Download for iPhone

Privacy Policy

Privacy Policy.

Effective Date: [February 27, 2026]
Last Updated: [February 27, 2026]

At Brrro (“Brrro,” “we,” “us,” “our”), we take privacy and security seriously. This Privacy Policy explains what information we collect, how we use it, how we protect it, and your rights.

This Privacy Policy applies to our apps, websites, and related services (the “Services”).

1. Who We Are

Controller / Operator: [Legal Company Name]
Address: [Company Address]
Email: privacy@brrro.com
Support: support@brrro.com

2. Scope

This Privacy Policy applies when you use Brrro, including account registration, messaging, calls, stories, support, and subscription features.

3. Information We Collect

We collect the following categories of information:

3.1 Account and Profile Information

  • Phone number and/or email address
  • Username, display name, and optional profile photo
  • Account type and subscription status

3.2 Contact and Address Book Data

  • If you grant permission, we may access your contacts to help you find people on Brrro and send invitations
  • Contact data processing depends on your device permissions and settings

3.3 Encrypted Communication Data

  • Encrypted message payloads
  • Encrypted media payloads (attachments, story media)
  • Encrypted call signaling payloads (where applicable)

3.4 Metadata Needed to Operate the Service

  • Sender/recipient account identifiers
  • Device identifiers
  • Delivery status and timestamps
  • Message type indicators (for example text, image, voice, call event)
  • Group/thread identifiers required for routing

3.5 Device and Technical Information

  • Device model, OS version, app version
  • Push notification token(s)
  • Basic diagnostic logs and crash logs

3.6 Location Data

  • We process location only when you explicitly choose location-sharing features
  • Live location and location message data are optional and user-controlled

3.7 Subscription and Payment Data

  • Purchase status, plan, and renewal state
  • Payment processing is handled by Apple App Store / Google Play or other payment providers; we do not store full card details

3.8 Support and Communications

  • Information you send to support (emails, attachments, troubleshooting details)

4. How We Use Information

We use information to:

  1. Create and maintain your account
  2. Provide messaging, calls, stories, and related features
  3. Route encrypted data between intended participants
  4. Deliver notifications and prevent abuse/spam
  5. Support device security, key verification, and reliability
  6. Process subscriptions and entitlement checks
  7. Provide customer support and troubleshoot issues
  8. Improve performance, stability, and security

5. Encryption and Security Model

Brrro is built to protect content confidentiality:

  1. Message and media content are encrypted on-device before or during transmission in supported encrypted flows.
  2. Group and modern session flows use MLS-based secure messaging architecture.
  3. Attachment and story media are encrypted before upload in supported encrypted media paths.
  4. Calls use secure WebRTC transport encryption and encrypted signaling paths in modern flows.

Important boundary: even with encryption, some metadata is required for routing, delivery, anti-abuse, and reliability.

6. What We Can and Cannot Read

In normal encrypted operation, Brrro is designed so plaintext communication content is not generally available to our backend systems.
However, we may process operational metadata required to deliver the service.

If any feature includes optional preview text behavior (for example notification preview functionality), that data may be processed as part of notification delivery logic.

7. Legal Bases (EEA/UK/Similar Jurisdictions)

Where applicable, we process personal data under one or more of these legal bases:

  1. Contract performance (providing the Services)
  2. Legitimate interests (security, fraud prevention, service reliability)
  3. Consent (contacts, notifications, location, optional features)
  4. Legal obligations (compliance requests, lawful process)

8. Sharing of Information

We do not sell your personal data.

We may share data with:

  1. Infrastructure and hosting providers
  2. Push notification providers (Apple, Google)
  3. Authentication/verification providers (for example SMS/email verification services)
  4. Customer support and analytics providers (where used)
  5. Payment platforms (Apple/Google/integrated processors)
  6. Authorities when required by law

We require vendors to process data under contractual safeguards and security obligations.

9. International Transfers

Your data may be processed in countries other than your own.
Where legally required, we use appropriate safeguards for cross-border transfers.

10. Data Retention

We retain data only for as long as needed for the purposes in this Policy, including legal, security, and operational needs.

General approach:

  1. Account data: retained while account is active and as required afterward
  2. Operational logs: retained for limited security/diagnostic periods
  3. Encrypted relay/service data: retained according to service delivery and expiry rules
  4. Support records: retained as needed to resolve issues and comply with legal obligations

11. Security Measures

We implement technical and organizational controls including:

  1. Encryption at rest/in transit where applicable
  2. Access controls and least-privilege principles
  3. Key management and device/session verification mechanisms
  4. Monitoring, logging, and incident response procedures

No system is 100% risk-free, but we continuously improve security controls.

12. Your Rights

Depending on your jurisdiction, you may have rights to:

  1. Access your personal data
  2. Correct inaccurate data
  3. Delete your data
  4. Restrict or object to certain processing
  5. Data portability
  6. Withdraw consent (where processing relies on consent)
  7. Lodge a complaint with a supervisory authority

To exercise rights, contact: privacy@brrro.com.

13. California Privacy Rights (if applicable)

California residents may have rights under CCPA/CPRA, including:

  1. Right to know categories and specific pieces of personal information collected
  2. Right to delete
  3. Right to correct
  4. Right to opt out of sale/share (we do not sell personal data)
  5. Right to non-discrimination

Requests: privacy@brrro.com.

14. Children’s Privacy

Brrro is not intended for children under [13/16 – choose one per your policy].
We do not knowingly collect personal information from children below the applicable minimum age.

15. Third-Party Services

Our Services may integrate third-party services (for example app stores, mapping services, notification systems, verification providers). Their processing is governed by their own terms and privacy policies.

16. Changes to This Policy

We may update this Privacy Policy from time to time.
If changes are material, we will provide appropriate notice in-app or on our website.

17. Contact Us

For privacy questions or requests:

[Legal Company Name]
Email: privacy@brrro.com
Support: support@brrro.com
Address: [Company Address]