Peace

LEGAL · PEACE

Privacy Policy

This Privacy Policy explains what information Peace collects, how we use it, and the choices you have. Peace is operated by Robert Dumitru as an independent solo developer. This Policy applies to the Peace app, website, and share previews.

Last updated June 15, 2026

1. Information we collect

We collect information you provide, information generated when you use Peace, and limited technical data needed to run the Service.

  • Account data: email, username, display name, bio, country (optional), language preference, and authentication identifiers.
  • Selfie verification and profile photos (face data): when you verify your account or re-verify, you take a live selfie in the app using the device camera. You cannot use an existing photo from your library for verification. The selfie is uploaded as a JPEG for automated checks. Peace does not use Apple Face ID, ARKit face tracking, or device biometric authentication. Peace does not create, store, or use facial geometry maps, faceprints, biometric templates, or identifiers that can recognize you across apps or services.
  • If verification succeeds, that selfie becomes your profile avatar (visible to other users according to your settings). If verification fails, the selfie is not saved as your profile photo. During verification, temporary numeric scores (for example face presence, liveness, image quality, and obstruction) may be generated to approve or reject the attempt; those scores are not stored on your profile.
  • Verification status: we store whether your account is verified, when verification occurred, and related trust fields tied to posting eligibility.
  • Content: videos you capture, captions, hashtags, replies, likes/reactions, and privacy settings (public, private, direct send).
  • Social graph: follows, blocks, and notification preferences.
  • Device data: push notification tokens, app version, and coarse platform information.
  • Usage analytics: event data such as screens viewed and posting actions in production builds (PostHog for product analytics, and Vercel Analytics on the website).
  • Reliability data: crash and error reports (for example Sentry) with device and app context.
  • Abuse-prevention signals: device model, timezone changes, and posting patterns used to detect suspicious activity and trigger re-verification.
  • Safety data: moderation scores, report reasons, and enforcement history tied to your account or content.

2. How we use information

We use data to provide Peace, keep people safe, and improve the product.

  • Authenticate you and maintain your session.
  • Verify that a real person is creating or using the account and reduce bots, fake accounts, and impersonation.
  • Set and update your profile avatar when selfie verification succeeds, and determine eligibility to post or reply.
  • Show feeds, profiles, replies, notifications, and shared link previews.
  • Run automated safety checks on profile photos and posted content, and investigate reports.
  • Deliver push notifications you opt into.
  • Measure reliability and product usage in aggregate.
  • Comply with law and respond to valid legal requests.

3. What we do not do

Peace is designed to avoid invasive tracking patterns common on ad-driven networks.

  • We do not require GPS location; country is optional and chosen by you.
  • We do not upload your phone contacts to build a contact graph.
  • We do not sell your personal information or face data to data brokers.
  • We do not use a hidden cross-app advertising profile inside Peace.
  • We do not use selfie or face data for advertising, marketing profiling, or biometric identification of users across services.
  • We do not perform facial recognition to match or identify users against each other or against external databases.

4. Sharing and disclosure

We share information only as needed to operate Peace or when legally required.

  • Service providers: hosting and database (Supabase), media storage (Supabase Storage), push (Expo), analytics (PostHog and Vercel Analytics), crash/error monitoring (Sentry when enabled), email (transactional messages), and safety tooling under contractual obligations.
  • Selfie verification processing: when you submit a verification selfie, the image is sent to Google (Gemini API) solely to perform automated verification and profile-photo safety analysis (face presence, liveness, quality, and policy checks). Google processes the image as our service provider for that request; Peace does not use Gemini to build biometric templates, perform cross-user facial recognition, or track users for advertising.
  • Place labels: when you search for a place name, query text is sent to OpenStreetMap Nominatim for suggestions; Peace stores the label you choose, not GPS coordinates.
  • Other users: public profile fields, public moments, and reactions visible according to your settings.
  • Share links: non-private moments may be previewed on the web while available.
  • Legal: we may disclose information to comply with law, protect users, or respond to abuse reports involving imminent harm.

5. Retention

Peace moments are short-lived by design. Profile photos follow the rules below.

  • Approved profile avatar (verification selfie): kept while it remains your active profile photo, until replaced by a newer approved verification selfie or until you delete your account.
  • Previous profile avatars: removed from storage when a new avatar is approved.
  • Rejected verification selfies: not retained as your profile photo.
  • Verification scores from a single attempt: used only for the immediate approve/reject decision and not stored on your profile.
  • Playable moments are intended to expire roughly 24 hours after posting unless the product states otherwise.
  • After playback ends, profile thumbnails may remain visible for up to another 24 hours before permanent removal.
  • Deleted moments and accounts are removed from active systems; backups and security logs may persist for a limited period.
  • Moderation records for severe abuse may be retained longer to prevent re-offending.

6. Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or export personal data, and to object to certain processing.

  • Update profile fields and notification toggles in app settings.
  • Block users and report moments from the app.
  • Delete your account in settings (requires password confirmation for email accounts).
  • For privacy requests, email support@peacesocial.app with subject "Privacy request".

7. Children

Peace is not directed to children under 13 (or the minimum age required in your country). We do not knowingly collect personal information from children. If you believe a child has provided data, contact us so we can delete it.

8. International transfers

Peace may process data in countries where our service providers operate. We take steps to protect data consistent with this Policy when it is transferred internationally.

9. Security

We use industry-standard measures such as encrypted transport, access controls, and row-level security in our database. No method of transmission or storage is 100% secure.

10. Changes

We may update this Policy as Peace grows. We will post the new date at the top and, for material changes, provide reasonable notice in the app or on the website.