise à jour régulière de notre infrastructure en termes de systèmes d'exploitation et de logiciels.
• Utilisation en priorité de système d'exploitation et de logiciels Open Sources
• Pour les mises à jour, un redémarrage total et assez rapide (5mn environ) à lieu en général tous les premiers samedis du mois au matin.


• Les données stockées restent entre nous et vous, il n'y a pas de tiers.