Privacy Policy

1. Who we are

The Prson mobile app ("Prson", "we", "us") is operated by Yumankind OÜ, a company registered in Estonia. For the purposes of the EU General Data Protection Regulation (GDPR), Yumankind OÜ is the data controller responsible for personal data processed through the app.

Questions about this policy can be sent to hello@yumankind.com.

2. Our privacy posture

Prson is designed so that, by default, your raw data never leaves your device. The app derives every cryptographic key from your 12-word recovery phrase, stores them in hardware-backed secure storage on your phone, and uses them to sign verifiable claims about you — without exposing the underlying values.

What this means in practice:

• Verified properties are stored as hashes, not raw values. For example, your full birthdate is hashed on-device with a system salt before any record is written to our servers — we never store or disclose the raw birthdate, and we do not compute or store a derived age.
• Selfies and document scans are local-only by default. They are processed on your device for verification and remain there. They are uploaded only if you explicitly opt in to server-side photo binding.
• Messages are end-to-end encrypted. The server relays opaque ciphertext using MLS (Messaging Layer Security) group key agreement. We cannot read message bodies, file attachments, or capture payloads.
• Cross-identity correlation is opt-in. Your wallet identifier (the key that links your separate identities inside the same wallet) is disclosed only when you toggle a specific QR or invite option that says so.

3. Data we collect

Information you provide

• Public-profile fields per identity: display name, emoji, bio, optional profile picture URL.
• Verified-property hashes (and the associated company-key signature) for each property you choose to verify.
• Truth-proof challenge payloads — these are stored encrypted, accessible only to the participants of a conversation.
• Early-access email submissions. When you submit your email through the "Request early access" form on app.prson.net, we store the email together with the submission timestamp, your user-agent string, and the source page (app.prson.net) in a write-only Firestore collection (earlyAccessRequests). We use this only to send you a TestFlight or Play Internal invite link when a slot opens. You can ask us to delete this record at any time by emailing hello@yumankind.com.
• Email address (if you contact us) and any information you choose to send in support correspondence.

Information collected automatically

• Device-pairing metadata required to deliver push notifications (device token, OS, app version).
• Basic crash and stability telemetry where the OS provides it (no message contents, no capture contents).
• Firestore-level authentication state via Firebase Authentication.
• Marketing-site analytics. The landing pages on app.prson.net load Firebase Analytics (Google Analytics for Firebase, measurement id G-V3QJRNVH0B). It records page views, basic interaction events, approximate location (country / region), device class, browser, and a pseudonymous identifier so we can understand which sections of the site work. It is not loaded inside the mobile app and never sees any identity, message, or capture data.

Information we do not collect

• The raw values behind your verified properties (e.g., the actual birthdate, document number, name).
• The contents of any chat message, voice call, or capture.
• Your contact list, browsing history outside the app, or precise location.

4. How we use data

• To deliver and operate the messaging, identity, and challenge features of the app.
• To countersign verified-property hashes with our notary key so other users can confirm them offline.
• To route push notifications about pending invites, challenges, and messages.
• To detect abuse and protect the integrity of the platform.
• To comply with legal obligations applicable to Yumankind OÜ.

The legal bases for processing under GDPR are: performance of a contract (providing the app), legitimate interest (security and abuse prevention), consent (where requested), and legal obligation.

5. Sharing and disclosures

We do not sell personal data. We share limited data only with infrastructure providers that act as our processors:

• Google Firebase (Authentication, Firestore, Cloud Functions, Cloud Messaging, Remote Config, Hosting) — hosting and delivery.
• Google Analytics for Firebase / Google Analytics 4 — marketing-site analytics on app.prson.net only.
• Cloudflare R2 — encrypted artefact storage for opt-in capture uploads.
• Apple Push Notification service and Firebase Cloud Messaging — push delivery.

We may disclose data when required by a valid legal order. Because we hold ciphertext and hashes — not raw values — the practical scope of any such disclosure is limited by design.

6. Retention

Identity records, signatures, and challenge artefacts persist for as long as the relevant identity exists. When you delete an identity, its associated records are removed from our active databases within 30 days. Encrypted captures stored on R2 are retained according to the per-challenge retention rules surfaced in the app at the time of capture.

7. Your rights

Under GDPR you have the right to access, rectify, and erase the personal data we hold about you, to restrict or object to processing, and to data portability. Because most of your data lives on your device, you can exercise many of these rights directly through the app (export, delete identity, rotate keys). For anything you cannot complete in-app, email hello@yumankind.com.

You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or the supervisory authority in your country of residence.

8. Children

Prson is not directed to children under 16. If we learn that we have collected personal data from a child under 16 without parental consent, we will delete it.

9. Changes to this policy

We will post any material changes here and update the "Last updated" date above. Continued use of the app after a change constitutes acceptance of the revised policy.

10. Contact

Yumankind OÜ · Estonia · hello@yumankind.com