Privacy Policy

Tribes.app ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our social networking platform.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Identity data: Your name, email address, and profile avatar.
• Authentication data: Passkey (WebAuthn) credentials. We never store passwords — authentication is handled via industry-standard FIDO2/WebAuthn protocols.
• OAuth data: If you sign in via Google or Apple, we receive your name, email, and profile picture from your account. Apple may choose to hide your email via their Private Email Relay service.

1.2 Content You Create

We store content you voluntarily provide:

• Posts, comments, and reactions ("vibes")
• Images and files you upload
• Profile information including bio, aliases, and personal wall blocks
• Event RSVPs and event stream posts
• Bond connections and tribe memberships

1.3 AI & Machine Learning

Tribes.app does not use AI or machine learning to process, analyze, or train on your content. Your posts, messages, journal entries, and private communications are never sent to any AI system — internal or third-party.

1.4 NFC & Proximity Bonding

When you use Tap-to-Bond (NFC) or nearby discovery (Bluetooth/Bonjour), the following data is exchanged directly between devices:

• A temporary cryptographic challenge and your user ID (not your name or email) are transmitted via NFC.
• Bluetooth/Bonjour discovery broadcasts a randomized local service identifier — your personal information is not broadcast.
• Proximity bonding data is used solely to establish a verified bond between two users. It is not stored on our servers beyond the resulting bond record.

1.5 Biometric Authentication

Tribes.app uses passkeys (WebAuthn/FIDO2) for authentication. Key privacy facts:

• Biometric data never leaves your device. Face ID, Touch ID, or other biometric verification happens entirely on your hardware.
• Our servers only receive and store a public key and credential ID — never your biometric template, fingerprint, or face data.
• You can register multiple passkeys and revoke them individually in Settings.

1.6 End-to-End Encryption (E2E)

Private tribe content, journal posts, and bond messages are end-to-end encrypted:

• Encryption keys are generated on your device and stored in your browser's IndexedDB.
• Our servers store only the ciphertext — we cannot read your encrypted content.
• When you join a private tribe, the tribe founder's device encrypts and delivers the group key to your device via a key-exchange protocol (RSA-OAEP + AES-GCM).
• If you clear your browser data, you will need to re-sync keys from another authorized device or the tribe founder.

1.7 Content Safety Scanning & NCII Blocklisting

To comply with child safety obligations and Take It Down Act (NCII) platform mandates, we perform safety checks on public (non-encrypted) uploads only:

• Child Sexual Abuse Material (CSAM): Uploaded images are hashed using the open-source PDQ algorithm and compared against known CSAM hash lists provided by NCMEC. If a match is detected, the content is blocked and a report is filed with NCMEC as required by federal law (18 U.S.C. § 2258A).
• Non-Consensual Intimate Imagery (NCII) Blocklist: When intimate images or videos are removed via our NCII Reporting Portal, they are processed using standard 256-bit perceptual hashing (PDQ WASM). The original images are permanently deleted. Only the non-reversible, anonymous visual hashes are retained in our database to automatically scan and block subsequent re-upload attempts across all public sections of the platform.
• No scanning of encrypted content: End-to-end encrypted files, private tribe posts, and direct messages are never scanned, as we cannot access the plaintext.

1.8 Automatically Collected Data

• Session data: Session identifiers and user-agent strings for security and session management.
• Cookies: See our Cookie Policy for details.

2. How We Use Your Information

• Provide the service: Display your content to other users, manage tribe memberships and bonds, facilitate events.
• Authentication & security: Verify your identity via passkeys, manage sessions, enforce platform safety.
• Billing: Process subscriptions and payments via Stripe (web) or Apple In-App Purchase (iOS). We do not store your payment card details.
• Communication: Send transactional emails (event reminders, verification, NCII intake confirmations and resolution updates), and commercial emails (only with your consent).
• Moderation: Review reported content and enforce community guidelines.

3. Third-Party Sharing

We share data with third parties only as necessary:

We do not sell your personal data to third parties.

4. Data Retention & NCII Intakes

We retain your personal data for as long as your account is active. When you delete your account, we permanently remove your personal information and either delete or anonymize your content.

NCII Reports Retention: In accordance with the Take It Down Act compliance requirements:

• Intake Records: Submitted NCII reports (containing requester details, digital signatures, and descriptions of infringement) are stored securely under AES-256 encryption. These administrative records are retained for up to 3 years solely for statutory audits, compliance validation, and regulatory verification before being permanently purged.
• Imagery Retention: We do not store the reported intimate images or videos. Once verified, the source media is immediately and permanently deleted from our servers, and only the anonymous, non-reversible perceptual hashes are stored in the blocklist database.

5. No AI Data Processing

Tribes.app does not use artificial intelligence, machine learning, or large language models to process your data. Specifically:

• We do not send your posts, messages, or any content to AI systems
• We do not use AI to analyze, profile, or categorize your behavior
• We do not train AI models on your data
• We do not share your data with OpenAI, Google, Anthropic, or any other AI provider
• Your encrypted content (journal entries, private tribe posts, bond messages) cannot be read by us or any automated system

6. Your Rights

GDPR (EU/EEA Residents)

You have the right to:

• Access your personal data
• Rectify inaccurate data (via Settings → Identity & Profile)
• Erase your data (via Settings → Delete Account)
• Object to processing
• Data portability — request a copy of your data
• Withdraw consent at any time

CCPA / CPRA (California Residents)

You have the right to:

• Know what personal information is collected
• Request deletion of your personal information
• Opt out of the sale of personal information (we do not sell your data)
• Non-discrimination for exercising your privacy rights

7. Children's Privacy

Tribes.app is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us and we will delete it promptly.

8. Security

We implement industry-standard security measures including:

• Passwordless authentication via WebAuthn/FIDO2
• End-to-end encryption (AES-256-GCM) for private content
• CSRF protection on all state-changing operations
• Session management with server-side revocation
• Rate limiting on authentication endpoints
• Age verification at signup (13+ minimum)
• Encrypted vault backups for end-to-end encryption keys

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on the platform. Your continued use after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related questions or to exercise your rights, contact us at:

Email: privacy@tribes.app
Address: Tribes.app c/o Clear Mirror LLC, P.O. Box 441, Marysville, WA 98270