Palphone is built and operated by PROSHOT PTY. LTD. (ABN 60652902166), headquartered at Level 12, Suite 1220, 401 Docklands Drive, Docklands 3008, Melbourne, Victoria, Australia.
Who we are
Data controller: PROSHOT PTY. LTD. · Address: Level 12, Suite 1220, 401 Docklands Drive, Docklands 3008, Melbourne, Victoria, Australia · Contact: privacy@palphone.com
EU/UK representative & DPO: Not appointed at this time; we will update this page if that changes.
Summary
- No email or phone number is required to create a Palphone account.
- Chats are end-to-end encrypted (E2EE). Files are not E2EE.
- Chats are deleted after delivery; files are deleted after download or after 7 days if not downloaded.
- Profile data is optional and not verified.
- We do not sell personal data or use it for third-party advertising.
Data we process
Account & profile (optional; user-provided, visible to others in-app)
- Display name (نام کاربر)
- Avatar/profile photo (آواتار)
- Gender (جنسیت)
- Country and city of account registration (کشور/شهر)
- Bio (بایو)
- Interests (علایق)
- Purpose/Goals (هدف)
- Education level (تحصیلات)
- Occupation (شغل)
Messaging
E2EE message content (we cannot read it) and non-E2EE file uploads for delivery.
Metadata
Minimal routing data (for example sender and recipient identifiers, timestamps, delivery status).
Device/Logs
IP address, device identifiers, app version, crash and diagnostics (for example Firebase Crashlytics), security events.
Payments (if applicable)
Handled by the Apple App Store and Google Play. We receive limited transaction metadata (for example purchase status), not full payment details.
Website
Strictly necessary cookies, Google Analytics (consent-based where required) and Cloudflare performance/security analytics.
Safety & Moderation (profiles only)
Automated checks of profile and bio images via AWS Rekognition plus possible manual human review for bio videos. Files exchanged in chats are not scanned.
Why we use your data (GDPR/UK GDPR legal bases)
- Provide the Service (route messages/files, deliver notifications): contract.
- Security & abuse prevention (spam/misuse detection, automated image checks, manual bio-video review): legitimate interests and legal obligations where applicable (for example CSAM).
- Diagnostics & improvements (for example Crashlytics): legitimate interests or consent where required.
- Payments (premium features): contract and legal obligations.
- Compliance (court orders, lawful requests): legal obligations.
Retention
- Chats: deleted after delivery.
- Files: deleted after download, or after 7 days if undownloaded.
- Profile data: kept until you edit or delete it, or delete your account.
- Logs/metadata: kept for 30 days for security/troubleshooting and legal compliance.
- Backups: server backups exclude message contents; E2EE chats are not recoverable by us. Users manage their own device backups.
Security
We apply administrative, technical, and physical safeguards. Chat keys stay on user devices. Files are encrypted in transit and at rest on our servers but are not E2EE.
International transfers
Palphone operates globally. When data is transferred outside your region (for example EU/UK), we rely on standard contractual clauses or other lawful mechanisms and assess vendor safeguards.
Your rights
Depending on your location (for example EU/UK, California, India), you may be entitled to access, correct, delete, port, object/restrict, or opt out. Email privacy@palphone.com from the device you use with Palphone so that we can complete limited verification. We respond within the timelines.
Children
Palphone is for 18+ only. If you believe a minor is using Palphone, contact safety@palphone.com and we will take action.
Changes
We will update this policy from time to time. Material changes will be announced in-app or on our site with a new “Last updated” date.
Contact
privacy@palphone.com · safety@palphone.com · legal@palphone.com
Mail: Level 12, Suite 1220, 401 Docklands Drive, Docklands 3008, Melbourne, Victoria, Australia