Privacy Policy

1. Introduction

Welcome to Tether ("we," "our," or "us"). Tether is a privacy-first professional contact management application that automatically keeps your contact information current through live updates and intelligent synchronization across your devices.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service"). If you do not agree, please do not access the Service.

We reserve the right to make changes to this Privacy Policy at any time. We will alert you about material changes by updating the "Last Updated" date and, for significant changes, by providing prominent in-app notice or email notification.

2. Information We Collect

2.1 Information You Provide to Us

Account Information: Phone number (required for SMS OTP authentication — Tether's sole sign-in method), name (first, last, optional middle, prefix, suffix), profile information (company, job title, department, handle/username, avatar photo), and account preferences (including accessibility settings).

Contact Data: Names, phone numbers (E.164 format), email addresses, physical addresses, social media profiles, website URLs, birthdays, anniversaries, notes, photos (EXIF metadata stripped), health information (allergies, medical conditions, emergency designations), custom fields, tags, labels, and referral codes.

Event Data: Event details (title, date, time, location), RSVP status, co-host assignments, guest lists, and per-RSVP snapshots (display name and email address captured at invite time).

Privacy Circle Assignments: Classification of contacts into sharing tiers (Community, Professional, Close), custom circle memberships, shared circle/directory memberships.

Directory and Shared Circle Data: Directory name, description, your membership status and role, information you choose to share with directory members.

2.2 Information Collected Automatically

Device Information: Device type, model, OS version, unique device identifiers (generated by SHA-256 hashing hardware IDs with your user ID), app version, language, region, and screen resolution.

Usage Data: Features used, actions performed, error logs and crash reports (via Sentry, PII auto-redacted), performance metrics, interaction patterns (aggregated and hashed, not linked to individual identities), and accessibility feature usage.

Technical Data: IP address (for security and approximate location), session duration, sync operation metadata, and network connection type.

2.3 Information from Third-Party Sources

With your explicit permission, we may import contact data from your device's native contacts, Google Contacts (via OAuth 2.0), Microsoft Contacts (via OAuth 2.0), and vCard/CSV files. We only request the minimum permissions necessary. We do not access your emails, calendars, documents, or other data unrelated to contact management.

2.4 Biometric Information

If you enable biometric authentication (Face ID, Touch ID), we do not collect, store, or transmit your biometric data. Authentication is processed entirely on your device's secure enclave. We only receive a success/failure signal.

2.5 Photo and Image Metadata

When you upload photos, we automatically strip all EXIF metadata (including GPS coordinates, camera info, and timestamps) prior to storage.

2.6 Location Data

We collect approximate location data derived from your IP address for security and fraud prevention (city or region level, not GPS). No current core features require precise GPS location.

3. How We Use Your Information

3.1 Core Service Functionality

• Account Management: Create and manage your account, authenticate identity, maintain session security
• Contact Synchronization: Sync data across your devices using server-assigned sync versioning
• Live Updates: Automatically update contact information when your connections update their Tether profiles
• Autoconnect: When two users each have the other's verified phone number, we may automatically create a connection. Matching is performed by comparing salted SHA-256 hashes — raw phone numbers are never compared or exposed to other users
• Event Management: Create, manage, and share events, send invitations via email, manage RSVPs
• Duplicate Detection: Identify and merge duplicates using fuzzy matching and salted SHA-256 hashing
• Contact Card Broadcast: Share updated contact information with selected circles via email (Resend)
• Import and Export: Facilitate importing from external services and exporting your data (vCard, CSV, JSON)

3.2 Machine Learning and Automated Processing

• Duplicate Detection: Identity-gated scoring models incorporating fuzzy name matching and a ML component that learns from your merge decisions
• Circle Auto-Suggestion: Analysis of contact signals to suggest privacy circle placements (advisory only)
• Spam and Fraud Detection: Automated systems to detect abuse patterns

3.3 Service Improvement and Analytics

We analyze aggregated, de-identified metrics for performance monitoring, feature usage understanding (hashed, anonymized), error tracking via Sentry (PII auto-redacted), and A/B testing.

We do not use your personal contact data for advertising targeting. We do not sell your data or share it for cross-context behavioral advertising.

3.4 Communications

• Transactional SMS: OTP codes and security alerts via Telnyx (TCPA consent provided at registration)
• Transactional Email: Sync status, event invitations, contact card broadcasts via Resend
• Feature Updates: Notifications about new features (with opt-out)

3.5 Security and Fraud Prevention

Rate limiting, authenticated device session management, anomaly detection, and audit logs.

4. How We Share Your Information

4.1 Information Sharing You Control

Sharing Tier Settings: When you connect with another user, you control what they see:

• Community: Name, avatar, phone, email, birthday
• Professional: Name, avatar, work email, company, job title, work address
• Close: Full visibility — all information

Default sharing for unassigned contacts: name, profile photo, handle, and mobile phone. Review and modify defaults in Settings > Privacy > Tier Defaults.

Data on Disconnect: When you block or remove a connection, all information received through that connection is automatically removed. Live data does not persist after disconnection.

Events and Co-hosts: Co-hosts can see only the display name and email address attached to each guest invitation (per-RSVP snapshot) — not any other information from your address book.

4.2 Service Providers

We share information with service providers who are contractually required to use your information only for specified services:

Provider	Purpose
Supabase Inc.	Database, auth, file storage, real-time sync (AWS, US)
Sentry	Error tracking (PII auto-redacted)
RevenueCat	Subscription billing via App Store / Google Play
Telnyx	SMS OTP delivery
Resend	Transactional email (invitations, broadcasts)
Expo	Push notification delivery

4.3 Analytics and Monitoring

Sentry: Crash reports with PII auto-redacted. RevenueCat: Subscription lifecycle analytics.

We do not use Google Analytics, Facebook Pixel, or advertising-oriented analytics tools in the Tether mobile app.

4.4 Advertising

4.5 Business Transfers

If Tether is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide at least 30 days' notice before your information becomes subject to a materially different privacy policy.

4.6 Legal Requirements

We may disclose information if required by law or in response to valid requests by public authorities. When permitted, we will provide you with prompt notice of legal demands for your data.

4.7 Professional Advisors

We may disclose information to lawyers, auditors, bankers, and insurers subject to confidentiality obligations.

4.8 Aggregated and De-identified Data

We may share aggregated, anonymized information that cannot identify you for business purposes including research and service improvement.

5. Data Security

5.1 Security Measures

Encryption:

• All data in transit encrypted using TLS 1.3
• SSL public key pinning (SPKI) to prevent MITM attacks
• Contact data encrypted at rest using AES-256
• Phone numbers and emails hashed using salted SHA-256 for duplicate detection and Autoconnect

Authentication Security:

• Phone OTP via SMS — sole sign-in method
• Biometric authentication processed locally via secure enclave
• JWT tokens stored in iOS Keychain / Android Keystore
• Access token expiry: 1 hour; refresh token: 90 days
• Rate limiting: 5 attempts per hour per phone number
• Per-tier device caps (Free: 1 device; Tether+/Lifetime: 2)

Access Controls:

• Row-level security (RLS) ensuring users can only access own data
• All operations through SECURITY DEFINER RPCs — no direct table access

Cross-User Isolation: On sign-out, we execute a five-step wipe of all locally stored user data, ensuring no contact data survives a logout.

5.2 Security Breach Notification

In the event of a security breach, we will investigate promptly, notify affected users without undue delay (within 72 hours under GDPR where required), and cooperate with regulatory authorities.

5.3 Limitations

No method of transmission or storage is 100% secure. While we use commercially acceptable means, we cannot guarantee absolute security.

6. Data Retention

6.1 Retention Schedule

Data Category	Retention Period
Contact data	While account is active
Sync history	90 days
Change logs (audit)	1 year
Soft-deleted contacts	30 days, then auto-hard-deleted (daily, 3:00 AM UTC)
Error/crash logs (Sentry)	90 days (PII redacted)
Transactional records	7 years (tax/accounting)

6.2 Account Deletion

When you request account deletion (Settings > Account > Delete Account):

Immediate Actions:

• 30-day cooling-off period (cancellable)
• Profile becomes inaccessible to other users
• Logged out of all devices; local data wiped
• Directory memberships terminated

After 30-Day Cooling Period:

• All contact data permanently hard-deleted
• Account information permanently deleted
• Sub-entity data (phones, emails, addresses) cascade-deleted
• Third-party import connections revoked

Exceptions: Transactional records (7 years), legal dispute records, aggregated analytics, backup copies (deleted within 90 days).

6.3 Inactive Accounts

Accounts inactive for 12 months may receive notification. If no response within 30 days, we may delete the account and data.

7. Your Privacy Rights

7.1 Rights Available to All Users

• Access & Portability: Access contacts in the app; export in vCard, CSV, or JSON via Settings > Data & Privacy > Export Data; request full copy at [email protected]
• Correction: Edit data in the app, or contact us for corrections you can't make yourself
• Deletion: Delete individual contacts or your entire account; request immediate deletion at [email protected]
• Opt-Out: Disable push notifications in device settings; unsubscribe from non-essential emails; you cannot opt out of authentication codes and security alerts

7.2 EEA/UK Users — GDPR and UK GDPR

Legal Bases for Processing:

• Contract Performance: Authentication, sync, contact management
• Legitimate Interests: Fraud prevention, security, analytics
• Consent: Marketing, optional features
• Legal Obligation: Compliance

Additional GDPR Rights: Right to restriction, right to object, right to withdraw consent, right not to be subject to solely automated decisions, right to lodge a complaint.

Data Transfers: We ensure adequate safeguards through Standard Contractual Clauses (SCCs) and adequacy decisions.

EU/UK Representatives: Designation in progress — contact [email protected].

7.3 California Users — CCPA/CPRA

California Privacy Rights:

• Right to Know, Right to Delete, Right to Correct
• Right to Opt-Out of Sale/Sharing — we do not sell personal information
• Right to Limit Use of Sensitive Personal Information
• Right to Non-Discrimination

Global Privacy Control (GPC): We recognize and honor the GPC signal to the extent required by California law.

Do Not Sell or Share: We do not sell personal information or share it for cross-context behavioral advertising.

Your privacy choices: [email protected] or tetherup.app/privacy-choices.

7.4 U.S. State Privacy Rights

Residents of the following states have privacy rights which we honor:

• Texas (TDPSA), Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Montana (MCDPA), Utah (UCPA), Iowa (ICDPA): Access, correct, delete, portability, opt-out, appeal

Email [email protected] to exercise rights. You may appeal our decision by emailing with the subject line "Privacy Rights Appeal."

7.5 Brazilian Users — LGPD

Brazilian residents have rights under the LGPD including confirmation, access, correction, anonymization, portability, deletion, and revocation of consent. Contact [email protected].

7.6 Australian Users — Privacy Act

We are committed to the Australian Privacy Principles (APPs). Contact [email protected].

7.7 Canadian Users — PIPEDA and Law 25

Canadian residents are served in accordance with PIPEDA and Quebec's Law 25. Contact [email protected].

7.8 Authorized Agents

You may designate an authorized agent to submit privacy requests on your behalf with written authorization and identity verification.

8. Children's Privacy

Tether is not intended for children under 13. We do not knowingly collect personal information directly from children under 13. Children are not Tether users — they may appear as contact entries managed by a parent or guardian, but they do not create accounts.

If you believe a child under 13 has created an account, contact [email protected].

9. Data About Non-Users

When you use Tether, you may store information about people who do not have Tether accounts ("non-users").

• Non-user data is subject to the same security protections as all other data
• We may hash phone numbers/emails to identify potential connections if they later create accounts
• We do not use non-user data to send marketing communications
• Non-user data is deleted when you delete the contact or close your account

You are responsible for ensuring you have a lawful basis for storing non-users' personal information.

10. Analytics, Tracking, and Mobile SDKs

10.1 Mobile Analytics SDKs

• Sentry SDK: Crash reports and performance data (PII redacted before transmission)
• RevenueCat SDK: Subscription purchase processing and lifecycle analytics
• Expo Push SDK: Push notification token registration and delivery

We do not embed advertising SDKs, social media tracking SDKs, or behavioral profiling SDKs.

10.2 Do Not Track (DNT)

We do not currently respond to DNT browser signals in a standardized way. However, we honor the Global Privacy Control (GPC) signal as described in Section 7.3.

10.3 Web Analytics

For tetherup.app web properties, we use minimal, privacy-respecting analytics that do not build behavioral profiles.

11. International Data Transfers

Tether is operated from the United States. For EEA/UK users, we rely on Standard Contractual Clauses (SCCs) and adequacy decisions. For other international users, we implement appropriate safeguards including contractual commitments and security measures.

12. Third-Party Links and Integrations

Tether integrates with Google Contacts (Google People API), Microsoft Contacts (Microsoft Graph API), RevenueCat/Apple App Store/Google Play Store (payments), and social media platforms. We are not responsible for the privacy practices of third-party services.

13. Push Notifications and Communications

13.1 Types of Communications

Transactional (Cannot Opt Out): Authentication codes (SMS OTPs via Telnyx), security alerts, sync status, critical service updates.

Marketing (Can Opt Out): Feature announcements, product updates, surveys.

Push Notifications (Can Opt Out): Contact updates, birthday reminders, directory activity, event invitations, connection notifications.

13.2 SMS Consent and TCPA Compliance

By providing your phone number, you expressly consent to receive SMS from Tether via Telnyx. Message and data rates may apply.

• Opt out of non-transactional SMS: Reply STOP
• Help: Reply HELP or contact [email protected]
• We do not share, sell, or rent SMS program data to third parties

Full SMS terms: tetherup.app/sms

13.3 Managing Communications

Push: Device Settings > Notifications > Tether, or configure in app settings.
Email: Click "Unsubscribe" in marketing emails.
SMS: Text STOP to opt out of promotional SMS.

14. Clipboard Access

When you install Tether after visiting a referral invite page, the app may check your device clipboard for a referral code. This is used solely for attribution. Your device's OS will prompt you before clipboard access. No other clipboard data is read or stored.

15. Job Applicants

When you apply for a position at Tether, we collect information you provide (contact information, professional credentials, employment history). We use this information solely for recruitment. Applicant data is retained for the duration of recruitment and a reasonable period thereafter. Contact [email protected] for questions about your applicant data.

16. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. We will post updates in the app and on our website, update the "Last Updated" date, and for material changes, provide prominent notice via in-app notification, email, and/or push notification. We maintain a version history; contact [email protected] for previous versions.

17. Contact Us

• Privacy Inquiries: [email protected]
• Rights Requests: [email protected]
• Phone: +1 (214) 286-5678
• General Support: [email protected]
• Postal: Tether Inc., [Address to be provided]
• In-App: Settings > Help & Support > Contact Us

We aim to respond to all privacy inquiries within 30 days (or as required by applicable law).

18. Specific State and Country Disclosures

18.1 Nevada (NRS 603A)

We do not sell "covered information" as defined by Nevada law.

18.2 Texas (TDPSA)

We do not sell personal data or process it for targeted advertising.

18.3 California — Additional Disclosures

Do Not Sell or Share Link: tetherup.app/privacy-choices
Sensitive Personal Information Opt-Out: tetherup.app/privacy-choices

18.4 Brazil (LGPD)

DPO contact: [email protected].

18.5 Australia

Nothing in this Policy restricts, excludes, or modifies any rights under the Privacy Act 1988 that cannot be excluded by agreement.

18.6 Canada (PIPEDA / Law 25)

Privacy Officer: [email protected].

19. Definitions

• Personal Information: Information that identifies, relates to, or could reasonably be linked with you.
• Processing: Any operation performed on personal information.
• Service: The Tether mobile application and all related services.
• Contact: A person whose information you store in Tether.
• Non-User: A person whose information you store but who does not have a Tether account.
• Privacy Circle / Sharing Tier: One of three categories (Community, Professional, Close) controlling what you share.
• Shared Directory/Circle: A collaborative space where multiple users share contact information.
• Sensitive Personal Information (SPI): Health data, precise geolocation, biometric data, and other CCPA/CPRA categories.
• Autoconnect: Automatic mutual connection via salted SHA-256 phone number hashing.
• EXIF Metadata: Data embedded in digital photos (GPS, camera model, timestamps).

---

This Privacy Policy is effective as of April 15, 2026 and was last updated on April 15, 2026.