Privacy Policy
Last updated: Sep 24, 2025
Authentic (“Authentic,” “we,” “us,” “our”) is built to protect your privacy. We don’t sell your data, we don’t share it with data brokers, and we don’t use it to train advertising or AI models.
Why Authentic is different
Most social platforms are built around selling ads on the back of your personal data. Authentic is built the opposite way: we do not make money through surveillance advertising. We refuse to sell or broker your information, we don’t siphon it into AI training pipelines, and we collect only what we truly need to give you a smooth, secure experience. Privacy isn’t a marketing slogan here—it’s in our DNA and in every product decision we make.
1. Scope & Controller
This policy explains what we collect, why we collect it, how we use it, and your choices.
Controller: Authentic Technologies, Inc., 3909 S Maryland Pkwy, Ste 314 #550, Las Vegas, NV 89119, USA.
Contact: support@authentic.tech
If you access Authentic from the EEA and we do not have a local establishment, we have appointed representatives (see Section 12) for GDPR queries.
2. Data we collect & why
We collect the minimum needed to run the service. When an item is optional, you can skip it.
Account data — email, phone number (required), username, password (bcrypt + unique salt).
Purpose: create and secure your account, recover access, prevent abuse.
Retention: kept until you delete your account, then erased within 30 days.
Profile data (optional) — display name, bio, avatar, location you choose to share.
Purpose: show your profile to other users.
Retention: same as account data.
User content — photos, captions, reactions, and related metadata.
Purpose: provide core social features.
Retention: stored until you delete the content or your account (then erased within 30 days).
Device data — IP address, device/OS version, language, app version, and device identifiers limited to security and reliability.
Purpose: detect fraud, secure accounts, keep the service reliable.
Retention: 30 days.
Diagnostics (pseudonymous) — crash reports and performance events (no ad IDs).
Purpose: fix bugs and improve performance.
Retention: 30 days.
Push tokens — randomized tokens from Apple/Google.
Purpose: deliver notifications you opt into.
Retention: deleted when you disable notifications or uninstall.
Contacts (optional, if you enable “Find friends”) — hashed phone/email for match-only purpose.
Purpose: help you find people you already know; we don’t write your address book to our servers in plain text.
Retention: hashes kept only while the feature is active; you can turn it off anytime.
Cookies & local storage — first-party only, for authentication and security.
Note: disabling them breaks sign-in.
We do not collect precise location or ad identifiers.
3. How we use data
∙Provide and secure the service, troubleshoot, and prevent abuse/spam.
∙Send service messages and push notifications you opt into (you can turn them off in settings).
∙Comply with law and enforce our terms.
We do not use your data for cross-app tracking or targeted advertising.
4. Legal bases for EEA
∙Contract: account, profile, and user content.
∙Legitimate interests: security, fraud prevention, and service reliability (balanced against your rights).
∙Consent: optional analytics/diagnostics beyond strictly necessary; “Find friends” via contacts; push notifications.
You can withdraw consent in-app at any time without affecting prior processing.
5. International transfers
We host in the United States. When personal data is transferred from the EEA, we use approved safeguards such as the EU Standard Contractual Clauses. If we later participate in a recognized adequacy mechanism, we will reflect that here.
6. Sharing with service providers
We share data only with vendors that help us operate Authentic (cloud hosting, crash reporting, content delivery, app-store services, and trust-and-safety tooling). These providers act under written contracts, must follow our instructions, and may not use your data for their own marketing. See the current list of our Third-Party Service Providers for iOS and Android.
7. Security
We use TLS in transit, encryption at rest, strict role-based access, least-privilege controls, and regular security reviews. If you find a vulnerability, email support@authentic.tech.
8. Your rights & choices
In-app controls: edit your profile, download your data, request deletion.
U.S. residents: depending on your state, you may have rights to access, delete, correct, portability, and opt out of targeted advertising or certain profiling. We respond within 45 days (extendable once where permitted). If we deny a request, you can appeal via our in-app process; if your appeal is denied, we’ll tell you how to contact your state Attorney General.
EEA residents: you have rights to access, rectify, erase, restrict/oppose processing, and data portability; you may also complain to your supervisory authority.
How to exercise: use in-app tools or email support@authentic.tech from your registered address. We’ll verify your identity and explain any lawful refusal.
9. Children's privacy
Authentic isn’t for children under 13, and we do not knowingly collect their data. In the EEA, if a feature relies on consent, local digital-consent ages (13–16) apply. If we learn someone is underage, we’ll close the account and delete associated data.
10. Automated decision-making
We do not conduct automated decision-making that produces legal or similarly significant effects about you.
11. Law-enforcement & legal requests
We review requests for legal validity, limit disclosures to what’s required, and notify affected users when legally permitted. We may preserve data to comply with law or to investigate abuse, for as long as necessary for that purpose.
12. EEA contacts
13. Retention
We keep personal data no longer than necessary for the purposes above. Most security logs and diagnostics are deleted within 30 days. Account and content data are erased within 30 days of confirmed account deletion, except where we must retain limited records to comply with law, resolve disputes, or enforce our terms.
14. Deleting your account
If you created an account, you can initiate deletion in-app at any time. Deletion removes your account and content from our systems subject to the retention window in Section 13. You can also email support@authentic.tech from your registered address.
15. Changes to this policy
If we make material changes, we’ll notify you in-app and update the “Last updated” date. Continuing to use Authentic after changes take effect means you accept the revised policy.
