Overview
Visi ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the Visi mobile application. We designed Visi with privacy at its core, including end-to-end encryption for all messages.
Information We Collect
Account Information
When you create an account, we collect:
- Email address
- Display name and username
- Profile photo (optional)
- Phone number (optional, for contact matching)
Messages & Content
All messages, including text, images, and ghost typing keystrokes, are encrypted end-to-end using AES-256-GCM encryption with Curve25519 key exchange. We cannot read your messages. Encrypted message data is stored on our servers only to facilitate delivery.
Video
Live video is transmitted peer-to-peer via WebRTC directly between devices. Video streams are not routed through, recorded, or stored on our servers. TURN relay servers may be used when direct connections cannot be established, but video data passing through them is encrypted and not retained.
Usage Data
We may collect basic analytics data such as app opens, crash reports, and feature usage to improve the app. This data does not include message content.
Device Information
We collect device tokens for push notifications and basic device information needed for app functionality (e.g., OS version for compatibility).
How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Visi app
- Facilitate message delivery and real-time features
- Enable you to find and connect with friends
- Send push notifications for new messages
- Detect and prevent abuse, fraud, or security issues
- Comply with legal obligations
End-to-End Encryption
Visi uses end-to-end encryption for all messages and ghost typing data. This means:
- Messages are encrypted on your device before being sent
- Only the intended recipient(s) can decrypt and read messages
- Encryption keys are generated and stored only on your device
- We use industry-standard AES-256-GCM encryption with Curve25519 key exchange
- We cannot access, read, or share your message content
Data Sharing
We do not sell your personal information. We may share limited information with:
- Service providers: Firebase (Google) for authentication, data storage, and push notifications, operating under their own privacy policies
- Legal requirements: When required by law, legal process, or to protect our rights and safety
Data Retention
We retain your account information for as long as your account is active. Encrypted messages are stored to facilitate delivery and may be retained for a reasonable period. You can delete your account at any time, which will remove your profile and associated data from our systems.
Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your account and data
- Opt out of non-essential communications
- Export your data in a portable format
To exercise any of these rights, contact us at privacy@visimessenger.app.
Children's Privacy
Visi is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us so we can remove it.
Security
We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, in addition to the end-to-end encryption of message content. No method of transmission or storage is 100% secure, but we strive to use commercially acceptable means to protect your information.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes through the app or via email. Continued use of Visi after changes constitutes acceptance of the updated policy.
Contact Us
If you have questions about this Privacy Policy, contact us at: