Is GHOOST completely anonymous?

Yes! GHOOST is 100% anonymous. No account, email, or phone number required. Your identity is never revealed to anyone.

How do I share secrets with friends?

Post your secret in the app, then share the generated QR code or link with friends via Instagram, TikTok, Snapchat, or any messaging app. Friends scan or tap to unlock your secret.

Do secrets disappear?

Yes, all secrets auto-delete after 24 hours. Once gone, they cannot be recovered.

Yes, GHOOST is completely free to download and use. No subscription, no hidden fees, no ads.

Privacy Policy

Last updated: 2026-01-19 | Effective: 2026-01-19

1. Introduction

Cybo Ltd ("we", "us", or "our") operates GHOOST ("the App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.

By using GHOOST, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the App.

2. Information We Collect

2.1 Information You Provide

Username: A display name you choose or one auto-generated for you
Avatar: Profile picture if you choose to upload one
Post Content: Images and text ("secrets") you create and share
Contacts (Optional): If you grant permission, we access your device contacts to help you find friends already using GHOOST

2.2 Automatically Collected Information

Anonymous User ID: A unique identifier generated when you first use the App
Device Information: Device type, operating system, and app version
Usage Data: How you interact with the App, including:
- Posts created and unlocked
- Sharing activity
- Engagement metrics (views, unlocks)
- Notification interactions
Referral Data: If you install via a referral link, we track the source for attribution

2.3 Information Processed On-Device Only

QR Code Scanning: Uses Google ML Kit for on-device barcode detection. No image data is sent to external servers for this feature.
Camera Access: Used only for creating posts; images are processed locally before upload.

2.4 Contact Information Handling

If you choose to enable friend discovery:

Phone numbers from your contacts are hashed locally on your device using SHA256 encryption
Only the hashed values (not actual phone numbers) are sent to our servers
We match hashes to help you find friends who also use GHOOST
We never store, share, or sell your actual contact information

3. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve the App
Enable you to create, share, and unlock content
Facilitate friend discovery (if you opt in)
Send notifications about activity on your posts
Track referrals and attribute app installs
Analyze usage patterns to improve user experience
Detect and prevent fraud, abuse, and security threats
Comply with legal obligations

4. Data Storage and Security

Your data is stored using Supabase, a secure backend service. We implement:

Encryption in Transit: All data transmitted between your device and our servers uses HTTPS/TLS encryption
Row-Level Security: Database policies ensure you can only access your own data
Anonymous Authentication: No passwords are stored; authentication is device-based
Secure Storage: Images are stored in secure cloud storage with access controls

5. Data Sharing

We do not sell your personal data.

We may share information with:

Service Providers: Third parties that help us operate the App (e.g., Supabase for hosting)
Legal Requirements: If required by law, court order, or to protect our rights
Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Your Rights and Choices

You have the right to:

Access: Request a copy of the data we hold about you
Delete: Request deletion of your account and associated data
Opt-Out: Disable friend discovery and contact syncing
Notifications: Manage notification preferences in your device settings

To exercise these rights, contact us at support@cybo.uk.

7. Data Retention

Posts: Expire and may be deleted after 24 hours by default
Account Data: Retained until you request deletion
Analytics Data: Aggregated and anonymized data may be retained indefinitely
Unlock Records: Retained for the lifetime of the associated post

8. Children's Privacy

GHOOST is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

If you believe we have collected information from a child under 13, please contact us immediately at support@cybo.uk and we will take steps to delete such information.

9. Third-Party Services

GHOOST uses the following third-party services:

Supabase: Backend infrastructure for authentication, database, and file storage. Supabase Privacy Policy
Google ML Kit: On-device barcode scanning. Processing occurs locally on your device; no data is sent to Google for this feature.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in compliance with applicable data protection laws.

11. Your Rights Under GDPR (EEA Users)

If you are in the European Economic Area, you have additional rights including:

Right to rectification of inaccurate data
Right to data portability
Right to restrict processing
Right to object to processing
Right to lodge a complaint with a supervisory authority

12. Your Rights Under CCPA (California Users)

If you are a California resident, you have the right to:

Know what personal information we collect
Request deletion of your personal information
Opt-out of the sale of personal information (we do not sell your data)
Non-discrimination for exercising your rights

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

We encourage you to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Company: Cybo Ltd
Email: support@cybo.uk
Website: https://ghoost.app