Download
HomePrivacy

Privacy Policy.

Effective May 1, 2026Plain-English summary at the top of every section.

Privacy Policy

Draft status. This document is a founder-authored draft reflecting the data handling that is actually implemented in the Closer app as of April 2026. It is not yet legal advice and must be reviewed by counsel (or a reputable template tool such as Termly) before publication. All bracketed items like [LEGAL-ENTITY-NAME] must be filled in before shipping.

1. Who we are

Closer ("Closer," "we," "us," or "our") is a mobile application for couples to build daily communication habits through shared questions, quizzes, and games.

The data controller is [LEGAL-ENTITY-NAME], a [JURISDICTION] entity. You can reach us at support@closerapp.us.

2. What this policy covers

This policy explains what information Closer collects about you, how we use it, who we share it with, and your rights. It applies to the Closer mobile application, our website at [WEBSITE-URL], and any supporting services we operate.

3. Information we collect

We limit what we collect to what the product needs. The categories below reflect our current implementation.

3.1 Account information

  • Authentication identifier — one of: Apple Sign-In subject identifier, Google account identifier, or email magic-link address. We use this to recognize you on return visits.
  • First name — as you provide it during onboarding, used for display to you and to your partner.
  • Email address — captured from your authentication provider where available. Used for account recovery and service communications.
  • Timezone — used to schedule notifications at appropriate local times.

3.2 Couple and relationship information

  • Partner invite codes — generated by us and delivered to you; deleted after use or expiry (48 hours).
  • Relationship context you tell us — e.g., relationship stage, duration, living situation, kids, attribution source. You can change or leave these blank during onboarding.
  • Your display name within the couple — how your partner sees you inside the app.

3.3 Activity content (the core of the service)

  • Responses to daily questions, weekly quizzes, and games — stored so they can be revealed to your partner once both of you have answered.
  • Discussion messages — threaded messages you and your partner exchange about an activity.
  • Streak state — counts, last-completed dates, and derived state used to compute milestones.

3.4 Technical data

  • Device push notification identifier — via OneSignal, so we can deliver notifications you've opted into.
  • Session tokens — random strings we issue on login, scoped to your device, with a 90-day expiry.
  • Error diagnostics — if Sentry is configured for your build, stack traces and non-personal context are captured when the app crashes. Personal identifiers are not intentionally included in crash reports.
  • Product analytics events — if PostHog is configured for your build, we log events such as "question answered," "paired with partner," "streak milestone reached," along with an anonymous device identifier, a user identifier, and a couple identifier. Event properties do not include your answer content.

3.5 Information we do not collect

  • We do not collect precise geolocation.
  • We do not collect contacts, calendar, microphone, or camera data.
  • We do not process health, financial, or biometric data.
  • We do not sell your personal information.

4. How we use your information

  • Operate the service — pair you with your partner, assign daily activities, deliver answers/reveals/discussions, compute streaks.
  • Send notifications you opt into (daily reminder, partner-answered, reveal-ready, streak milestones, quiz available, re-engagement). Each category can be turned off in Settings.
  • Improve reliability — diagnose crashes and performance issues via Sentry.
  • Understand usage in aggregate — measure retention, activation, and feature engagement via PostHog.
  • Communicate with you — respond to support requests or send service-related notices.
  • Comply with law — respond to lawful requests and enforce our Terms.

We do not use your responses, discussions, or partner data to train third-party AI models.

Where EU or UK data protection law applies, we process your data under:

  • Performance of a contract — to provide the app you signed up for.
  • Legitimate interests — to keep the service secure, diagnose crashes, and understand aggregated usage patterns.
  • Consent — for push notifications and optional analytics, which you can revoke in Settings at any time.
  • Legal obligation — when we must retain or disclose data by law.

6. Who we share data with

We share the minimum necessary with:

  • Your partner — once you both answer a given daily question, quiz, or game, each partner can see the other's response and participate in the discussion. This is the core product function.
  • Apple / Google — as needed for authentication.
  • OneSignal — to deliver push notifications to your device.
  • PostHog — to process analytics events.
  • Sentry — to receive crash diagnostics.
  • Our infrastructure providers[CLOUD-PROVIDER] for hosting, [MANAGED-POSTGRES] for our database, in the regions where we operate.
  • Professional advisers, regulators, or law enforcement — when required by applicable law.

We do not sell personal information, and we do not allow third parties to use your data for their own marketing.

7. International transfers

Your data may be transferred to and stored in the United States and other countries where our service providers operate. When your personal data leaves your home jurisdiction, we rely on standard contractual clauses or equivalent safeguards where required.

8. Data retention

  • Account data — retained while your account is active.
  • Activity responses, discussions, streaks — retained while your account is active, plus [NN] days after deletion, before permanent purge.
  • Session tokens — expire 90 days after creation and are deleted during normal rotation.
  • Invite codes — expire 48 hours after creation.
  • Crash diagnostics — retained by Sentry per their retention schedule (typically 30 days for free tier).
  • Analytics events — retained by PostHog per our configured retention window.

When you delete your account (see §10), we immediately mark the account as deleted, revoke all your sessions, and clear direct personal identifiers. Residual data is purged on our scheduled retention cadence.

9. Security

  • Transport: TLS 1.2+ for all network communication.
  • At rest: database encryption provided by our managed Postgres host.
  • Access control: credentials are stored in a secret manager; only authorized services can read them.
  • Sessions: fixed-TTL tokens (90 days) that can be revoked server-side.

No system is perfectly secure. If you suspect a vulnerability, email security@closerapp.us.

10. Your choices and rights

  • Access / correction — most of your data is visible and editable in Settings. Email us if you need anything more.
  • Deletion — you can delete your account at any time from Settings → Delete account. This revokes your sessions everywhere and starts the retention clock.
  • Notification preferences — toggle per-category push notifications in Settings → Notifications.
  • Analytics / crash reporting — coming soon: a settings toggle to opt out of PostHog analytics and Sentry crash reporting independently of push notifications.
  • EEA/UK/CA residents — you also have rights of portability and, where applicable, the right to object or restrict processing. Email privacy@closerapp.us to exercise these rights. We respond within 30 days.
  • Do Not Track — we do not respond to DNT browser signals, because Closer is a mobile app.

11. Children's privacy

Closer is designed for users 13 and older. We do not knowingly collect data from children under 13. If you believe a child has signed up, email us and we will delete the account.

12. Changes to this policy

If we make material changes, we will notify you in-app and update the "effective date" above. Continued use after the effective date means you accept the new terms.

13. Contact

App Store privacy label mapping (for submission)

These map what this policy describes to App Store Connect's "App Privacy" disclosures:

App Store categoryLinked to identity?Used for tracking?Closer usage
Contact Info — Name, EmailYesNoAccount
User Content — Other User Content (answers, messages)YesNoApp functionality
Identifiers — User IDYesNoProduct analytics
Usage Data — Product InteractionYesNoAnalytics
Diagnostics — Crash Data, Performance DataNoNoApp functionality

Tracking: None. We do not link Closer data with third-party data for cross-app tracking.