Privacy Policy

Effective March 20, 2026

ProofSelf is based in Copenhagen, Denmark. This policy explains what data we collect, why we collect it, how we use it, and your rights.

1. Who We Are

Jorge Pintos Quisama ("we", "us", "our") is the data controller for ProofSelf. Our servers are hosted on Google Firebase in the Europe (eur3) region. If you have questions about this policy, contact us at privacy@proofself.com.

2. Age Requirement

ProofSelf is for users aged 18 and older. We do not knowingly collect data from anyone under 18. If we learn that a user is under 18, we will delete their account and all associated data.

3. Data We Collect

Account data. When you sign up we collect your email address, display name, username, and authentication method (Apple, Google, or email). We also store your chosen identity path and language preference.

Video content. When you submit a proof, we store the video you capture. We process your video to add the ProofSelf overlay. Raw uploads are deleted after processing. Free users have a 7 day rolling retention window. After 7 days, free proofs are permanently deleted. Pro users have permanent storage.

Usage data. We record your daily streak, continuity streak, active habits, and proof submission history.

Device information. We collect app version, platform, and device model for debugging when you submit feedback. We do not store permanent device identifiers. We use ephemeral session tokens only.

Analytics (optional). If you consent, we collect anonymous usage events via Firebase Analytics (screen views, feature usage, session duration). Firebase Analytics uses an anonymized installation ID that resets on app reinstall. You can opt out at any time in Settings.

Social link (optional). You may add one social media link to your profile. You control its visibility: everyone, members of Your 5 only, or hidden.

Feedback. If you submit feedback, we store your message (max 500 characters), your email (optional), and device info for debugging.

4. How We Use Your Data

We use your data to provide and improve the ProofSelf service:

• Authenticate your account and manage your subscription
• Process and store your proof videos
• Calculate and display your streaks
• Enable Your 5 membership and accountability features
• Respond to feedback and support requests
• If you consent, analyze anonymous usage patterns to improve the app

We do not sell your data. We do not use your data for advertising. We do not use your videos for training AI models.

5. Lawful Basis (GDPR)

We process your data based on: (a) your consent (analytics, social link), (b) performance of our contract with you (account, video processing, streaks, Your 5), and (c) our legitimate interest in preventing abuse and improving the service.

6. Data Sharing

We share data with the following service providers, solely to operate ProofSelf:

• Google Firebase (authentication, database, storage, analytics, hosting) in the EU region (eur3)
• RevenueCat (subscription management)
• Apple (App Store, Sign in with Apple, payment processing)

We do not share your data with any other third parties.

Social links. When you or another user taps a social link, you leave ProofSelf and are subject to the privacy policy of that platform. We are not responsible for the privacy practices of third party platforms.

7. Data Retention

• Free proofs: Automatically deleted after 7 rolling days
• Pro proofs: Stored permanently while your subscription is active
• Account data: Retained until you delete your account
• Feedback: Retained until you delete your account

8. Account Deletion

You can delete your account at any time from Settings. When you request deletion, we delete all your data within 30 days, including your user profile, all proof videos (Firestore records and Storage files), all feedback, and all analytics associations. Authentication credentials are deleted last. This action is permanent and cannot be undone.

9. Your Rights

Under GDPR (EU), CCPA (California), and other applicable laws, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data (see Section 8)
• Request a copy of your data in a portable format
• Withdraw consent for analytics at any time
• Object to processing based on legitimate interest
• Lodge a complaint with your local data protection authority

To exercise any of these rights, contact privacy@proofself.com.

10. Cross Border Data Transfers

ProofSelf is operated from Copenhagen, Denmark. Our Firebase infrastructure is in the EU (eur3 region). Your data is stored and processed within the European Economic Area. If you access ProofSelf from outside the EU, your data is transferred to and processed in the EU.

11. Security

We use Firebase security rules to restrict data access. Video uploads are limited to 150MB and .mp4 format only. Client applications cannot access processed video storage directly. We use Firebase App Check to prevent automated abuse. We implement rate limiting on proof uploads, login attempts, and data exports.

12. Cookies

The ProofSelf mobile app does not use cookies. Our website (proofself.com) uses only essential cookies required for hosting.

13. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes through the app or by email. Continued use of ProofSelf after changes constitutes acceptance.

14. Contact

ProofSelf
Copenhagen, Denmark
privacy@proofself.com