Legal

Privacy Policy

Effective date: [EFFECTIVE DATE]  ·  Provider: [LEGAL ENTITY NAME]  ·  Contact: [SUPPORT EMAIL]

TalkOnce is a private messenger built so that we cannot read your messages, and we do not want your personal data. You don't give us your name, phone number, or email to sign up. Your messages, calls, photos, and files are end-to-end encrypted — sealed on your device and only decryptable on your recipient's. We never hold the keys. This policy explains, honestly, the little that our servers must handle to deliver a message, and the much larger amount we deliberately never collect.

1Information we do not collect

To create and use a TalkOnce account, we do not require or collect:

TalkOnce contains no third-party advertising, no analytics SDKs, and no trackers. We do not sell, rent, or share personal data, because we do not collect it. Our app's privacy declaration to Apple is "Data Not Collected."

2Your messages and calls are end-to-end encrypted

Message text, photos, videos, files, voice messages, and call audio and video are end-to-end encrypted using modern, post-quantum-resistant cryptography. This means:

3What our servers necessarily process

To deliver a message from you to your recipient, our servers handle a limited amount of technical routing information. We are honest that this exists:

We keep this to the minimum required to route messages, and we do not build advertising or behavioral profiles from it.

4Data retention — ephemeral by design

5Push notifications

If you enable notifications, we send a signal through Apple's Push Notification service (APNs) so your device knows a message is waiting. The notification does not contain your message content. Apple's handling of push traffic is governed by Apple's own privacy policy. You can disable push notifications at any time in your device settings, and TalkOnce will still work.

6Calls

Voice and video calls are end-to-end encrypted. To connect a call, encrypted media may be relayed through our own call infrastructure when a direct device-to-device connection isn't possible. The relay cannot decrypt your call — it only forwards encrypted media. We do not record calls and do not retain call content.

7GIF search

If you search for GIFs, your search term is sent through our own server to a third-party GIF provider. The GIF provider sees our server, not you — your device's identity and IP address are never exposed to it. GIF search is optional; if you don't use it, no such request is made.

8Backups

TalkOnce backups are optional and zero-knowledge. If you create a backup, it is encrypted on your device with a passphrase only you know, and the resulting file is placed wherever you choose to save it. We could not read your backup even if compelled — we never receive it and never hold its passphrase. If you lose the passphrase, the backup cannot be recovered, by us or anyone.

9Law enforcement and government requests

Because of how TalkOnce is built, there is very little we could ever produce:

We will respond to valid legal process as required by law, and we aim to publish transparency information about such requests.

10Children

TalkOnce is not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect personal data from them. Because we collect no personal data at signup, we have none to identify.

11Security

We use post-quantum end-to-end encryption, encrypt sensitive data at rest on your device, and design our servers to hold only ciphertext and minimal routing metadata. No system is perfectly secure, but our architecture is built so that a breach of our servers exposes encrypted data and minimal metadata — never your message content.

12Changes to this policy

If we make material changes, we will update the effective date above and, where appropriate, notify you in the app. Continued use after an update means you accept the revised policy.

13Contact

Questions about privacy? Contact us at [SUPPORT EMAIL].

Note for launch — the bracketed fields above must be filled before this page goes live: the effective date, the legal entity that operates TalkOnce, and a monitored support email. If you launch to EU or California users, a short "Your rights" section (GDPR / CCPA) may be required.