StealthTalk is an instant messenger that provides secure messages and calls to users around the world. StealthTalk allows you to encrypt and send audio, voice, text messages and files, and conduct voice calls so that you can communicate safely.
We are determined to be as transparent as possible when clarifying how we use your data in providing our Services. To maintain the platform's integrity, we limit access to this information to authorized employees who need to know that information to operate, develop, or improve our Services.
We provide physical, electronic, and procedural safeguards to protect the information we process and maintain to rule out unauthorized access to data and its misuse. Data processing and protection is carried out in accordance with applicable legal regulations and GDPR.
By using our Services, you agree to the collection, processing, and use of data as described below. If you do not want to be bound by these agreements, you may not use our Services.
If you voluntarily provide your data for us to provide the Services, you confirm in accordance with Art. 8 GDPR that you are at least 16 years old or that you have obtained consent from the legal guardian or the holder of parental responsibility.
If we discover that we have allowed a user under 16 to access and use our Services, we will take appropriate steps to remove such an account and erase all information associated with it. If you're under 16, please do not provide any information to StealthTalk Services.
If you live in a country outside the European Region, you must be at least 13 years old to use StealthTalk Services.
Information Required to Provide Services
To provide our Services to you, StealthTalk has to collect some information.
We are committed to the ethical collection of your information. This process is necessary to provide our Services to you. Information we collect, receive, or have access to is used to provide the Services, to allow you to send and receive messages and files, and to improve the Services.Data required to provide Services is classified into three categories: user-provided information, optional user-provided information, and automatically collected information. All information is processed in accordance with applicable data protection and privacy laws.
StealthTalk does not rent, sell, or distribute your data to third parties. Your personal data is also never shared with any third party for targeted ads and never processed for user profiling. StealthTalk also doesn’t have ads.
Your conversations, metadata, and other sensitive information are encrypted with encryption keys that are stored on your device only.
After you download StealthTalk, we collect information from you to allow you to create a StealthTalk account to use our Services. Upon registration, StealthTalk will ask you for the following information:
- Phone Number
Your phone number is how we can identify you as a user, and it is required to allow others to contact you via StealthTalk. StealthTalk does not send, sell, or share phone number information under any circumstances, the same applies to your phonebook contacts. All phone numbers are stored and preserved in a hashed form.
Additionally, StealthTalk contacts are required to have each other’s numbers in their contacts to see each other within the application. Only once you have a person's phone number in your phonebook, and the person has your number in theirs, you will know the two of you are using StealthTalk. This is done to ensure your privacy and prevent untrusted parties from knowing you use StealthTalk.
If StealthTalk identifies that a significant number of phonebook entries are missing from your device, it will automatically enforce an additional authentication factor check to rule out the possibility of unauthorized third-party access to your sensitive data.
In StealthTalk, the passcode is a security measure that protects your in-app data from unauthorized access.
We require you to make a strong passcode when using StealthTalk, and ask you to remember it, as we never store your passcode on our servers and don’t store it in plain text in any form on your device. We recommend using long, unique passcodes consisting of a mix of upper- and lower-case letters, numbers, and symbols.
StealthTalk use is impossible without knowing the passcode. In case you forgot your passcode, please use the ‘Forgot Passcode’ option that can be found below the passcode entry field.
- Security Question and Answer
Security questions and answers are a part of the recovery information required for a passcode reset. StealthTalk provides you with some secret question suggestions, but also allows you to input this data manually, so that you can customize it.
If you forgot the answer to your security question, please contact us at firstname.lastname@example.org from your recovery email address. In your message, please specify the phone number your StealthTalk account is registered to.
After verifying that your phone number is linked to a StealthTalk account that matches the recovery email, we will send you an SMS with a code. You will need to send this code back to the StealthTalk support representative, who will manually reset your security question.
By refusing to provide any, or providing unauthentic information in your recovery information, you risk locking yourself out of your StealthTalk account.
StealthTalk can see security questions, but never the answers.
- Email Address
Your email address is collected for security and onboarding purposes.
Firstly, your recovery email is used to enable account recovery and passcode reset. Upon successfully answering the security question, a code will be sent to your recovery email, which would allow you to reset your current passcode. Your email address is not visible to other StealthTalk users.
Secondly, email provides you with a viable possession factor to enable multi-factor authentication in StealthTalk, in case the application indicates suspicious activity for your account.
Finally, email is used to send you a welcome email and a newsletter sequence (eight emails over fourteen days) with information about StealthTalk technology and its features. You can unsubscribe from the newsletter anytime, and for that purpose, there is a link at the end of every newsletter email.
Optional User-Provided Information
Within StealthTalk, we provide a few features for your convenience. Some of these features might notify third parties about your use of StealthTalk and be visible to other StealthTalk users.
- Customer Support
You can provide us with information related to your use of our Services and how to contact you so we can provide you customer support.
You may send us an email with information relating to our app performance or other issues.
In an effort to improve our services and help our customers with any questions they might have about StealthTalk, we have developed a collection of the most commonly asked questions and answers, which are available here.
If you want to invite others to StealthTalk, you will be provided with options to share the invite link via third party services.
- Payment Information
If you pay for our Services, we may receive information and confirmations, such as payment receipts.
StealthTalk does not process users’ payments, and relies on PayPal as a payment provider. It is the payment provider that handles and stores your credit card details. Neither StealthTalk nor its developers have access to this information.
When making a subscription purchase, you enter your credit card details into a form supplied by the payment provider that will process the payment. This information goes directly to the payment provider's server. Your credit card information never reaches StealthTalk's servers.
StealthTalk only has information about your subscription status, and saves evidence of the payment.
- Push Notifications
As push notifications are functions of your device’s operating system, your device operating system’s manufacturer will know that you are using the Service, but will be unable to see the content of the messages you transmit using the Service.
If push notifications are enabled, you will receive notifications about incoming messages on your device’s home screen, which will potentially contain the sender’s name, as set in your StealthTalk contacts.
If you don’t want others to see who is messaging you on StealthTalk, you can disable notifications in your settings. You will continue to receive messages, but notifications will not appear on your home screen.
Automatically Collected Information
StealthTalk collects three types of information automatically during your setup and use of the StealthTalk: Aggregate Usage Data, Crash Logs, Device Information.
- Aggregate Usage Data
During the operation of our services, we collect aggregated, anonymous information about basic usage statistics.
For example, the number of messages sent by all StealthTalk users daily, what types of messages our users tend to send, the most used features. We never attempt to identify users associated with any of this information.
We may use some aggregated data about how you use StealthTalk to build useful features.
- Crash Logs
For error correction, debugging, and system continuity, StealthTalk transmits crash logs to a Firebase bug reporting platform. The logs do not contain any user personal information, and they pertain only to StealthTalk.
- Device Information
StealthTalk may collect hashed representations of your mobile device’s hardware ID or other platform-related information during registration. This information is used to tie your account to your device.
StealthTalk requires the following permissions to deliver its private messaging services and ensure all features are operational:
- Contacts: Contacts permission is used to match you with your contacts using phone number hashes. StealthTalk does not monetize, collect, or store your address book data.
- Microphone: Microphone access is required to make secure voice calls.
- Bluetooth & Location: Bluetooth and location access is needed to locate devices close to you and enable encryption key exchange.
- Camera: Camera access is required to add new contacts via QR code and send pictures with the built-in camera.
Storage: Storage access is required to store images and files that you receive in chats.
We continuously work on improving our Services and raising awareness about our products.
A cookie is a small text file placed in visitors’ browsers to help us learn when users arrive at our website, how they use the website, when they leave and come back. These cookies can never be used to identify user accounts within StealthTalk.
Data Protection Policy
The following are your user rights regarding to our data protection policy.
You may access the data we hold about you at any time by contacting us directly.
You may correct any inaccurate or incomplete personal data we hold on you.
- Erase and forget
You can terminate your messages or account at any time.
Once terminated, your account will be irrevocably suspended, ensuring that nobody can use that StealthTalk profile again.
If you wish to terminate your StealthTalk account, go to Settings, “Delete Account”, enter your passcode and confirm the action.
You may obtain information about the personal data that we hold on you.
You may contact us anytime to opt-out of:
(i) direct marketing communications and onboarding newsletter or
(ii) the transfer of your personal data outside the European Region. Please note that your use of some of the Services may become ineffective upon opt-out.
- Request a Copy
You may request a copy of all data that we store and to transmit that copy to another data controller.
You may contact us at email@example.com on any questions you may have about your personal data.
Data Retention Policy
The personal data that you provide will only be stored for as long as it is necessary for us to fulfill our obligations in respect of the provision of the Services.
You control how long your messages are accessible to the recipients through self-destructing timer settings. However, there is no way for us to prevent someone from using a camera to take a picture of a message on a screen. Therefore, we strongly encourage you to only send private messages or sensitive information to people you know and trust.
We retain certain account data (i.e., types of messages sent and account settings changes) which contain no Personally Identifiable Information (PII).
We do not share your personal data with data centers. All data is stored in an encrypted state so that local StealthTalk engineers or physical intruders cannot access or read it.
Your messages, media, and chat files, the contents of your calls, and the data you store are processed only on your device and on the device of your recipient. All data is encrypted with a key known only to you and the recipient before this data reaches our servers.
While StealthTalk servers will handle this end-to-end encrypted data to deliver it to the recipient, we have no way of decrypting the information. We neither store nor process your personal data, rather we store and process random sequences of symbols that have no meaning without the encryption keys that belong only to you.
StealthTalk only temporarily stores encrypted messages on its servers and automatically deletes them after they are sent to the recipient. This is done to enable StealthTalk to send messages to users who are not currently online.
Our servers store encrypted messages that you send and receive to ensure their reliable delivery. All messages are deleted when the recipient gets the message, or when the account is deleted or reinstalled.
To improve StealthTalk’s products, website, and marketing, we may engage with various third parties that have access to the limited data users voluntarily share with StealthTalk via web forms, cookies, or customer support.
We carefully select each of our partners based on StealthTalk’s commitment to user privacy and security.
Our security team verifies each prospective partner to ensure its policies and practices are not undermining StealthTalk’s efforts.
- To deliver a confirmation SMS to our users, we use Twilio.
- To host our website, we use WP Engine.
- To deliver the newsletter with information concerning our Services, we use SendFox.
- To maintain user emails, we use Zoho Desk.
- To provide confirmation codes via email, we use SendGrid.
- To facilitate subscription payments, we use PayPal.
- To enable app distribution for iOS devices, we use the Apple App Store.
- To enable app distribution for Android devices, we use Google Play.
Each of these companies have their own policies for handling and processing user data. Please review the respective privacy policies for a more in-depth understanding of their practices.
Your messages, media, and chat files, message history, the contents of your calls, and the data you store are processed only on your device and on the device of your recipient. All data is encrypted with a key known only to you and the recipient before this data reaches our servers.
While StealthTalk servers will handle this end-to-end encrypted data to deliver it to the recipient, we have no way of decrypting the information. We neither store nor process your personal data, rather we store and process hashes that have no meaning without the encryption keys that belong only to you.
The only information that can be required by law enforcement concerns the existence of a StealthTalk account tied to the phone number. We require a warrant before handing over the contents of communications; however, because of the nature of our technology, the contents of communications will be encrypted and undecipherable if obtained.
We will always notify our users of any third party requests for their information unless we are legally prohibited from doing so.
When you use StealthTalk services, we may collect log files. The collection of log files serves the purpose of providing StealthTalk Services. Anonymous log files are kept only to facilitate troubleshooting, improve the service, and prevent service misuse.