Legal

Privacy Policy

Last updated: 2026-06-14

Viper is designed with privacy as the default. This explains what we collect, what we do with it, and what control you have.

1. What we collect

We collect only what's needed for the product to work:

  • Account: email, username, the name you set, avatar and cover (if you upload them), bio.
  • Messages: chat messages (ephemeral, close after 1h of inactivity), channel messages (persistent until the channel or your account is deleted), voice messages.
  • Presence and activities: the game you chose to be playing, online/offline status.
  • Technical metrics and analytics: errors and crashes (via Sentry, optional), product analytics (via PostHog — see § Analytics and telemetry), aggregated load times.
  • Device identifiers: Expo push token (for notifications), session cookie.

2. What we do NOT collect

  • Your contact book.
  • GPS location.
  • SMS or call reading.
  • Facebook Pixel, TikTok pixel, Mixpanel, or similar — we do NOT use those vendors specifically. We use PostHog for product analytics (see § Analytics and telemetry).
  • Session recordings with scroll, click, or input recording (PostHog autocapture and session recordings are disabled).

3. How we use it

  • To deliver the service (show your messages to your friends).
  • To improve the product (errors, performance, product analytics).
  • To communicate with you about your account or material changes.
  • To comply with legal obligations if required.

We never sell your data. We don't share it with advertisers. We don't run targeted marketing campaigns on your data.

4. Who has access

Sub-processors we use (with DPAs in place):

  • Supabase — DB and auth hosting (Postgres + Auth).
  • Vercel — frontend hosting.
  • Cloudflare — DNS and proxy/CDN.
  • Twilio — SMS (when the flow is active, optional).
  • Sentry — error tracking (optional, opt-in).
  • Expo / EAS — push notifications.
  • PostHog Inc. (US) — product analytics. Receives events via our reverse-proxy `/ingest`. DPA signed; it does not process PII beyond the Supabase UUID, which on the PostHog side stays anonymized with respect to your real identity.

These vendors may store data in the U.S. or the EU. We have contractual safeguards (Standard Contractual Clauses) for international transfers where applicable.

4.1 Data from OAuth providers (Discord, Google, Steam, etc.)

If you link an external account (Discord, Google, Steam, Twitch, Faceit, YouTube, Kick), the provider shares a subset of your profile with us. Here's what gets persisted in our database, what is used but not persisted, and what is NEVER published anywhere in Viper:

  • Login with Discord / Google (Supabase Auth): we persist email + name + provider avatar URL to create your account. We do NOT access your contacts, servers, or messages from the provider.
  • Linked accounts (Discord, Steam, Twitch, Faceit, YouTube, Kick): we persist your provider user id + public provider handle + encrypted access/refresh tokens (Fernet, with a key kept in a separate server secret). Tokens are used only to fetch data from the provider that you chose to share (games, stats); they're never published or exposed to the client. You can unlink anytime from Settings → Linked accounts; doing so deletes the encrypted tokens and the record immediately.
  • What is NEVER published: your provider email, your tokens, the specific scopes granted, or the raw list of games or connections. What we may show publicly on your profile are derived fields that you choose to pin (favorite games, declared ranks).
  • Steam uses OpenID 2.0 — it doesn't return tokens, only your SteamID. To fetch additional data we use a server-side API key of our own (not shared with you).

If we rotate OAuth credentials with a provider (for security or renewal), your link stays active — you don't need to re-link unless we explicitly revoke it.

5. Analytics and telemetry

We use PostHog to understand which features get used and where flow breaks:

  • Events travel via vipersquad.app/ingest (reverse-proxy to PostHog Cloud EU). This means a browser adblocker does NOT block these events. It's technically legitimate, but we want you to know. If you want a full opt-out, write to support@vipersquad.app and we'll disable your tracking on the backend.
  • Identifier (distinct_id): your Supabase UUID. There's NO correlation with email or phone inside PostHog.
  • Session recordings: disabled. Autocapture (clicks, inputs, scrolls): disabled. We only capture explicit events the client fires.
  • Super property: platform (web or android) attached to every event, to separate metrics per client.

6. How long we keep it

  • Ephemeral chat messages: purged from cache (Redis) after the room closes on 1 hour of inactivity; archived in our DB. Completely deleted when you delete your account.
  • Channel messages: until you or the channel owner deletes them.
  • Account: while active. 30-day grace period after deletion, then hard delete.
  • Technical logs: 90 days.
  • Analytics events (PostHog): PostHog Cloud default retention; events tied to the Supabase UUID are disassociated when the account is deleted.

7. Your rights

You have the right to:

  • Access a copy of your data.
  • Correct incorrect data.
  • Delete your account and all your data.
  • Portability — export your data as JSON.
  • Opt out of analytics (see § Analytics and telemetry).

To exercise any right, write to us at privacy@vipersquad.app or use the in-app flow (Settings → Account).

8. Minors

Viper requires a minimum age of 13 (or the legal minimum in your jurisdiction). We do not knowingly collect data from minors. If you discover that a minor is using Viper without parental consent, write to us.

9. Cookies

See cookies policy. We only use cookies necessary for auth and UI preferences; PostHog primarily uses localStorage (see § Analytics and telemetry).

10. Changes

If we change this policy materially, we'll notify you by email or in-app 30 days in advance.

11. Contact

DPO / privacy contact: privacy@vipersquad.app.