Privacy Policy

Last Updated: February 2026

Wister ("we", "us", "our") operates the Wister mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the App.

1. Information We Collect

1.1 Information You Provide

Data	Purpose
Phone number	Account creation and authentication via SMS verification
Display name, username, bio	Profile visible to your contacts
Profile photo	Profile avatar visible to your contacts
Birthday and nameday	Celebration reminders for your contacts
Chat messages	Facilitating communication between users
Story images	Sharing temporary visual content (auto-deleted after 24 hours)

1.2 Information Provided by Gift Repurchase Program Participants

If you participate in the Gift Repurchase Program (Section 7 of our Terms of Service), we may additionally collect:

Data	Purpose
Government-issued ID (passport, national ID card, or driver's license)	Identity verification (KYC) via Stripe Identity, as required by applicable law
Selfie / facial image	Biometric verification via Stripe Identity to confirm document authenticity (processed by Stripe, not stored by Wister)
Tax identification number (ΑΦΜ, TIN, or equivalent)	Tax reporting obligations under DAC7 and applicable law
Tax documentation (W-9, W-8BEN, Greek tax declaration forms)	Tax compliance and withholding obligations
PayPal email	Processing repurchase payments
Gift Instance ownership data	Verifying eligibility and ownership of Gift Instances submitted for repurchase

Stripe Identity: Identity verification is performed by Stripe Identity, a third-party service. When you submit identity documents, they are transmitted directly to Stripe for processing. Stripe may collect biometric data (facial imagery) for document verification. Wister receives only the verification result (verified/not verified) and basic identity information. Wister does NOT store your identity documents or biometric data. For details on how Stripe processes your data, see Stripe's Privacy Policy.

1.3 Information Collected Automatically

Data	Purpose
Firebase Installation ID	Anonymous app instance identifier used for analytics and notifications
Device token (FCM)	Delivering push notifications
Online status and last seen	Showing availability to your contacts
IP address	Security, fraud prevention, approximate geolocation for regulatory compliance (collected by Firebase)
Device information	Device model, operating system version, app version — used for compatibility, debugging, and security
Transaction history	Recording Ruby purchases, gifts, and repurchase requests
Gift and transaction patterns	Gift frequency, volume, and recipient patterns — used for fraud detection and risk scoring (see Section 2A)
App usage data	Feature interactions, screen views, and in-app events — collected via Firebase Analytics for service improvement
Notification interactions	Whether push notifications are opened or dismissed — used to improve notification relevance

1.3B Location Data (Story Location Sticker)

When a user chooses to add a location sticker to a Story, the App may access the device's location (with permission) to retrieve the city name. The geographic coordinates are not stored. Only the selected location label (e.g., "Athens") is saved as part of the Story content. Location data is not shared with third parties and is used solely for in-app functionality.

Permission: Location access is requested only when using the location sticker feature and requires explicit user consent.
Accuracy: Approximate location (medium accuracy) is used — precise GPS coordinates are not collected or stored.
Retention: The location label is part of the Story and is automatically deleted after 24 hours along with the Story content.
Optional: This feature is entirely optional. You can create Stories without a location sticker.

1.3A No Advertising or Tracking

Wister does NOT:

Use advertising identifiers (IDFA on iOS, Google Advertising ID on Android)
Integrate any advertising SDKs or ad networks
Implement App Tracking Transparency (ATT) tracking
Use attribution SDKs (such as AppsFlyer, Adjust, or Branch)
Serve advertisements of any kind within the App
Sell, share, or transmit your data to advertisers or data brokers

Firebase Analytics is used solely for anonymous, aggregated usage statistics to improve the App. No personally identifiable information is shared with advertising networks.

1.4 Contact Synchronization (Friend Discovery)

Contact sync is an optional feature used solely for friend discovery — finding which of your existing phone contacts already use Wister. You can enable or disable it at any time.

How it works:

When you enable contact sync, your device contacts' phone numbers are read locally on your device.
Phone numbers are sent securely (via HTTPS) to our Cloud Function for a one-time comparison against registered Wister users.
Your contacts' phone numbers are NOT stored on our servers. They are used only for the comparison and are discarded immediately after the lookup completes.
Only the matched Wister user IDs (not phone numbers) are stored in your private account data to maintain your contacts list within the App.
Contact names, emails, addresses, or any other contact information beyond phone numbers are never read or transmitted.
Contact data is NOT shared with any third parties other than Firebase (our database and infrastructure provider).

What is stored:

Your own phone number: Stored securely in your private account data and in an internal lookup index to allow other users to find you (if they have your number in their contacts).
Matched user IDs: A list of Wister user IDs corresponding to your contacts who use the App. This list contains no phone numbers.
Your contacts' phone numbers: NOT stored. Used only for real-time comparison and immediately discarded.

You are in control:

Contact sync is not enabled by default — you must explicitly grant permission.
You can revoke contact access at any time in your device settings or within the App.
Deleting your account removes your phone number from the lookup index and deletes all stored contact match data.

1.5 Voice and Video Calls

Voice and video calls within the App are powered by Agora.io. During calls, the following data is processed:

Data	Details
Audio and video streams	Transmitted in real-time between participants. Calls are NOT recorded or stored by Wister or Agora.
Call metadata	Call duration, timestamp, and participant user IDs — stored by Wister for service functionality.
Network quality metrics	Collected by Agora to optimize call quality (e.g., latency, packet loss).

Encryption: All voice and video calls use Agora's encrypted transmission protocols.

No recording: Neither Wister nor Agora records or stores the content of your calls.

For more information, see Agora's Privacy Policy.

1.6 Information from Third Parties

Source	Data	Purpose
Google Play Services	Purchase verification tokens	Verifying in-app purchases of Rubies
Apple App Store	Purchase receipts	Verifying in-app purchases of Rubies

2. How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the App
Create and manage your account
Enable real-time messaging between users
Process Ruby purchases via Stripe
Administer the Gift Repurchase Program, including eligibility assessment, identity verification (via Stripe Identity), risk scoring, fraud detection, and payment processing via PayPal
Send push notifications for new messages, gift receipts, celebration reminders, and service-related announcements (you can manage notification preferences in your device settings at any time)
Detect and prevent fraud, abuse, and security incidents (see Section 2A)
Comply with legal obligations
Improve and personalize the App experience

2A. Fraud Detection and Risk Profiling

To protect our community and the integrity of the Gift and Gift Repurchase systems, Wister operates an automated fraud detection system that processes certain data to identify potentially abusive activity.

What data is processed:

Data	Purpose
Gift transaction patterns	Frequency, volume, and timing of gifts sent and received — to detect velocity anomalies and coordinated schemes
Payout account details	PayPal email — to detect shared payout accounts across multiple users
Repurchase request history	Frequency, amounts, and timing of repurchase requests — to detect suspicious patterns
Risk score	Computed score (0–100) based on transaction patterns — used to flag accounts for manual review before repurchase approval
Account age and activity	Account creation date relative to transaction volume — to identify new account exploitation
Chargeback and dispute history	Payment disputes filed via Stripe or app stores — to detect refund abuse

How it works:

Transaction patterns are analyzed by our automated systems to calculate a risk score (0-100) for each account.
Risk scores are based on configurable thresholds and do not involve profiling based on personal characteristics such as race, ethnicity, religion, gender, or political beliefs.
Accounts that exceed risk thresholds may be flagged for manual review by our team. No automated decision results in account suspension or payout denial without human review, except in cases of confirmed chargebacks or payment disputes where payout freezes are applied automatically to prevent further financial loss.
Fraud alerts generated by the system are reviewed by authorized administrators only.

Your rights:

Under GDPR Article 22, you have the right not to be subject to a decision based solely on automated processing that produces legal effects or similarly significantly affects you. Wister ensures that all consequential actions (account suspension, permanent payout freeze, account termination) involve human review.
You may contact us at privacy@wister.site to request information about any risk flags on your account or to contest a decision.

Data retention: Risk profile data is retained for the duration of your account. If your account is deleted, risk profile data is anonymized or deleted within 30 days, except where retention is required by law for fraud investigation purposes.

3. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data on the following legal bases:

Legal Basis	Data
Contract performance (Art. 6(1)(b))	Account data, messages, transactions — necessary to provide the service
Legitimate interest (Art. 6(1)(f))	Fraud prevention and risk scoring (Section 2A), security, service improvement, Gift Repurchase Program eligibility assessment
Consent (Art. 6(1)(a))	Contact sync, push notifications, birthday sharing, Gift Repurchase Program participation — you can withdraw consent at any time
Legal obligation (Art. 6(1)(c))	Financial transaction records, tax compliance, KYC/AML verification for repurchase, DAC7 reporting

4. End-to-End Encryption

Chat messages in Wister are protected with End-to-End Encryption (E2EE) using industry-standard cryptography:

Key Exchange: X25519 (Elliptic Curve Diffie-Hellman)
Message Encryption: AES-256-GCM (authenticated encryption)
Key Storage: Encryption keys are stored locally on your device using the operating system's secure enclave

This means that only you and the person you are communicating with can read your messages. Wister cannot access the content of encrypted messages.

5. Third-Party Services

5.1 Google Play Services

The App uses Google Play Services to provide core functionality on Android devices:

Service	Purpose	Data Collected
Google Play Billing	In-app purchases of Rubies	Purchase history, transaction IDs
Firebase Authentication	Account creation and phone verification	Phone number, authentication state
Firebase Realtime Database	Real-time messaging and data sync	User data as described in this Policy
Firebase Cloud Storage	Storing profile photos and story images	Uploaded media files
Firebase Cloud Messaging (FCM)	Delivering push notifications	FCM device token
Firebase Analytics	Anonymous usage statistics	App events, user properties, device info, app version
Firebase Installation ID	Anonymous app instance identification	Unique installation identifier

For more information: Google Privacy Policy and Firebase Privacy

5.2 Apple Services

On iOS devices, the App uses Apple services:

Service	Purpose	Data Collected
Apple Push Notification Service (APNs)	Delivering push notifications	Device push token
App Store In-App Purchases	In-app purchases of Rubies	Purchase receipts, transaction IDs

For more information: Apple Privacy Policy

5.3 Other Third-Party Services

Service	Purpose	Privacy Policy
Stripe Payments	Payment processing for Ruby purchases (credit/debit card). Wister does not store your card details — Stripe handles all card data securely.	stripe.com/privacy
Stripe Identity	Identity verification (KYC) for Gift Repurchase Program participants. Processes government-issued ID documents and facial imagery. Wister does NOT store identity documents or biometric data.	stripe.com/privacy
PayPal	Processing Gift Repurchase payments to eligible Users	paypal.com/privacy
Agora	Voice and video call infrastructure (see Section 1.5 for details)	agora.io/privacy

5.4 Data Sharing Principles

We do not sell your personal data to third parties.
We share data with third-party services only as necessary to provide the App's functionality as described in this Policy.
Each third-party service operates under its own privacy policy and terms, and you are encouraged to review them.

6. Data Retention

Data Type	Retention Period
Account data	Until you delete your account
Chat messages	Until deleted by sender or chat cleared
Story content	Automatically deleted after 24 hours
Transaction records	7 years (legal/tax requirement)
Gift Repurchase Program data (KYC verification result, tax docs)	7 years from last transaction (legal/tax/AML requirement)
Repurchase request audit trail (request details, approval context, payout context)	7 years from transaction date (legal/tax/audit requirement)
Risk profile and fraud alert data	Duration of account + 30 days after deletion (or as required by law for fraud investigations)
Push notification tokens	Until you log out or uninstall the App
Contact sync data (matched user IDs only — no phone numbers stored)	Until you disable contact sync or delete your account
Firebase Installation ID	Until you uninstall the App or clear app data
Call metadata (duration, timestamps)	1 year from call date
App usage / analytics data	14 months (Firebase Analytics default)
Device information	Until you delete your account

When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

Account Deletion

You may delete your account at any time through the following methods:

In-App: Navigate to Settings > Account > Delete Account
Email: Send a deletion request to privacy@wister.site from the phone number associated with your account

Upon account deletion:

Your profile, username, and bio are deleted immediately
Your chat messages are deleted (note: copies of messages already delivered to other users remain on their devices due to E2EE)
Your story content is deleted (or was already auto-deleted after 24 hours)
Your hashed contact data is deleted
Your push notification tokens are invalidated
Your transaction records are retained for 7 years as required by law
Gift Repurchase Program data (KYC verification result, repurchase audit trail, if applicable) is retained for 7 years as required by law
All other personal data is deleted or anonymized within 30 days

You will receive a confirmation notification when your account deletion is complete.

7. Data Storage and Transfers

Your data is stored on Google Firebase servers located in the European Union (europe-west1 region). If data is transferred outside the EU, it is protected by appropriate safeguards such as Standard Contractual Clauses (SCCs) in compliance with GDPR.

7A. Data Protection Contact

For all data protection and privacy matters, you may contact us:

Email: privacy@wister.site
Postal Address: DONATION POS L.P., El. Venizelou 218, Kallithea, 17675, Athens, Greece

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA):

Website: https://www.dpa.gr
Address: Kifisias 1-3, 115 23 Athens, Greece
Phone: +30 210 6475600

8. Your Rights (GDPR)

As a user in the European Union, you have the following rights:

Access — Request a copy of your personal data
Rectification — Correct inaccurate personal data
Erasure ("Right to be forgotten") — Request deletion of your personal data
Restriction — Request limitation of data processing
Portability — Receive your data in a machine-readable format
Objection — Object to processing based on legitimate interest
Withdraw consent — Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at privacy@wister.site.

We will respond to your request within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at https://www.dpa.gr.

9. Children's Privacy

The App is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. Financial features (Ruby purchases) and the Gift Repurchase Program require users to be at least 18 years old.

Age verification: Account creation requires SMS verification of a mobile phone number. During registration, users must confirm their date of birth. The App enforces the following age-based restrictions:

Users under 16: Cannot create an account
Users 16-17: May use the App with parental/guardian consent; cannot purchase Rubies or participate in the Gift Repurchase Program
Users 18+: Full access to all features

If we become aware that a user has provided a false date of birth or that a child under 16 has created an account, we will take steps to suspend the account and delete the associated personal data promptly. We reserve the right to implement additional age verification measures as required by applicable law or platform policies.

If you believe that a child under 16 has created an account, please contact us immediately at privacy@wister.site.

10. Security

We implement appropriate technical and organizational measures to protect your personal data, including:

End-to-End Encryption for chat messages
Server-side validation and security rules for all database operations
Rate limiting on sensitive operations (purchases, repurchase requests, notifications)
Automated fraud detection and risk scoring to protect against abuse (see Section 2A)
Payout freeze mechanisms to prevent financial loss from chargebacks and disputes
Secure storage for encryption keys (device-level secure enclave)
Protected fields (wallet balance, role) that cannot be modified by client applications

No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10A. Google Play Data Safety and Apple App Privacy Disclosures

Google Play Data Safety

In compliance with Google Play's Data Safety requirements, the following summarizes our data practices:

Data Type	Collected	Shared	Purpose	Optional
Phone number	Yes	No	Account creation, authentication	No (required)
Contacts (phone numbers)	No (processed in memory, not stored)	No	Friend discovery only — only matched user IDs are stored	Yes
Name / Username	Yes	No (visible to contacts within App)	User profile	No
Profile photo	Yes	No (visible to contacts within App)	User profile	Yes
Birthday / Nameday	Yes	No	Celebration reminders	Yes
Messages	Yes	No (E2EE, unreadable by Wister)	In-app communication	No
Photos (Stories)	Yes	No (visible to contacts, auto-deleted 24h)	Content sharing	Yes
Purchase history	Yes	Stripe (payment processor)	Transaction processing	No (if purchasing)
Device identifiers (Firebase Installation ID)	Yes	Firebase (Google)	Analytics, notifications	No
IP address	Yes	Firebase (Google)	Security, fraud prevention	No
App usage data	Yes	Firebase (Google)	Service improvement	No
Approximate location	Yes (city name only, when user adds location sticker to Story)	No	App functionality (Story location sticker)	Yes
KYC documents (Gift Repurchase only)	Yes	Stripe Identity (verification processor)	Legal compliance, identity verification	Yes (only if participating in repurchase)

Data deletion: Users can request deletion of their account and associated data at any time via the App settings or by contacting privacy@wister.site. Data is deleted within 30 days except where retention is required by law.

Data encryption: All data is encrypted in transit using TLS. Chat messages are additionally protected by End-to-End Encryption (E2EE).

Apple App Privacy Labels

In compliance with Apple's App Privacy requirements:

Data Used to Track You: None — Wister does not track users across apps or websites.

Data Linked to You:

Contact Info: Phone number (for account functionality)
User Content: Messages, photos (for app functionality)
Location: Approximate location — city name only, when user adds location sticker to Story (for app functionality)
Identifiers: User ID (for app functionality)
Purchase History: In-app purchases (for app functionality)

Data Not Linked to You:

Diagnostics: Crash data, performance data (via Firebase)
Usage Data: App interaction data (via Firebase Analytics, anonymized)

10B. Website and Cookies

The Wister website (https://www.wister.site) may use essential cookies required for the website to function properly. We do not use advertising cookies, tracking cookies, or third-party analytics on our website. If this changes in the future, we will update this Privacy Policy and implement an appropriate cookie consent mechanism in compliance with the ePrivacy Directive (2002/58/EC) and applicable national law.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice in the App or sending a push notification. Your continued use of the App after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or your personal data, contact us:

Email: privacy@wister.site
Postal Address: DONATION POS L.P., El. Venizelou 218, Kallithea, 17675, Athens, Greece
Website: https://www.wister.site