Privacy Policy

Context · Effective 15 June 2026 · Last updated 15 June 2026

The short version: Context is built so that we cannot read your content. Your messages, photos, voice notes, and journal entries are encrypted on your device with keys that only you and your partner hold. Our servers only ever see unreadable ciphertext. We have no user accounts, run no analytics, show no ads, and do not track you.

Context (“Context”, “the app”, “we”, “us”) is a private, two-person, end-to-end encrypted space for couples, published by [Developer / Legal Entity Name]. This policy explains what data the app handles, what leaves your device, and the choices you have.

1. Who this applies to

Context is intended only for adults aged 18 or older. It is designed for intimate communication between two consenting partners and may contain adult content. It is not directed to children, and we do not knowingly collect data from anyone under 18.

2. The data Context handles

2.1 Never leaves your device

2.2 Passes through our servers — as ciphertext only

2.3 Operational data the relay stores

2.4 What we do not collect

No name, email, phone number, date of birth, account/password, contacts, location, advertising identifiers, or analytics. No ads, no trackers, no engagement metrics (no likes, view counts, or read receipts).

3. Notifications

When new content arrives while the app is closed, we send a content-free push via Apple (APNs) or Google (FCM). The text is generic (e.g. “💗 New moment”) and never contains your messages — the real content stays encrypted in your mailbox and is decrypted only on your device when you open the app.

4. Permissions

PermissionWhy
CameraTake a photo to share with your partner.
MicrophoneRecord a voice note.
Photo libraryChoose a photo to share; save a received photo when you ask.
NotificationsAlert you that your partner sent something (content-free).
Face ID / biometricsUnlock “spicy” content (handled by your OS).

You can revoke any of these in device settings; denying one only disables that feature.

5. Service providers (subprocessors)

None receive your decrypted content.

ProviderRoleReceives
Fly.ioHosts the relayCiphertext traffic; connection IP
Upstash (Redis)Temporary encrypted mailboxCiphertext only
Apple APNsiOS push deliveryDevice token; content-free push
Firebase Cloud MessagingAndroid push deliveryDevice token; content-free push
Apple App Store / Google PlayApp distributionPer their own policies

6. Data retention

7. Your choices and rights

Depending on where you live you may have rights under the EU/UK GDPR or California CCPA/CPRA. We honor these at the contact above. We do not sell or share personal information for advertising.

8. Security — and its honest limits

We use end-to-end encryption (X25519 → HKDF-SHA256 → AES-256-GCM), encryption at rest, and keys stored in your device's secure store, plus a six-emoji check to verify your pairing. Honestly, these protections cannot:

No method of transmission or storage is 100% secure.

9. International transfers

Our relay and providers operate primarily in the United States; limited operational data (ciphertext in transit, push tokens, connection metadata) may be processed there and in other countries where our providers operate.

10. Children's privacy

Context is for adults (18+) and not directed to children. We do not knowingly collect data from anyone under 18. Contact us if you believe a minor has used the app.

11. Changes

We will update the “Last updated” date for any change and notify you in-app for material changes. Continued use after an update means you accept the revised policy.

12. Contact

[Developer / Legal Entity Name]
[privacy@yourdomain.com]