Privacy Policy
Last updated: June 10, 2026
Whisper is an ephemeral, widget-first messaging app for two paired people. It is operated by Lula Apps ("Lula Apps", "we", "us"). This policy explains what information the app handles, how it is used, and the choices you have. We built Whisper to keep your conversations private by default — your messages are end-to-end encrypted and disappear after they are viewed.
In short
- Your messages, photos, voice notes, and videos are end-to-end encrypted. We cannot read, see, or hear them.
- Messages are ephemeral — they are deleted after your pair views them, or after one week, whichever comes first.
- We collect only what is needed to run the service. We do not sell your data, show ads, or track you across other apps and websites.
- You can delete your account, and the data associated with it, from inside the app at any time.
1. Information we collect
Account and sign-in
You sign in with either Sign in with Apple or an email one-time code:
- Sign in with Apple — Apple provides us a unique account identifier. If you choose to hide your email, Apple gives us a private relay address instead of your real one. We do not store the name Apple offers during sign-in.
- Email — we collect your email address to send you a six-digit login code and to identify your account.
Authentication is handled by our backend provider, Supabase. Your sign-in session tokens are stored securely on your device.
Profile
- A display name you choose during onboarding.
- An optional profile photo, stored in private storage and not publicly accessible.
Pairing
Whisper connects exactly two people. To set up a pair we store which accounts are paired and the public cryptographic keys used to establish end-to-end encryption. We never receive your private keys.
Messages and media
The text, photos, voice notes, and videos you send are end-to-end encrypted on your device before they reach our servers. We store and relay only the encrypted form and cannot decrypt it. Encrypted messages are kept only long enough to deliver them and are removed after your pair views them, or after one week, whichever comes first.
Notifications
To deliver push notifications, we register a device token with Apple Push Notification service (APNs). Notification delivery is handled by Apple; the message content underlying a notification remains end-to-end encrypted.
Purchases and subscriptions
If you buy a subscription, the purchase is processed by Apple through the App Store, and we use RevenueCat to manage and verify subscription status. We receive your subscription tier and status — we never receive your payment card number or full billing details.
Diagnostics
To find and fix crashes and bugs, we collect technical diagnostic information such as your device model, operating system version, app version, and a trail of recent in-app events (breadcrumbs). These reports are processed using Sentry and do not include your message content.
Anonymous usage analytics
We record a small set of anonymous, content-free product events — for example, that a message was sent and its type (text, photo, voice, video), or that a pairing completed. These events are tied only to a random installation identifier, never to your name, account, pair, or message content, and the identifier is reset when you delete your account. This analytics data is processed on our own servers (Supabase), not shared with a third-party analytics provider.
2. What we do not collect
- We do not read, view, or listen to your message content — it is end-to-end encrypted.
- We do not collect your location.
- We do not use advertising identifiers (IDFA) or track you across other apps and websites.
- We do not sell or rent your personal information to anyone.
3. End-to-end encryption
Whisper protects your conversations with end-to-end encryption, using a key-agreement handshake and a forward-secret message ratchet. The private keys are generated on your device, stored in the iOS Keychain, and never leave your device. Because of this, our servers only ever hold ciphertext — neither we nor anyone who intercepts the data in transit can read your messages or media.
4. How we use information
- To operate Whisper — pair you with another person and deliver your encrypted messages.
- To authenticate you and keep your account secure.
- To send push notifications you have enabled.
- To process and verify subscriptions.
- To diagnose crashes, fix bugs, and improve reliability.
- To prevent abuse, fraud, and misuse of the service.
- To comply with legal obligations.
5. How long we keep it
- Messages and media: deleted after your pair views them, or after one week, whichever comes first.
- Account and profile data: kept while your account is active.
- Diagnostics and analytics: retained only as long as needed to keep the service working well, then aggregated or deleted.
When you delete your account, we delete your profile and the data associated with it from our systems, remove your registered device token, and reset your anonymous analytics identifier.
6. Who we share it with
We do not sell your data. We share information only with the service providers (sub-processors) that we rely on to run Whisper, and only as needed to provide the service:
| Provider | Purpose |
|---|---|
| Apple | Sign in with Apple, push notifications (APNs), App Store purchases. |
| Supabase | Backend hosting, database, authentication, encrypted message and media storage. |
| RevenueCat | Subscription management and purchase verification. |
| Sentry | Crash and error diagnostics (no message content). |
| Cloudflare | Hosting and delivery of our website and pairing links. |
We may also disclose information if required by law, to enforce our terms, or to protect the rights, safety, and security of our users and the service.
7. Security
We protect your data with end-to-end encryption for message content, secure transport (HTTPS with certificate pinning), encrypted storage of media, and single-device session enforcement. No system is perfectly secure, but we work to protect your information using current best practices.
8. Your choices and rights
- Access and update your display name and profile photo in the app.
- Unpair from another person at any time in the app.
- Delete your account and its associated data from Settings inside the app.
- Manage notifications in your device Settings, and manage your subscription in the App Store.
Depending on where you live, you may have additional rights to access, correct, or delete your personal information, or to object to or restrict certain processing. To make a request, contact us at the address below.
9. Children
Whisper is not directed to children, and we do not knowingly collect personal information from children under 13 (or the minimum age required in your country). If you believe a child has provided us information, please contact us and we will delete it.
10. International data transfers
We and our service providers may process and store information in countries other than where you live. Where required, we take steps to ensure your information receives an appropriate level of protection when it is transferred.
11. Changes to this policy
We may update this policy from time to time. When we make material changes, we will revise the "Last updated" date above and, where appropriate, provide notice in the app.
12. Contact us
If you have questions about this policy or your data, contact us at [email protected].