Privacy Policy
Your privacy matters at every step.
This page explains what data Unsaid collects, what data is not collected, and how retention and deletion are handled. The policy is written to match the current behavior of the platform.
Last updated: April 8, 2026
What we collect
Data collected to operate Unsaid
Account details: username, email address, encrypted password hash, verification status.
Message data: anonymous message content and message creation timestamp.
Security metadata: OTP verification flow details and account preference settings such as message acceptance mode.
Technical logs: basic server and platform diagnostics used for security and reliability.
What we do not collect
Identity and payment limits
Unsaid does not ask anonymous senders for name or email when sending a message.
Unsaid does not provide recipient email addresses to anonymous senders.
Unsaid does not collect payment card data because no card-based billing is currently used.
Retention and deletion
How long data is kept
Anonymous messages remain in recipient inbox until deleted by the account owner.
Email verification OTP codes expire in around 10 minutes.
Account records remain active until account deletion is requested and completed.
Users can request account and related data deletion by contacting support.