At Pebl, we believe your messages are yours. This Privacy Policy explains our privacy-first approach to message organization and how we handle your data with maximum protection.
1. Our Privacy-First Approach
Key Principle: Your data stays on your device.
- All message processing happens locally on your iPhone
- AI categorization runs on your device using your own OpenAI API key
- Messages are stored locally in your app, not on our servers
- We act only as a temporary message delivery service
2. What We Collect
Temporary Message Queue
- WhatsApp messages: Temporarily stored only until delivered to your app
- Phone number: To identify which messages belong to which user
- Message timestamp: To deliver messages in correct order
- Delivery status: To track when messages have been successfully delivered
Account Information
- WhatsApp phone number: To link your WhatsApp to the Pebl app
- Device identifier: To ensure messages go to the right device
- App usage data: Basic analytics for service improvement
3. How We Handle Your Messages
Temporary Storage Only
- Receive: WhatsApp messages are received by our server
- Queue: Messages wait temporarily until your app requests them
- Deliver: When you open Pebl, messages are sent to your device
- Delete: Messages are automatically deleted from our servers within 1 hour of delivery
Maximum Retention Limits
- Delivered messages: Deleted within 1 hour
- Undelivered messages: Auto-deleted after 7 days maximum
- No permanent storage: We never keep your messages long-term
4. WhatsApp Integration
Our WhatsApp integration is designed for minimal data exposure:
- Voluntary sending: We only receive messages you actively send to our WhatsApp Business number
- No conversation access: We cannot see your other WhatsApp conversations
- Temporary processing: Messages are only held until your app retrieves them
- Immediate acknowledgment: You receive confirmation when messages are queued
5. Local AI Processing
AI categorization happens entirely on your device:
- Your API key: You provide your own OpenAI API key
- Direct connection: Your app connects directly to OpenAI, not through our servers
- Local processing: Message categorization happens on your iPhone
- No AI data sharing: We never see your messages during AI processing
6. Data Security
We implement security measures appropriate for temporary data handling:
- Encrypted transmission: All data sent over HTTPS
- Access controls: Limited server access with authentication
- Automatic deletion: Built-in data expiration prevents long-term exposure
- Minimal data collection: We collect only what's necessary for message delivery
7. Your Privacy Rights
You have complete control over your data:
- Access: View any data we temporarily hold (usually none, as it's quickly deleted)
- Deletion: Request immediate deletion of any queued messages
- Unlinking: Remove your WhatsApp number from our system at any time
- Local control: Manage all your organized messages locally in the app
- Export: Export your locally stored messages anytime
8. What We Don't Do
Clear commitments about what we avoid:
- No message analysis: We don't read, analyze, or process your message content
- No AI on our servers: All AI processing happens on your device
- No data selling: We never sell, rent, or share your data
- No advertising: We don't use your data for advertising purposes
- No permanent databases: We don't maintain long-term message storage
9. Third-Party Services
WhatsApp Business API
- Used only for receiving messages you send to our business number
- Subject to WhatsApp's privacy policy for message transmission
- We don't access your personal WhatsApp conversations
OpenAI (Your Direct Connection)
- You connect directly to OpenAI using your own API key
- We don't intermediate this connection
- Subject to OpenAI's privacy policy for AI processing
- You control what data is sent to OpenAI
10. Data Retention Summary
| Data Type | Retention Period | Purpose |
|---|---|---|
| WhatsApp messages | 1 hour after delivery (max 7 days) | Temporary message queue |
| Phone number linking | Until you unlink | Message routing |
| Usage analytics | 30 days | Service improvement |
11. Children's Privacy
Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you are a parent and believe your child has provided us with personal information, please contact us.
12. International Users
If you use our service outside the United States:
- Your data may be processed on servers located in the United States
- We ensure appropriate safeguards for international data transfers
- The same privacy protections apply regardless of your location
13. Changes to This Policy
We may update this Privacy Policy occasionally. We will notify you of changes by:
- Posting the updated policy on this page
- Updating the "Last modified" date
- Sending notification through the app for significant changes
14. Contact Us
Questions about privacy? We're here to help:
- Privacy Email: privacy@thepebl.app
- General Support: support@thepebl.app
- Data Deletion Requests: privacy@thepebl.app
Privacy Summary
Your messages live on your device, not our servers. We simply act as a temporary delivery service, automatically deleting messages after they reach your app. Your privacy is built into our architecture, not just our policies.