Privacy Policy
Effective June 8, 2026 · Version 1.4 · Play Store & App Store Compliant
This policy describes how Usapp collects, uses, stores, and protects your personal information when you use our messaging application and related services.
1Introduction
Usapp (“we,” “our,” or “us”) is a private messaging application available on Android, iOS, and as a web application. We are committed to protecting the privacy and security of all users (“you”) who access our services.
This Privacy Policy applies to:
- The Usapp mobile application (Android and iOS)
- The Usapp web application
- The Usapp backend services that store and process your data
By creating an account or using Usapp, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the application.
2What We Collect
We collect the following categories of personal data when you use Usapp. Each category details the specific fields collected, their purpose, and whether they are required.
2.1 Account Registration Data
Collected when you create a Usapp account.
| Field | Required | Notes |
|---|---|---|
| Phone number | Required | Primary identifier; must be unique; used for OTP verification and delivery |
| Email address | Optional | Optional at registration; unique if provided |
| Username | Optional | Auto-generated from profile name; must be unique |
| IP address | System | Captured at registration and session creation for security auditing |
| User-Agent string | System | Browser or app identifier captured at session creation |
| Account timestamps | System | Date and time your account was created, and when you were last active — stored in UTC |
| Legal-age confirmation | System | A single boolean recording that you meet the minimum age. Computed on your device from a month/year you select; those values are never sent to or stored by us (see §11) |
| Privacy Policy acceptance | Required | That you accepted this Privacy Policy, and the date/time you accepted it — recorded at registration |
2.2 User Profile Data
Collected when you complete your profile after registration. All profile fields are optional.
| Field | Required | Notes |
|---|---|---|
| First name | Optional | Indexed for user search; visible to other users |
| Last name | Optional | Indexed for user search; visible to other users |
| Biography | Optional | Free-text field; visible to accepted contacts |
| Avatar / profile photo | Optional | Uploaded image resized and stored as a standard compressed image. No EXIF, GPS, or camera metadata is retained. |
2.3 Authentication & Session Data
One-Time Passwords (OTP)
OTPs verify your phone number and authenticate login attempts. They are delivered by SMS and are never stored as plain text. OTPs expire after 5 minutes and are permanently locked after 3 incorrect attempts.
Sessions & Refresh Tokens
| Field | Notes |
|---|---|
| Refresh token | Unique per session; individually revocable without full logout; 7-day lifetime |
| User-Agent | Device or browser string captured at session creation |
| IP address | Captured at session creation; used for the “Devices & Sessions” security display |
| Session activity | Date and time the session was last used, refreshed on every login |
| Session expiry | 7 days from creation; automatically cleaned up (see §8) |
Token Lifetimes
| Token | Lifetime |
|---|---|
| Access token | 15 minutes |
| Refresh token | 7 days |
| OTP request token | 1 hour |
Login Attempt Audit Log
Every authentication attempt — successful or failed — is recorded for security purposes:
| Field | Notes |
|---|---|
| Identifier used | Phone number or username. Phone numbers are masked in all system logs to protect your privacy |
| IP address | Logged for security audit purposes |
| User-Agent | Device or browser string |
| Outcome | Whether the attempt succeeded, and if not, a reason (e.g., “Invalid OTP”, “OTP expired”) |
| Timestamp | UTC |
2.4 Contacts & Relationships
When you add or interact with another user, a contact relationship record is created.
| Status | Who holds it | Meaning |
|---|---|---|
| Requested | Sender | First message sent; waiting for recipient acceptance |
| Pending | Recipient | Inbound request not yet accepted |
| Accepted | Both | Mutual contact relationship established |
| Blocked | Blocker | One-way block; blocked user cannot send messages |
| Archived | Either | Contact hidden from list but not removed |
| Muted | Either | Notifications silenced for this contact |
You may assign an optional nickname to any contact. This is stored privately and visible only to you.
2.5 Message Data
Messages are stored on our servers. The following fields are captured per message:
| Field | Notes |
|---|---|
| Sender & recipient | User identifiers for message routing and delivery |
| Message content | For messages between users, encrypted data in a format our servers cannot read (end-to-end encrypted — see §6). Messages from official or system accounts are stored as plain text, automatically cleaned before storage. |
| Message type | Text, image, file, or voice |
| Delivery status | Sending → sent → delivered → seen |
| Deleted / edited flags | Soft-delete flag and edit flag; full physical deletion requires an erasure request (see §9) |
| Reply reference | Optional reference to a parent message |
| Conversation ID | Groups all messages between two users |
| Timestamps | Date and time the message was created and last updated |
A chat log (audit trail) records every delivery event per message: delivered, seen, edited, deleted, failed to send, and retry — along with who performed the action and when.
Typing status (who is currently typing to whom) is stored temporarily with a 10-second automatic expiry. No typing events are retained beyond this window.
2.6 Push Notification Data
| Field | Notes |
|---|---|
| Notification title & body | Push notification text content |
| Notification type | Message, friend request, system, or promotion |
| Delivery payload | Optional data delivered to the client app |
| Read state | Whether and when the notification was read by the user |
| Push delivery log | Delivery status per device: pending, sent, delivered, or failed |
| Device tokens targeted | List of push notification tokens the notification was dispatched to |
2.7 Device Information
The following device data is collected automatically and transmitted with every request. It is used for session management, security auditing, and multi-device support.
| Data point | Source | Linked to identity? |
|---|---|---|
| Device model & brand | Operating system (e.g., “Pixel 6”, “Google”) | Yes |
| OS name & version | Operating system (e.g., “Android 13”) | Yes |
| Device type | Phone, tablet, desktop, TV, or unknown | Yes |
| App version | Application metadata (e.g., “1.0.0”) | Yes |
| Installation fingerprint | A unique identifier derived from your device and app installation. Not a hardware IMEI or hardware serial number. Survives sign-out; cleared on app uninstall. | Yes |
| Push notification token (Google / Apple) | Provided by Google (Android / Web) or Apple (iOS) to deliver push notifications | Yes |
2.8 Media & Avatar Files
| Attribute | Value |
|---|---|
| Format | Standard compressed image format, converted on our servers |
| Dimensions | 300 × 300 pixels (resized on our servers) |
| Metadata retained | Filename only (linked to your profile record). No EXIF, GPS location, camera, or timestamp metadata is retained. |
| Local app retention | The mobile app discards the local file immediately after a successful upload. No image data is retained on your device by the app. |
3How We Collect It
We collect information through the following mechanisms:
Direct Input
Information you actively provide: your phone number during registration, your name during profile setup, messages you compose and send, and photos you choose to upload as your avatar.
Automatic Device Information
Every request from the Usapp app automatically includes device metadata (model, brand, OS version, app version, device type, and installation fingerprint). All requests are sent over an encrypted connection (HTTPS).
Opt-In Device Contacts Upload (Android & iOS)
If you explicitly agree to the in-app contacts permission prompt and the operating system permission dialog, the app reads your device address book — display name and phone numbers only — and uploads it to our servers to identify which of your contacts already have Usapp accounts.
No other contact fields (email, photo, physical address, organization, or birthday) are accessed. This is strictly opt-in: if you decline either prompt, no contact data is ever accessed. You can revoke this permission at any time in your device system settings.
SIM Card Pre-Fill (Android Only)
On Android, with your permission, the app reads the phone number stored on your SIM card to pre-fill the registration input field. This requires Android’s “Phone” permission. The SIM number is held in memory only for the duration of the screen interaction and is never saved to your device. If you previously denied this permission, the app will not request it again.
Authentication Events
Your IP address and device/browser identifier are captured automatically at session creation and on every login attempt. This is a standard security practice used to detect unauthorized access and display active sessions in your account.
4How We Use Your Data
We use your personal data strictly for the purposes of operating the Usapp service. We do not use your data for advertising, behavioral profiling for commercial purposes, or sale to third parties.
| Purpose | Data used |
|---|---|
| Account creation & verification | Phone number, OTP, IP address |
| Authentication & session management | Phone number, login tokens, session records, IP address, device fingerprint |
| Message delivery | Sender, recipient, message content, delivery status |
| Real-time messaging | Login token (for real-time connection), message content, typing events |
| Push notifications | Push notification tokens, notification content |
| Contact discovery | Device address book phone numbers (opt-in only) |
| Avatar display | Uploaded profile photo |
| User search | First name, last name, username, phone number |
| Security auditing | IP address, device/browser identifier, login attempt records |
| Multi-device session management | Device model, brand, OS, installation fingerprint, push token |
| Rate limiting & abuse prevention | IP address, phone number, request metadata |
5Storage & Infrastructure
Your data is stored across the following systems, all operated directly by Usapp. We do not use third-party cloud database-as-a-service providers for personal data storage.
| Store | Data held |
|---|---|
| Primary database | User accounts, profiles, contact relationships, authentication sessions, one-time passwords, device tokens, rate limit records |
| Messaging database | Messages, chat logs, typing status |
| Notifications database | Notification records, push delivery logs |
| Cache & ephemeral store | Session state, rate-limit counters, real-time presence state |
| Server storage | Avatar images |
All communication between your device and our servers is encrypted in transit. Standard security headers are applied to all web responses to protect against common web attacks.
On-device token storage (mobile): Authentication tokens on the mobile app are stored in your device’s secure, hardware-protected storage (Android Keystore / iOS Keychain).
Web platform: On the Usapp web build, tokens are stored in standard browser storage because hardware-protected storage is unavailable in browser contexts. This is a known limitation of web platforms.
6End-to-End Encryption
How it works
- Encryption happens on your device before your message is transmitted.
- The server receives and stores only the encrypted version; it does not decrypt or inspect the content.
- The server never holds your private keys. Only your public key is shared, so others can encrypt messages to you.
- Delivery status (sent, delivered, seen) and routing information are processed on the server as described elsewhere in this policy. Encryption protects message content, not this metadata.
- The app indicates within a conversation whether messages are end-to-end encrypted.
Current limitations
- Single device. Encryption keys live on the device you use. If you reinstall the app or switch devices, new keys are generated and previously encrypted messages may no longer be readable on the new device.
- No forward secrecy yet. This version uses a long-term key per user. Stronger forward-secrecy and multi-device support are planned for a future update.
Messages from official or system accounts (for example, service notifications) are not end-to-end encrypted; their content is automatically checked for safety before storage and is accessible to us as described in this policy.
7Security Controls
We implement industry-standard technical controls to protect your personal data:
| Control | What it does |
|---|---|
| OTP protection | One-time passwords are stored using a secure one-way hash and compared using a method that prevents timing-based attacks; locked after 3 incorrect attempts; 5-minute expiry |
| OTP rate limiting | Maximum 3 OTP requests per phone number per hour; max 5 per phone per day; max 10 per IP address per hour |
| Login tokens | Signed with strong secret keys; separate keys for short-lived access tokens and long-lived refresh tokens |
| Session revocation | Each session can be terminated individually without logging out of all devices |
| Transport security | All traffic encrypted via HTTPS and secure WebSocket connections; HSTS header enforced |
| Web security headers | Standard security headers applied to all responses to prevent clickjacking, content-type sniffing, and other common web attacks |
| XSS prevention | All plain-text message content is automatically sanitized before storage to remove potentially harmful code |
| Injection prevention | All database queries use parameterized statements — user input is never used directly in database commands |
| Input validation | User and conversation identifiers are validated against an allowed-character pattern before any use |
| Sensitive data masking in logs | Phone numbers are masked in all system logs; one-time passwords, login tokens, and message content are never logged |
| Hardware-encrypted token storage | Mobile app stores authentication tokens in the device’s hardware-protected secure storage |
| CORS restriction | Only approved origins (domains) are permitted to make requests to our API |
No system is completely immune to security risks. If you believe you have discovered a security vulnerability, please contact us at admin@youcodetech.com.
8Data Retention & Deletion
Automatic Cleanup (Scheduled Jobs)
Our system runs automated retention jobs to delete expired or unnecessary data:
| Job | Schedule | What is deleted |
|---|---|---|
| OTP cleanup | Daily at 02:00 UTC | One-time password records older than 12 hours |
| Session cleanup | Daily at 03:00 UTC | Expired login sessions |
| Refresh token cleanup | Daily at 00:00 UTC | Expired or revoked refresh tokens |
| Rate limit cleanup | Daily at 01:00 UTC | Rate limit records older than 24 hours with no active block |
| Typing status | Continuous (automatic expiry) | Typing events expire automatically after 10 seconds |
Account Deletion
You can delete your Usapp account at any time from Settings → Account → Account Actions. Account deletion permanently removes the following:
- Your user account record and all profile data
- Your preferences and settings
- All device sessions and registered device tokens
- All contact relationships (both directions)
- All authentication sessions and refresh tokens
Retention Exceptions
Even after we delete your data from our active systems, limited residual data may persist for a short period: encrypted backup copies are fully overwritten within 90 days, and certain transactional metadata may be retained where required to meet legal, fraud-prevention, or law-enforcement obligations. In addition, messages you previously sent to other users may remain visible on their devices, as we cannot alter data stored on another user’s device.
Individual Message Deletion
When you delete an individual message within the app, it is marked as deleted. The record remains temporarily in our database. Full physical deletion of deleted messages is performed upon a verified erasure request or on a periodic scheduled basis.
9Your Rights & Choices
Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal data. Regardless of location, we provide all Usapp users with the following controls:
Access Your Data
View your profile, contact list, active sessions, and message history within the app at any time.
Correct Your Data
Update your profile (name, bio, avatar, username) at any time from Settings → Account → Username & Display Name.
Delete Your Account
Permanently delete your account from Settings → Account → Account Actions. This triggers a full data cascade (see §8).
Request Full Erasure
Email dpo@youcodetech.com to request erasure of all data including message and notification records (see §8).
Manage Devices & Sessions
View and individually revoke active sessions from Settings → Account → Devices & Sessions.
Contacts Opt-Out
Revoke the Contacts permission in your device system settings at any time to prevent future contact uploads.
Block Users
Block any contact to prevent them from sending you messages. Blocked users cannot see your online status.
Privacy Controls
Adjust who can see your profile, last seen, and other visibility settings from Settings → Account → Privacy Controls.
To exercise your rights to access, rectification, erasure, or data portability that cannot be performed in-app, submit a request from Settings → Privacy in the app, use our online privacy request form, or email dpo@youcodetech.com. We will acknowledge your request within 5 business days and respond in full within 30 days.
10Third-Party Services
Usapp shares your data with the following third-party services for specific operational purposes, and no others.
| Service | Purpose | Data shared |
|---|---|---|
| SMS Provider | OTP code delivery during registration and login | Your phone number and the OTP message body (e.g., “Your Usapp code is: XXXXXX”). No other personal data is transmitted to the SMS provider. |
| Firebase Cloud Messaging (FCM) | Push notification delivery — Android and Web | Your FCM push token and notification payload (title, body). For E2EE messages, the notification body does not include message content. |
| Apple Push Notification service (APNs) | Push notification delivery — iOS | Your APNs push token and notification payload. Same content constraints as FCM above. |
11Children’s Privacy
Usapp is not directed at children under the age of 13 (or the applicable minimum age in your jurisdiction, which may be higher). We do not knowingly collect personal information from anyone under 13 years of age.
During registration, before any account is created, we apply a neutral age gate: you are asked to select your month and year of birth with no value pre-selected and no “I am over 13” shortcut. Your age is then computed entirely on your device — the month and year you select are never transmitted to or stored by us. If the result indicates you are under 13, registration is refused before any account record is created and no profile, message, or contact data is stored.
If you pass the gate, we record a boolean flag (isOfLegalAge) confirming the result. You then review this Privacy Policy in full and must affirmatively accept it before an account is created; we record that acceptance together with its timestamp. The legal-age boolean is the only data point we record related to your age, and it is used solely for compliance purposes. We do not use this information for any other purpose, including marketing or personalization.
If you are a parent or guardian and believe your child has provided personal information to Usapp without your consent, please contact us immediately at dpo@youcodetech.com. Upon verification, we will promptly delete the minor’s account and all associated personal data.
12International Data Transfers
Your personal data is stored and processed on servers operated by Usapp, located in the Philippines. When personal data is transferred from the European Union/EEA, the United Kingdom, or ASEAN member states to our Philippine infrastructure, those transfers are governed by data processing agreements aligned with the ASEAN Model Contractual Clauses (MCCs) and are compatible with the EU Standard Contractual Clauses (SCCs) published by the European Commission.
We maintain a Records of Processing Activities (ROPA) document describing the categories of data we process and the safeguards applied; it is available to data subjects upon a verified Data Subject Access Request. Our hosting infrastructure is being aligned to ISO/IEC 27001 and SOC 2 Type II standards — certification is targeted and this disclosure is provisional pending completion of those independent audits.
If you have questions about how we handle cross-border data transfers, please contact our Data Protection Officer at dpo@youcodetech.com.
13Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will:
- Update the effective date at the top of this page
- Display an in-app notification to active users where technically feasible
- For changes that materially affect your rights, provide at least 14 days’ advance notice before the changes take effect
Your continued use of Usapp after the effective date of a revised policy constitutes your acceptance of the updated terms. If you do not agree, you should delete your account before the effective date.
We encourage you to review this page periodically. The current version is always available at the URL submitted to the app stores.
14Contact Us
If you have questions, concerns, or requests related to this Privacy Policy or the handling of your personal data, please contact us:
Data Protection Officer — YouCode Technologies Corporation
Attn: Atty. Louie Bruan
Unit 505 Cityland Pasong Tamo Tower, Chino Roces Avenue, Brgy. Pio Del Pilar, Makati City, Philippines 1230
Email: dpo@youcodetech.com
Online form: Submit a privacy request
Application: Usapp · Version 1.4 · Effective June 8, 2026
All privacy requests are logged and tracked against legally mandated response timelines. We will acknowledge your request within 5 business days and respond in full within 30 days. For unresolved complaints, you may have the right to lodge a complaint with your national or regional data protection authority.