Back

Privacy Policy

Last updated: April 9, 2026

1. Introduction

EchoIto ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and disclose information when you use our mobile application ("App"). Privacy is not a feature of EchoIto — it is the foundation.

2. Information We Collect

We collect information to provide, improve, and secure the App.

Information You Provide Directly

• Account information: When you create an account or log in, we collect your email address, password (stored securely hashed), username/display name, and any other details you provide during registration.
• Journal entries: The text content of your journal entries is used to generate semantic embeddings for the resonance matching feature. All journal entries are protected by End-to-End Encryption (E2E) and stored in a format we cannot read.
• Matching preferences: Your consent choices regarding anonymous matching and any actions you take within the matching system (connecting, blocking, revealing identity).
• Chat messages: Content of messages you send in matched conversations. All chats are secured with End-to-End Encryption, meaning only you and your match can read them.
• Other: Any feedback, support requests, or information you voluntarily provide.

Automatically Collected Information

• Device and usage data: IP address, device type/model, operating system version, unique device identifiers, app version, crash logs, performance data, and general usage patterns.
• Log data: Timestamps, actions within the app (e.g., writing entries, viewing matches, accessing insights).

AI-Generated Data

• Semantic embeddings: We generate mathematical representations (vectors) of your journal entries for the purpose of finding resonance matches. This happens via a secure "Compute-then-Encrypt" pipeline: your plaintext is briefly in working memory to compute the embedding, and then immediately end-to-end encrypted before it is ever saved. These embeddings capture meaning but cannot be reversed into your original text.

We do not collect location data. We do not collect sensitive personal information (e.g., financial details, health data) unless directly present in journal entries you choose to write.

We practice data minimization — we collect only the information strictly necessary to provide the App's core functionality and do not repurpose it beyond the stated uses.

3. How We Use Your Information

We use the collected information solely for the following purposes:

• To provide core features: Account creation/login, journal entry storage, AI-powered resonance matching, anonymous communication, and insights visualization.
• To facilitate matching: Semantic embeddings are compared to find journal entries with similar meaning. Matches are presented anonymously through our double-blind system.
• To improve the App: Analyze aggregated/anonymized usage patterns to enhance functionality, fix bugs, and develop new features.
• To communicate with you: Send essential service notifications (e.g., password resets, security alerts) or respond to support inquiries.
• To ensure security: Detect and prevent fraud, abuse, or unauthorized access.

We do not use your data for advertising, marketing, profiling, or any purpose unrelated to operating and improving the App. Your data is never sold, rented, or used for commercial purposes.

AI Transparency

EchoIto uses artificial intelligence solely to generate semantic embeddings — mathematical representations of meaning — from journal entries. These embeddings are used exclusively to find thematic similarities between entries for the resonance matching feature. No AI-generated content is presented as human-written, and AI is never used to make decisions that affect your rights or access to the service.

4. Anonymous Matching & Double-Blind Privacy

Our resonance matching system is designed with privacy at its core:

• When a match is found, both users see only a short excerpt of the matched text — never a name, profile photo, or identifying information.
• Identity is revealed only when both users mutually consent to connect.
• You can block any match instantly at any stage.
• Journal entries are compared by meaning (semantic embeddings), not by sharing raw text between users.

5. Sharing and Disclosure of Information

We do not share your personal information with third parties except in limited circumstances:

• With matched users: Only the specific text excerpts involved in a resonance match are shown to the other party, anonymously. No identifying information is shared unless both parties consent.
• Service providers: We use trusted third-party providers (e.g., Google Firebase for authentication and database hosting, OpenAI for semantic embedding generation) that process data on our behalf under strict confidentiality agreements.
• Legal requirements: If required by law, court order, or to protect our rights, users, or the public.
• Business transfers: In the event of merger, acquisition, or sale of assets, your data may be transferred with notice where required.

We do not share, sell, or rent your personal data to third parties for their own purposes. All third-party service providers are contractually required to maintain the same level of data protection as described in this policy and as required by applicable law.

6. Data Storage and Security

We employ a strict "Compute-then-Encrypt" architecture, ensuring your sensitive data is never stored in plaintext by our services. All journal entries and chat messages are encrypted using End-to-End Encryption (HPKE and AES-256) before touching our databases. The private keys to unlock your data are stored securely on your local devices and synchronized natively via Apple's iCloud Keychain. They are never sent to our servers. Because of this zero-knowledge approach, neither our staff nor any third party can read your journal entries or private chats.

Your non-encrypted account data (such as login credentials) is stored securely using industry-standard encryption in transit and at rest. Data is primarily hosted in secure cloud servers in the US.

We retain your data only as long as necessary for the purposes outlined or as required by law. If you delete your account, we will delete or anonymize your personal data within a reasonable timeframe (subject to any legal retention obligations).

7. Your Rights and Choices

You control your data:

• Access your data: You may request a copy of your personal data at any time by emailing privacy@echoito.com. We will respond within 30 days.
• Delete your data: You may initiate account deletion directly within the App Settings menu or by emailing privacy@echoito.com.
• Data removal: Upon account deletion, all personal data (including your profile, journal entries, embeddings, matches, and chat history) will be permanently removed from our active databases within 30 days.
• Withdraw consent: You may withdraw consent for data processing at any time by deleting your account. Upon withdrawal, all data collection will cease and your data will be deleted as described above.
• Matching controls: You can opt out of matching at any time, block any matched user, and control when your identity is revealed.

8. Children's Privacy

The App is not intended for children under 13. We do not knowingly collect personal information from children. If we learn we have collected such data, we will delete it promptly.

9. International Transfers

If you are outside the US, your data may be transferred to and processed in other countries. We ensure appropriate safeguards for such transfers.

10. Changes to This Policy

We may update this policy occasionally. Changes will be posted here with an updated effective date. Significant changes will be notified in the App or via email. Continued use after changes constitutes acceptance.

11. Contact Us

For questions, requests, or concerns about this Privacy Policy or your data, contact:

EchoIto
privacy@echoito.com

Thank you for using EchoIto. We value your trust and privacy.