Privacy Policy

Last updated: March 20, 2026

Overview

This app (“the App”) is an anonymous professional community for maritime industry professionals. We take your privacy seriously. This policy explains what data we collect, why, and how we protect it.

What We Collect

Email address: Collected during verification to confirm you work in the maritime industry. Your email is immediately hashed using SHA-256 encryption and the original email is not stored. We cannot reverse the hash to recover your email.

Profile information:Market segment, role type, years of experience, and hub city. This is provided voluntarily during onboarding and is displayed anonymously (e.g., “Broker · London”) — never linked to your real identity.

Posts, comments, and votes: Content you create within the app. This is associated with your anonymous handle, not your real identity.

Device information:We collect your device's push notification token to enable future notifications. We also collect basic device information (platform, OS version) for app stability purposes.

Anonymous authentication data: A session token is created when you use the app. This enables basic app functionality.

What We Do NOT Collect

• We do not store your email address in plaintext
• We do not collect your name, phone number, or physical address
• We do not track your location
• We do not collect contacts or photos
• We do not sell or share your personal data with third parties
• We do not serve advertisements

How We Use Your Data

• Email hash: Solely to verify you are a maritime industry professional and to prevent duplicate accounts
• Profile data: To display anonymous context alongside your posts (e.g., “Tanker Broker · Singapore”)
• Content: To display in the app's feed and channels
• Device token: To send you push notifications (with your permission)

Data Storage and Security

Your data is stored securely on Supabase (hosted on AWS). All data is encrypted in transit (TLS) and at rest. Row-level security policies ensure users can only access data they are authorized to see.

Data Retention

• Posts and comments: Retained as long as your account exists. Deleted posts are soft-deleted (hidden from view but retained for regulatory compliance purposes).
• Email hash: Retained as long as your account exists.
• Session data: Automatically expires and is refreshed.

Your Rights

• Delete your account: You can delete your account at any time from the Profile screen. This removes your profile and anonymizes your content.
• Access your data: Contact us to request a copy of your data.
• Modify your profile: You can edit your profile information at any time within the app.

Content Moderation

User-generated content may be reviewed for compliance with our community guidelines. Content that violates our terms (market manipulation, confidential information sharing, harassment) may be removed.

Children's Privacy

This app is rated 17+ and is not intended for use by anyone under 18 years of age. We do not knowingly collect data from minors.

Third-Party Services

• Supabase: Database and authentication (supabase.com/privacy)
• Expo: Push notifications and app delivery (expo.dev/privacy)
• Resend: Email delivery for verification codes (resend.com/legal/privacy-policy)

Changes to This Policy

We may update this policy from time to time. We will notify users of significant changes through the app.

Contact

For privacy questions or data requests, contact: magnus@baremitt.no