Privacy Policy

We collect the data needed to operate private couple accounts and sync daily memories:

• Account identifiers such as user ID, Sign in with Apple identifier, email address, email verification status, and name if provided.
• Authentication and device data such as session records, installation ID, platform, app version, session expiry, and session revocation status.
• Couple and invite data such as couple ID, display name, membership status, invite status, and invite timestamps.
• Daily entry data such as local date, entry type, mood, media object ID, voice duration, and created, updated, or deleted timestamps.
• Media files and media metadata, including photos or voice recordings you choose to upload, content type, byte size, duration, upload status, and storage object metadata.
• Operational data such as route, IP address, and session fingerprint inputs used for rate limiting, security, abuse prevention, debugging, and service reliability.

• To create and secure your account.
• To connect you with your active couple partner.
• To sync daily entries and media across your devices and your couple space.
• To provide export, deletion, logout, and support workflows.
• To prevent abuse, investigate reliability issues, and keep the service available.

Couple One Second is not a public social network. We do not sell personal data.

The iOS app stores local records, selected media, widget snapshots, preferences, and the app session token on your device. The session token is stored in the iOS Keychain.

Server-side account, couple, session, invite, entry, and media metadata are stored with Cloudflare D1. Uploaded photo and voice media are stored with Cloudflare R2.

Camera access lets you capture a photo entry. Microphone access lets you record a voice entry. The photo picker is used only for images you choose. Couple One Second does not request location or contacts access in the current app.

Apple processes Sign in with Apple credentials when you use Apple sign-in. Cloudflare processes hosting, database, media storage, email delivery infrastructure, rate limiting, and operational logs needed to run the service. Email providers process sign-in and support email delivery when those features are used.

The current app source does not include third-party advertising SDKs or third-party analytics SDKs such as Firebase, Sentry, PostHog, Mixpanel, or ad networks.

In the app, open Profile, then Privacy & Data to access Privacy Policy, Support, Export Data, and Delete Account controls.

Export currently returns account metadata, device and session records, couple memberships, entry metadata, media metadata, and sync cursor summaries. It does not include raw photo or voice files.

Delete Account revokes active sessions, clears the active couple preference, deletes your owned raw photo and voice files from Cloudflare R2, marks your owned entries and media metadata as deleted, and removes or anonymizes account identifiers such as email, Apple sign-in identifier, name, and device installation details. Some operational logs and backups may remain temporarily while we maintain service integrity, investigate abuse, or process support requests.

For privacy requests, full media export questions, or deletion issues, contact support@coupleonesecond.app.

We will update this page when app data practices change. App Store privacy details should match this policy and the app's actual behavior.