Privacy Policy
Last updated: 9 May 2026
The short version: chats are deleted 24 hours after they end. We require Google or Apple sign-in so we can ban troublemakers, but your match never sees who you are. We don't sell data and we don't run ads. You can delete your account from inside the app at any time.
1. Who we are
ShtChat is operated by Sleeb Ltd, registered in England and Wales. We are the data controller for the personal data described in this policy. For privacy questions or to exercise your rights under data protection law, contact privacy@shtchat.com.
2. What data we collect
Required to use the app
- Anonymous Firebase user ID — assigned the first time you open the app. Used to route messages and enforce blocks/bans.
- Birth year — collected at onboarding to confirm you are 18 or over. Stored as a year only (e.g. 1995); we do not store your day or month of birth.
- Google or Apple account identifier — required before joining the chat queue. We receive your account ID, and (where you allow it) your email address. Your match never sees these.
- Push notification token — if you grant notification permission, so we can tell you when a match is ready.
Generated as you use the app
- Queue entry — a temporary record that you are waiting to be matched. Auto-deleted within 2 minutes.
- Chat messages — stored only for the duration of the chat plus 24 hours, then permanently deleted by an automated job. Maximum 5-minute chat duration.
- Block list — IDs of users you have blocked. Retained until you delete your account.
- Reports you submit — chat ID, the reason you selected, and your user ID. Retained for up to 12 months for moderation review.
- Moderation counters — if our system removes a message you sent for hate speech, or you receive reports, we keep an internal counter and a redacted log entry. Used only to decide whether to suspend an account.
If you choose to save a chat
- Saved transcript summary — first three messages, message count, save date. Stored under your account until you delete it.
- AI audio file — the generated MP3, stored privately in Firebase Storage. Only your account can request a playback link, which expires after one hour.
We do not collect your name, address, phone number, location, contacts, photos beyond the loo-roll preview (which never leaves your device), or any biometric data.
3. Why we use it (legal basis)
| Purpose | Lawful basis (UK GDPR Art. 6) |
|---|---|
| Routing your chat with another user | Performance of contract — providing the service you requested |
| Age verification (birth year, 18+ confirmation) | Legal obligation (Online Safety Act 2023) |
| Sign-in via Google/Apple | Legitimate interests — preventing abuse and enforcing bans |
| Server-side moderation, ban decisions, report review | Legitimate interests — keeping the platform safe |
| Push notifications | Consent (you grant the permission at the OS level) |
| Generating AI audio of saved chats | Consent — only triggered when you tap "Save" |
| Crash and error reporting | Legitimate interests — diagnosing app failures |
4. How long we keep it
| Data | Retention |
|---|---|
| Chat messages and chat metadata | Deleted automatically 24 hours after the chat ends |
| Queue entries | Deleted within 2 minutes |
| Saved chat summaries and audio | Until you delete the saved chat or your account |
| Block list | Until you delete your account |
| Reports | Up to 12 months |
| Moderation log entries (auto-deletions, ban actions) | Up to 24 months |
| Account deletion log (uid + timestamp) | 24 months for fraud prevention |
| Crash reports | 30 days (Sentry default) |
5. Who we share it with (sub-processors)
We do not sell your data. The third parties below process data on our behalf:
- Google (Firebase) — Authentication, Firestore database, Cloud Functions, Cloud Storage, FCM push routing. Hosted in the europe-west2 (London) region. Firebase privacy.
- Apple — Sign in with Apple. Apple privacy.
- Google Sign-In — when you choose Google to sign in. Google privacy.
- Expo (push relay) — Expo's notification service relays match alerts to APNs/FCM. Receives the push token and a short message body ("Your ShtChat match is ready"). Expo privacy.
- ElevenLabs — converts the text of your saved chats into audio when you tap Save. Receives only the message text — no user IDs. ElevenLabs privacy.
- Sentry — captures app crashes and errors with anonymised device info. Sentry privacy.
Some of these providers may transfer data outside the UK/EEA. They do so under appropriate safeguards (UK IDTA, EU Standard Contractual Clauses, or equivalent).
6. Children's privacy
ShtChat is for adults only. You must be 18 or over to use the app. We collect a self-declared birth year at onboarding and refuse access if it indicates an age below 18. We do not knowingly collect data from anyone under 18. If you believe a minor has used the service, email privacy@shtchat.com and we will investigate and delete the account.
7. Your rights
If you live in the UK or EEA, you have the right to:
- Access — request a copy of the data we hold about you.
- Erasure — delete your account and all associated data via Profile → Delete my account, or by emailing us.
- Rectification — correct inaccurate data (e.g. birth year).
- Restriction — limit how we use your data.
- Portability — receive your saved chat data in a machine-readable format.
- Object — object to processing based on legitimate interests.
- Withdraw consent — for any processing you previously consented to.
- Complain — to the UK Information Commissioner's Office at ico.org.uk.
To exercise any of these, email privacy@shtchat.com from an address linked to your sign-in. Because the in-chat experience is anonymous, deletion is also self-service in the app: open Profile and tap "Delete my account".
8. Security
All transit uses HTTPS/TLS. Audio files are stored privately and only accessible via short-lived signed URLs issued by Cloud Functions. Firestore security rules enforce that only chat participants can read messages. The ElevenLabs API key is held in Google Cloud Secret Manager, never shipped in the client. We log moderation actions for audit but minimise the personal data within them.
9. Changes
We may update this policy. The "last updated" date at the top reflects the current version. Material changes will be flagged in-app on next launch.
10. Contact
Privacy questions: privacy@shtchat.com. Reports of harmful content can also be raised in-app via the report button — those receive a faster response.