Once logged in, legal documents, including this one, are accessible via the Options section.
- Distinction between "followed usernames" and "contacts"
- The term "contact" is used for people whose email addresses you know and whom you have added in the "Contacts" tab.
- The term "followed user" is used when a user follows another user's posts within the "Discussions" tab.
- Following a username in the "Discussion" tab does not make them a contact in the "Contacts" tab.
- Having a contact in the "Contacts" tab does not automatically trigger follow-up with that contact in the "Discussions" tab.
- In the "Discussions" tab, the following data is visible to all other users:
- Pseudo,
- your logo if you add one via the "Options" tab,
- number of usernames that follow you,
- Registration date,
- Number of posts, and one click allows you to see all your posts.
- Number of post shares,
- Number of comments on posts,
- Number of likes,
- Number of Dislikes,
- Date of last activity,
- Likely in the future, but not certain:
- Number of usernames that follow you,
- List of usernames you follow,
- List of people who follow you
- In the "Contacts" tab and in the "Geolocation" tab, a contact is:
- a person you add as a contact via the "Create" button in the "Contacts" tab (by providing their email address, which is not initially provided by us)
- a person whose contact request you accept or ignore (this is therefore a person who knows your email address)
- In the future, additions can also be made by phone number (what applies to email addresses in the two sentences above will also apply to phone numbers)
- Mechanics of a contact request (conversely valid if you are the one sending the request...):
- Someone who knows your email address can add you to their contacts.
- You will then receive an invitation that you can accept or ignore.
- This invitation includes his email address, his username, and the temporary username he has chosen to identify you in his list.
- This allows you to decide whether or not to accept their invitation. For example, "I know them, I accept; I don't know them, I ignore them."
- The contacts you have ignored are still accessible by checking the "ignored" option in the contact list in order to accept them later for reasons we can guess (verification by you through another communication channel for example),
- You can delete a contact; if you delete a contact you previously accepted, that contact will be visible with the "ignored" option, becoming an "ignored" contact.
- Regarding your contacts, once they have been accepted:
- You can then communicate with them via video calls (these calls are peer-to-peer unless a relay server is used, an option which is disabled by default)
- If you have each installed the Android or iOS app, you can communicate with each other via private text messages.
- Regarding private text messages via Android and iOS applications (click on the contact's envelope in the "Contacts" tab, which appears after adding the contact):
- Three entities communicate in this way:
- Your Android or iOS device with our HTTPS server
- then our HTTPS server with the recipient's iOS or Android device.
- Storage on iOS or Android devices
- The messages are stored in plain text in the local database of your iOS or Android device.
- You can delete messages stored in the local iOS or Android database by tapping the contact's envelope icon (which appears after the person is added), then tapping the trash can icon in the top right corner. Alternatively, you can delete them individually by swiping them horizontally.
- * Your private messages are stored on the HTTPS server:
- We promise not to read your messages if they are not addressed to us as a "Contact".
- Asymmetric RSA end-to-end encryption is disabled because we are awaiting administrative feedback from the French government following the declaration of December 27, 2023, a declaration requested at least by Apple to use this encryption on an application available in the Apple Store.
- Your messages are therefore currently stored in the database in such a way that they are unreadable at first glance (base64 encoding).
- Currently we do not automatically delete delivered messages but we are considering it, so it is possible that by the time you read this commitment the messages will have been deleted from the server once delivered to the recipients.
- Future: Once we receive authorization to use asymmetric RSA encryption (date undetermined, perhaps never), new messages will be encrypted by your device with your recipient's public key, and only your recipient will be able to decrypt them using the private key that only they control. (This is already technically in place but disabled and cannot be enabled by users.) Therefore, even the HTTPS server will not be able to decrypt your private text messages.
- Usage data is stored on our HTTPS server (call history for example) but may be automatically deleted when you read this privacy commitment (in order to optimize our database, what can be deleted will be deleted).
- You can delete your account at any time by clicking the "Delete my account" button in the "Options" tab.
- If you delete your account, all data concerning you will be automatically erased.
- The only thing that remains in the database is a record of emails sent from us to you (sent during account creation, when you redeem your login details, and when someone invites you to connect). This is so we can manage the "unsubscribe" link found in the body of all our automated emails.
- Geolocation tab:
- In the "Options" tab, you can enable geolocation; you will then be geolocated if you have installed the iOS or Android application.
- Your geolocation is then sent to our server approximately every 30 minutes; we do not store your geolocation history, only the most recent one.
- By default, none of your contacts receive your geolocation. You must enable this sharing if you wish via the contact tab by checking the "share my location" box in the settings of the given contact.
- You can uncheck this last box if you previously checked it; the effect will be that your contact will no longer receive your new locations
- All the means we know of today are being used to prevent piracy. Examples:
- Automatic banning of suspicious IP addresses for 6 months upon the first access identified as suspicious.
- Incoming ports should only be opened for known and legitimate protocols.
- Regular updates to our infrastructure in terms of operating systems and software.
- Prioritizing the use of open-source operating systems and software
- For updates, a complete and fairly quick restart (approximately 5 minutes) usually takes place every first Saturday of the month in the morning.
- The stored data remains between us and you; there are no third parties involved.
