Privacy Policy

Effective date: 9 July 2026

This Privacy Policy explains how data is processed when you use the Setfeed iOS app, Android app, website and associated services, including setfeed.app.

Setfeed is designed around data minimisation, local-first storage and client-side encryption for cloud-delivered messages wherever the relevant feature supports it.

Who we are

“Setfeed”, “we”, “us” and “our” refer to the Setfeed apps, website and services operated by Setfeed.

For privacy enquiries, data requests or account-deletion requests, contact: hello@setfeed.app.

What Setfeed is designed to do

Message content and encryption

Messages and supported attachments sent through Setfeed’s encrypted cloud-delivery features are encrypted on the sender’s device or in the sender’s browser before being uploaded.

Encryption keys are derived from the recipient’s Setfeed receive code. The plaintext receive code is not intentionally uploaded as part of the encrypted envelope. A cryptographic hash or lookup reference may be sent so that the service can route the encrypted envelope to the intended recipient.

For these encrypted delivery flows, Setfeed’s servers receive ciphertext and the technical metadata required to store, route and deliver it. Setfeed is not designed to have plaintext access to the standard encrypted message body or encrypted attachment.

A recipient must possess the appropriate receive code to derive the key needed to decrypt an encrypted message.

Messages scheduled only for yourself may remain stored locally on your device and may not be uploaded to Setfeed’s servers.

Data we process

The data processed depends on which Setfeed features you use. We may process the following categories.

1) Messages and user-provided content

Cloud-delivered message bodies and supported attachments are encrypted before upload where the encrypted-delivery feature is used.

2) Encrypted envelope and delivery metadata

Setfeed may process metadata needed to deliver encrypted content, including:

This metadata is used for message routing, scheduling, delivery, deduplication, expiry, retry handling and replay protection.

3) Anonymous authentication information

The mobile apps may create an anonymous Firebase authentication identity so that cloud features can operate without requiring you to provide an email address, username or password.

This may include:

An anonymous identifier is still a persistent technical identifier and may be associated with cloud records created by that installation.

4) App and device integrity information

Setfeed uses Firebase App Check and platform integrity services to reduce automated abuse and unauthorised requests.

Depending on the platform, these services may include:

These services may process device or app attestation material, integrity results, short-lived App Check tokens and basic technical signals needed to verify that a request comes from an authentic app or browser environment.

5) Operational and security information

Setfeed and its infrastructure providers may generate limited operational records to provide and protect the service. These may include:

These records are used for reliability, debugging, fraud prevention, rate limiting and security investigations.

6) Data stored locally on your device

Setfeed stores information locally so the app can function. Depending on the platform and features used, this may include:

Sensitive local values, including receive codes and protected media, may be stored using platform security facilities such as the iOS Keychain or protected application files.

Setfeed contacts are contacts created inside Setfeed. The app does not need to upload your device’s system address book to provide this feature.

7) Optional permissions

Setfeed may request permission to use selected device features, including:

These permissions are optional and can be changed through your device settings. Setfeed does not require notification permission for its basic scheduling features.

8) Website storage and browser technologies

The Setfeed website may use browser storage such as localStorage to remember settings, authentication state and theme preferences.

Security services such as reCAPTCHA may use cookies, browser storage or similar technologies according to the provider’s own terms and privacy practices.

How we use data

We process data to:

Legal bases where applicable

Where data-protection law requires a legal basis, we generally rely on one or more of the following:

What we do not do

Service providers and sharing

Setfeed uses service providers to operate and protect the service. These providers may process data on our behalf according to their contracts and privacy terms.

Current providers may include:

Setfeed does not share personal data with advertisers. We may disclose information when reasonably necessary to:

International processing

Setfeed’s infrastructure providers operate internationally. Data may therefore be processed in countries other than the country where you live, including locations where Google, Apple or their service providers operate facilities.

Where required, such processing is subject to the contractual and legal safeguards provided by the relevant service provider and applicable law.

Retention

We retain data only for as long as reasonably necessary for the purposes described in this policy, including delivery, security, dispute resolution and legal compliance.

Security

We use technical and organisational measures intended to protect data, including:

No service can guarantee absolute security. Users should keep receive codes private and share them only with intended senders.

Your choices and privacy rights

Depending on your location, you may have rights relating to your personal data, including rights to request access, correction, deletion, restriction, objection or portability.

You can also:

Because Setfeed does not require a conventional named account, we may need technical information from you to locate an anonymous identity or associated cloud record. We may also need to verify that the request relates to you before fulfilling it.

To make a privacy request, email hello@setfeed.app.

Children

Setfeed is not designed for children and is not directed to children under 13.

If you believe a child has provided personal information to Setfeed, contact hello@setfeed.app and we will take appropriate steps.

Third-party privacy information

Additional information about our principal technology providers is available from:

Changes to this policy

We may update this Privacy Policy when Setfeed’s features, service providers or legal obligations change.

When we make changes, we will publish the updated policy on this page and revise the effective date above. Material changes may also be communicated through the app or website where appropriate.

Contact

For privacy questions, data requests or complaints, contact:

hello@setfeed.app