Privacy Policy
Controller
Wassim Boubaker
Strassburger Str. 39b
13581 Berlin
Germany
Email: [email protected]
What this policy covers
This policy covers the Talk Later website and the Talk Later mobile app. The app is designed for adults who want a calmer way to capture relationship tension, cool down, and return to conversations later.
Data we process
| Category | Examples | Purpose |
|---|---|---|
| Account data | Email address, name, user ID, profile settings, sign-in provider identifiers. | Create accounts, authenticate users, secure access, provide support. |
| Couple and relationship data | Partner link status, couple ID, relationship preferences, shared settings. | Enable partner linking and shared couple features. |
| User content | Private and shared notes, tension cards, feelings, needs, context tags, diary entries, calendar events, reminders, partner comments. | Provide the core app features, syncing, review queues, and reminders. |
| Notification data | Push notification token, notification preferences, scheduled notification records. | Send reminders and app notifications if enabled. |
| Subscription data | RevenueCat customer ID, entitlement status, purchase and restore status, product identifiers. | Provide paid features and restore purchases. |
| Diagnostics | Crash reports, device information, operating-system information, and app version. | Fix errors and improve reliability. Product analytics collection is disabled for v1. |
| Website technical data | IP address, request metadata, security logs, browser information, cookie preference storage. | Serve and protect the website, remember privacy choices, maintain security. |
Legal bases
- Contract performance, when processing is needed to provide the app and account features.
- Legitimate interests, including security, fraud prevention, product improvement, and error diagnostics.
- Consent, where required for optional permissions such as push notifications or future non-essential tracking.
- Legal obligations, where we must retain or disclose information to comply with law.
Private and shared content
Some app content is private by default. Content marked as shared, or brought into a shared couple space, may be visible to your linked partner. You are responsible for choosing what to share.
Processors and third-party services
- Firebase / Google Cloud: authentication, database, functions, storage, push messaging, and crash reporting.
- RevenueCat: subscription and entitlement management.
- Apple: App Store payments, Apple Sign-In, and iOS platform services.
- Google: Google Sign-In, Firebase services, and Google Fonts on the website.
Analytics
Firebase Analytics is included in the app dependency tree, but analytics collection is disabled for v1 builds. We may enable privacy-scoped product analytics in a later release only after updating this policy and App Store privacy declarations.
Security
Data is encrypted in transit using HTTPS/TLS and encrypted at rest by Firebase/Google Cloud infrastructure. Talk Later does not currently provide end-to-end encryption where only user devices hold the keys.
Website cookies and similar technologies
The website currently uses localStorage to remember your cookie/privacy banner choice. It does not run advertising cookies. See the Cookie Notice.
Retention
We keep account and app content while your account is active or as long as needed to provide the service. If you delete your account, we aim to delete or anonymize associated account data within 30 days unless retention is required by law or necessary for security, billing, or dispute records. See how to delete your account.
Your rights
Subject to GDPR requirements and limits, you may request access, correction, deletion, restriction, portability, or objection to processing. You may also withdraw consent where processing is based on consent. Contact [email protected].
Complaint rights
You may lodge a complaint with a competent data protection supervisory authority in Germany or another EU member state.
Children
Talk Later is intended for adults and is not directed to children under 18.
International transfers
Some providers may process data outside the European Economic Area. Where required, transfers rely on appropriate safeguards such as adequacy decisions, standard contractual clauses, or provider certification frameworks.
Contact
For privacy questions or data-rights requests, email [email protected].