privacy — yap@me

we hold a fingerprint for safety. we never hold a name. that's the line, and we draw it loudly.

01 · the short version

this is the part most companies hide. so we put it first.

creators get an account. we know who you are. email, handle, the basics.
senders don't. we never collect a sender's name, phone, or email. we never show one to the creator.
we keep a fingerprint of each sender's device. only for blocking and abuse detection. it expires after 90 days unless a block is active.
ai reads every yap before delivery. for harm classification only. the model never trains on your content.
we will not make up fake yaps. that's the thing the last guys got sued for. we won't.

02 · what we hold about senders

when you send an anonymous yap, here's the entire list of what touches our servers:

your yap text (and any voice note or image)
a hashed, salted fingerprint of your browser and ip address
the creator handle you sent it to
a timestamp

your fingerprint is a one-way hash. we can't reverse it. we can only check “is this the same sender as before” and “has this fingerprint been blocked.”

we never share your fingerprint with creators or anyone outside our trust & safety team. ever.

03 · creators

signing up creates an account with these fields:

email, display name, handle
auth provider (google, apple, or password hash)
linked social handles, if you connect them (instagram, tiktok)
everything you choose to create: prompts, drops, replies, themes

your data is yours

settings → privacy → download my data ships a complete zip of every yap, drop, reply, and analytic point ever attached to your account, within 48 hours.

delete your account: same path. 30 days to undo. after that, hard-deleted from primary stores. log backups expire within 90 days.

04 · ai and moderation

every yap is classified by our moderation model before delivery. five buckets: safe, spicy, sensitive, harmful, illegal.

safe and spicy land in your inbox. sensitive (self-harm references) arrive with a care message prepended. harmful is held for human review. illegal is rejected and may be referred to law enforcement.

we send the moderation provider the yap text and our system prompt. nothing else. your model interaction is never used for training — our enterprise terms forbid that and we hold the vendor to it.

we'll publish a quarterly transparency report: total yaps classified, breakdown by category, false-positive rate, and how many were escalated.

05 · who we share with

only these vendors. each has a strict data processing agreement:

supabase — primary database. eu-west-2.
openai — ai moderation only.
vercel — hosting and edge functions.
cloudflare — cdn and bot protection (turnstile).
resend — transactional email only.
posthog — internal analytics. no creator content.

we don't sell data. we don't run ad networks. we don't share with data brokers. ever.

06 · your rights

under gdpr, ccpa, and the uk online safety act, you have the right to:

know what we hold (settings → privacy → what we keep)
download it (settings → privacy → download my data)
delete it (settings → privacy → delete account)
object to processing for non-essential purposes
complain to a regulator (info@ico.org.uk, or your local equivalent)

07 · talk to us

privacy questions: privacy@yapat.me

data requests: dpo@yapat.me (replies within 30 days, gdpr standard)

law enforcement subpoenas: legal@yapat.me — we comply with valid orders. we resist overbroad ones. we publish counts in our transparency report.

privacy.