Privacy Policy

Last updated: 22 April 2026 · © 2026 WhenIt App Ltd.

Introduction

WhenIt App Ltd ("WhenIt", "we", "us", "our") operates the WhenIt mobile application. We take the privacy of our users extremely seriously. WhenIt is built around some of the most personal moments in human life — messages sealed for loved ones, memories pinned to places, words left for the future. This Privacy Policy explains what data we collect, how we use it, and the choices you have.

By using WhenIt you agree to this Privacy Policy.

1. Data We Collect and Why

1.1 Account Data
Your display name, @username, email address or phone number, and password (stored as a secure hash). Used to create and manage your account and allow users to find you by @username.

1.2 Message Content
Voice note recordings, written notes and letters, photos, videos, and text overlays. Stored securely until the trigger moment arrives. WhenIt staff never access your message content.

1.3 Location Data
GPS coordinates when you use location-based features — solely to enable location delivery and show nearby Echoes. Your location is never tracked continuously or sold to advertisers.

1.4 Contacts Data
If granted, phone contacts are compared using one-way hashing on your device. Raw numbers are never uploaded to our servers.

1.5 Camera and Microphone
Used solely to create message content. Only active during recording in the compose screen.

1.6 Trusted Contact Data
The @username of your designated trusted contact for specific triggers. They cannot see your message content.

1.7 Device and Usage Data
Device type, OS version, app version, crash reports, and general usage patterns. No personally identifiable information included.

1.8 Payment Data
We do not store payment details. All payments are processed by Apple App Store or Google Play Store.

2. How We Store Your Data

All data is encrypted in transit (TLS 1.2+) and at rest. Passwords are hashed using bcrypt. Data is stored on secure servers in the European Economic Area or United Kingdom.

3. How We Share Your Data

We do not sell your personal data. We do not share data with advertisers.

We share data only in these limited circumstances: with recipients you explicitly choose, with your trusted contact (name and @username only), with trusted service providers (cloud storage, push notifications, crash reporting, Google Maps, Anthropic AI for the letter writer), or when required by law.

AI Letter Generation: When you use "Write with AI", your text prompt is sent to Anthropic's Claude API. Only the text prompt you write is sent — no personally identifiable information. Governed by Anthropic's privacy policy at anthropic.com/privacy.

4. Public Echoes

Public Echoes and their GPS location are visible to all WhenIt users. You choose whether to post anonymously or with your @username. Anonymous Echoes are still associated with your account internally for moderation. You can delete any Echo you posted at any time.

5. Sensitive Data

Legacy messages ("When I am no longer here") are retained until your trusted contact confirms and the delivery countdown completes. WhenIt staff will never access this content. Deleting your account permanently deletes all sealed messages.

6. Your Rights (UK GDPR)

Contact: privacy@getwhenit.com

7. Children's Privacy

WhenIt is not intended for users under 13. We do not knowingly collect data from children under 13. Contact privacy@getwhenit.com if you believe a child has created an account.

8. Third-Party Services

9. Changes to This Policy

We will notify you of material changes via push notification and in-app prompt. Continued use constitutes acceptance.

10. Contact Us

Privacy enquiries: privacy@getwhenit.com
General enquiries: hello@getwhenit.com
Press & media: info@getwhenit.com

You have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk or 0303 123 1113.

WhenIt App Ltd · getwhenit.com · © 2026 All rights reserved.