Veil ("Veil", "we", "us") is built to be anonymous by design. We collect as little as possible, and what we do collect is never used to identify you or attached to your public posts. This policy explains what we collect and why.
What we collect
Anonymous session ID — a random identifier generated on your device and stored in the device keychain. It is how the app remembers "you" without an account, email, or phone number.
Content you create — your posts, replies, direct messages, and any photos or videos you choose to send, so the app can store and display them.
Optional email — only if you choose to link one for account recovery. It is stored separately and is never attached to your posts or messages.
Optional backup key — if you save a 12-word recovery key, we store only a one-way hash of it to verify recovery. We never store the key itself.
Push token — if you enable notifications, a device push token so we can deliver reply, like, and message alerts.
Optional coarse location — only if you turn on "share location in DMs," we store your city/region (never precise GPS coordinates) to show to people you message.
Age range & sex — collected to gate direct messaging and confirm eligibility. This is never shown on your posts.
Basic technical data — minimal logs needed to operate and secure the service.
What we do NOT collect
No real name, phone number, or precise location.
No advertising identifiers and no third-party ad/tracking SDKs.
We do not sell your data.
How we use it
To operate the app (show the feed, deliver messages and notifications), to keep you signed in anonymously, and to keep the community safe. Content is screened by automated moderation (using Claude by Anthropic) so we can remove objectionable material.
Who we share it with
Only the service providers needed to run Veil: Supabase (database/hosting), Anthropic (content moderation), and Expo (push delivery). They process data on our behalf under their own terms. We do not sell personal data.
Retention & deletion
You can delete your posts and conversations in the app. Backup keys expire after 6 months. To request deletion of your data, email murmurapp.support@gmail.com and we will remove what we reasonably can tie to your session.
Children
Veil is not directed to children under 13, and the App Store age rating is 17+ due to unmoderated-style user content.
Security
Data is encrypted in transit, and database access is restricted with row-level security so users only see what they are allowed to.
Changes
We may update this policy; the "last updated" date reflects the latest version.