Privacy Policy

Last updated: March 18, 2026

1. Introduction

EchoIto ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and disclose information when you use our mobile application ("App"). Privacy is not a feature of EchoIto — it is the foundation.

2. Information We Collect

We collect information to provide, improve, and secure the App.

Information You Provide Directly:

  • Account information: When you create an account or log in, we collect your email address, password (stored securely hashed), username/display name, and any other details you provide during registration.
  • Social Login Data: If you choose to log in via Sign in with Apple or Google, we receive a unique identifier and the email address associated with that account. We respect your choice to use "Hide My Email" features provided by Apple.
  • Journal entries: The text content of your journal entries, which is used to generate semantic embeddings for the resonance matching feature.
  • Matching preferences: Your consent choices regarding anonymous matching and any actions you take within the matching system (connecting, blocking, revealing identity).
  • Chat messages: Content of messages you send in matched conversations, including text shared after mutual identity reveal.
  • Other: Any feedback, support requests, or information you voluntarily provide.

Automatically Collected Information:

  • Device and usage data: IP address, device type/model, operating system version, unique device identifiers, app version, crash logs, performance data, and general usage patterns.
  • Log data: Timestamps, actions within the app (e.g., writing entries, viewing matches, accessing insights).

AI-Generated Data:

  • Semantic embeddings: We generate mathematical representations (vectors) of your journal entries for the purpose of finding resonance matches. These embeddings capture meaning but cannot be reversed into your original text.

We do not collect location data. We do not collect sensitive personal information (e.g., financial details, health data) unless directly present in journal entries you choose to write.

3. How We Use Your Information

We use the collected information solely for the following purposes:

  • To provide core features: Account creation/login, journal entry storage, AI-powered resonance matching, anonymous communication, and insights visualization.
  • To facilitate matching: Semantic embeddings are compared to find journal entries with similar meaning. Matches are presented anonymously through our double-blind system.
  • To improve the App: Analyze aggregated/anonymized usage patterns to enhance functionality, fix bugs, and develop new features.
  • To communicate with you: Send essential service notifications (e.g., password resets, security alerts) or respond to support inquiries.
  • To ensure security: Detect and prevent fraud, abuse, or unauthorized access.

We do not use your data for advertising, marketing, profiling, or any purpose unrelated to operating and improving the App. Your data is never sold, rented, or used for commercial purposes.

4. Anonymous Matching & Double-Blind Privacy

Our resonance matching system is designed with privacy at its core:

  • When a match is found, both users see only a short excerpt of the matched text — never a name, profile photo, or identifying information.
  • Identity is revealed only when both users mutually consent to connect.
  • You can block any match instantly at any stage.
  • Journal entries are compared by meaning (semantic embeddings), not by sharing raw text between users.

5. Sharing and Disclosure of Information

We do not share your personal information with third parties except in limited circumstances:

  • With matched users: Only the specific text excerpts involved in a resonance match are shown to the other party, anonymously. No identifying information is shared unless both parties consent.
  • Service providers: We use trusted third-party providers (e.g., Google Firebase for authentication and database hosting, OpenAI for semantic embedding generation) that process data on our behalf under strict confidentiality agreements.
  • Legal requirements: If required by law, court order, or to protect our rights, users, or the public.
  • Business transfers: In the event of merger, acquisition, or sale of assets, your data may be transferred with notice where required.

We do not share, sell, or rent your personal data to third parties for their own purposes.

6. Data Storage and Security

Your data is stored securely using industry-standard measures (encryption in transit/rest, access controls). Data is primarily stored in secure cloud servers in the US.

We retain your data only as long as necessary for the purposes outlined or as required by law. If you delete your account, we will delete or anonymize your personal data within a reasonable timeframe (subject to any legal retention obligations).

7. Your Rights and Choices

You control your data:

  • How to Delete: You may initiate account deletion directly within the App Settings menu or by emailing privacy@echoito.com.
  • Data Removal: Upon account deletion, all personal data (including your profile, journal entries, embeddings, matches, and chat history) will be permanently removed from our active databases within 30 days.
  • Matching controls: You can opt out of matching at any time, block any matched user, and control when your identity is revealed.

8. Children's Privacy

The App is not intended for children under 13. We do not knowingly collect personal information from children. If we learn we have collected such data, we will delete it promptly.

9. International Transfers

If you are outside the US, your data may be transferred to and processed in other countries. We ensure appropriate safeguards for such transfers.

10. Changes to This Policy

We may update this policy occasionally. Changes will be posted here with an updated effective date. Significant changes will be notified in the App or via email. Continued use after changes constitutes acceptance.

11. Contact Us

For questions, requests, or concerns about this Privacy Policy or your data, contact:

EchoIto
privacy@echoito.com

Thank you for using EchoIto. We value your trust and privacy.