Cipher
Privacy Policy
Effective Date: March 16, 2026 | Last Updated: March 16, 2026
Cipher ("the App") is an encrypted messaging application developed and operated by Mae Raaki ("we," "us," or "our"). This Privacy Policy explains how we collect, use, and protect your information when you use the App.
Our core principle: Your messages are end-to-end encrypted. We cannot read your messages. Encryption keys are stored only on your device and are never transmitted to our servers.
1. Information We Collect
Information You Provide
| Data | Required? | Purpose |
|---|
| Handle (username) | Yes | Account identification, friend search |
| Display name | Optional | Profile display to friends |
| Avatar style/photo | Optional | Profile personalization |
| Phone number | Optional | Contact verification |
We do not require your email address, real name, or date of birth to create an account.
Message Data
- Encrypted message content — Messages are encrypted on your device before being transmitted. We store only encrypted data and cannot decrypt or read your messages.
- Encrypted media — Photos and GIFs are encrypted on your device before upload.
- Message metadata — Sender ID, timestamp, message type, and delivery status.
Automatically Collected Data
- Crash reports — Device model, OS version, and error information to help us fix bugs. Does not include message content.
- Usage analytics — Anonymous feature usage patterns to help us improve the App. Does not include message content or personal data.
- Push notification tokens — A device token for delivering message notifications. This token does not identify you personally.
2. Information We Do NOT Collect
- Email address
- Precise or approximate location
- Contacts or address book
- Browsing history
- Advertising identifiers
- Health or fitness data
- Financial or payment information (purchases are handled entirely by Apple App Store and Google Play)
3. How We Use Your Information
- Provide the service — Deliver encrypted messages, manage your account, and sync conversations.
- Friend discovery — Allow other users to find you by your handle.
- Push notifications — Notify you of incoming messages (can be disabled in device settings).
- Improve the App — Analyze crash reports and anonymous usage patterns to fix bugs and improve features.
- Enforce policies — Process block and report actions to maintain a safe community.
We do not use your data for advertising, profiling, or selling to third parties.
4. Security
- All messages are end-to-end encrypted before leaving your device. We cannot access or read your message content.
- Encryption keys are stored exclusively on your device and are never transmitted to our servers.
- Each conversation uses a unique encryption key.
- All communication between the App and our servers is encrypted in transit.
- Biometric authentication (Face ID, Touch ID, fingerprint) is handled entirely by your device's operating system. Biometric data never leaves your device and is never accessible to us.
- Messages automatically expire and are deleted 30 days after being sent.
5. Third-Party Services
We use the following third-party services to operate the App:
| Provider | Data Shared | Purpose |
|---|
| Google | Encrypted data, anonymous user ID, device tokens, crash logs, anonymous usage events | Cloud infrastructure, authentication, push notifications, crash reporting, analytics |
| GIPHY (Meta) | Search queries, IP address | GIF search and display |
Each third-party service is governed by its own privacy policy:
6. Data Retention
- Messages: Automatically deleted 30 days after being sent.
- Account data: Retained as long as your account is active.
- Crash reports and analytics: Retained per our service providers' standard policies.
7. Your Rights & Choices
- Delete messages: You can delete individual messages at any time.
- Block users: Block any user to prevent them from contacting you.
- Disable notifications: Turn off push notifications in your device settings.
- Delete your account: You may request complete account deletion by contacting us at contact@maeraaki.com. This will permanently delete your user profile, conversations, and all associated data from our servers.
- Data portability: You may request a copy of your personal data by contacting us.
If you are located in the European Economic Area (EEA), United Kingdom, or California, you may have additional rights under GDPR, UK GDPR, or CCPA respectively. Contact us to exercise these rights.
8. Children's Privacy
Cipher is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will delete it promptly. If you believe a child under 13 has provided us with personal information, please contact us at contact@maeraaki.com.
9. International Data Transfers
Our servers may be located in the United States or other countries. By using the App, you consent to the transfer of your encrypted data to these servers. All data is encrypted in transit and message content is encrypted before it leaves your device.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy in the App or on this page with a revised "Last Updated" date. Your continued use of the App after changes constitutes acceptance of the updated policy.
11. Contact Us
If you have questions or concerns about this Privacy Policy or your data, contact us at:
Mae Raaki
Email: contact@maeraaki.com
Website: maeraaki.com