Wist wist

Privacy Policy

Effective date: June 18, 2026  ·  wistapps.com

Wist is built on the principle that your data is yours. We collect the minimum needed to run the service, we don't sell it, and you can delete everything at any time from within the app.

1. Who We Are

Wist ("we", "us", "our") is a mobile application available on iOS and Android. You can reach us at wist@wistapps.com. This policy explains what personal information we collect, how we use it, and your rights regarding it.

2. Who This Policy Applies To

Wist is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, please contact us at wist@wistapps.com and we will delete the account and associated data promptly.

3. Information We Collect

Account information

  • Email address — used to create and authenticate your account. Never displayed publicly.
  • Username — chosen by you, displayed publicly on all your posts and comments.
  • Display name — optional, shown on your profile instead of your username if set.
  • Bio — optional, short text shown on your public profile.
  • Avatar image — optional photo you upload; stored and displayed publicly.
  • Password — stored as a secure hash; we never see or store your plaintext password.

Content you create

  • Posts, titles, body text, and images you submit
  • Comments and replies
  • Votes (upvotes and downvotes) you cast on posts and comments
  • Boards you join or create
  • Posts and comments you save
  • Users you block
  • Pins you purchase and award to other users' content

Usage information

  • Board visit frequency (stored locally on your device via AsyncStorage; not sent to our servers)
  • App platform (iOS or Android) — collected by our backend infrastructure when you make requests

We do not use analytics SDKs, advertising trackers, or third-party data brokers. We do not collect your location, contacts, or device identifiers beyond what is inherent to operating a backend API.

4. How We Use Your Information

  • Provide the service — display your profile, posts, and comments; process votes; manage board membership
  • Authentication — verify your identity when you sign in
  • Notifications — send in-app and push notifications about replies, mentions, and activity on your content (you can disable these in device settings)
  • Moderation — review reported content; enforce our community guidelines
  • Virtual currency — record pin purchases and awards; maintain your pin balance
  • Improve the service — understand which features are used so we can improve them (using aggregate, non-identifying information only)

5. Third Parties We Share Data With

We share your data only with the following processors, solely to operate the service:

Supabase

Our database, authentication, and file storage provider. All user data — account information, posts, comments, votes, and uploaded images — is stored on Supabase servers located in the United States. Supabase acts as a data processor under our instructions and does not use your data for its own purposes. See supabase.com/privacy.

Apple / Google

In-app purchases (pins) are processed by Apple (App Store) or Google (Google Play). We receive confirmation that a purchase was made, but your payment details are handled entirely by Apple or Google and are never seen by us. Push notifications are routed through Apple Push Notification Service (APNs) or Firebase Cloud Messaging (FCM).

We do not sell, rent, or trade your personal information to any third party for marketing or advertising purposes.

6. Data Retention

We retain your data for as long as your account is active. When you delete your account (available in the app under Profile → Settings → Delete Account), the following happens:

  • Your profile, email, display name, bio, and avatar are permanently deleted
  • Your posts and comments are soft-deleted (content is removed, but a placeholder record may remain for threading purposes)
  • Your votes, saves, and board memberships are deleted
  • Your pin balance and transaction history are deleted

Some data may persist in server logs and database backups for up to 30 days after deletion before being purged from all systems.

7. Your Rights

You have the right to:

  • Access your data — contact us at wist@wistapps.com to request a copy
  • Correct your data — update your profile at any time within the app
  • Delete your data — use the in-app account deletion flow or email us
  • Object to processing — contact us if you have concerns about how we use your data

If you are a resident of California, the EU, or another jurisdiction with specific privacy rights, please contact us and we will accommodate your request under applicable law.

8. Cookies and Tracking

Wist is a mobile app and does not use browser cookies. We store a single authentication session token on your device using secure storage (iOS Keychain / Android Keystore via Expo SecureStore). This token is used only to keep you signed in and is cleared when you sign out or delete your account. We do not use any advertising or cross-app tracking technologies.

9. Security

We use industry-standard security practices including encrypted connections (HTTPS/TLS) for all data in transit, hashed passwords, and row-level security policies on our database to prevent unauthorized access. No system is completely secure — if you discover a vulnerability, please report it to wist@wistapps.com.

10. Changes to This Policy

We may update this policy as the service evolves. If we make material changes, we will notify you via a notice in the app or by email before the changes take effect. Your continued use of Wist after the effective date constitutes acceptance of the updated policy.

11. Contact

Questions or concerns about this policy? Email us at wist@wistapps.com. We aim to respond within 5 business days.