Zcribbler Software Labs Private Limited
Data Policy
A clear explanation of how we handle your data.
Effective date: April 10, 2026 · Version 1.1
- Your data is yours. We are custodians, not owners.
- We will never sell your data. This is a legally binding promise.
- We collect only what we need to run the app. Nothing extra.
- You own your content. Every zcribble, every photo, every message.
- Delete means delete. When you delete your account, your data is permanently erased within 180 days.
1. Our Approach
Zcribbler is a social app, not a data company. Here are the deliberate choices we have made:
- No passwords to leak. We use Google Sign-In and Apple Sign-In as the only ways to log in. We never store a password.
- No ad networks or trackers. We have zero advertising SDKs in the app. No tracking pixels. No cookies. We use Firebase Analytics to understand how features are used, and you can turn it off in Settings.
- Photos are cleaned before upload. When you pick a photo from your library, the app strips GPS coordinates, camera details, and timestamps from the file metadata (EXIF) before uploading. The version on our server is clean.
- Invite matching is temporary. When someone clicks an invite link and later installs the app, we temporarily store limited device signals (IP address, screen dimensions, timezone, locale) to match the install to the invite. This data is automatically deleted within one hour.
2. What We Store
Here is everything we store, why, and who can see it.
Data you give us
| What | Why | Who Sees It |
|---|---|---|
| Name, email | To create your account | Us only (email never shown to others) |
| Username | Your identity in the app | Your connections and people who find you |
| Date of birth | Age verification (required) | Us only (never shown to anyone) |
| Profile picture | Your avatar | Anyone who sees your profile |
| Tagline, bio | Tells people about you | Anyone who sees your profile |
| Zcribbles | The core of the app | Your audience (connections or a Space) |
| Replies, stamps | Reacting to content | Anyone who can see the zcribble |
| Blips | Ephemeral sharing | Your connections (auto-deletes) |
| Direct Messages | Private conversations | You and the other person only |
| Spaces membership | Private group participation | Space members |
| Poll votes | Participating in polls | Vote counts are public; individual votes are not |
| Location | Tagging events/memories (opt-in) | Anyone who sees the tagged zcribble |
| Reports, appeals | Safety and moderation | Us + moderation team |
| Settings | Your preferences | Us only |
Data we collect automatically
| What | Why | Who Sees It |
|---|---|---|
| Login IP address | Detect suspicious logins | Us only |
| Device info (OS, model, app version) | Fix crashes, manage sessions | Us only |
| Firebase Analytics events | Understand feature usage | Us + Google (anonymised) |
| Crash reports | Fix bugs | Us + Google (Crashlytics) |
| Push notification token | Send you notifications | Us + Google (FCM) |
| Invite device signals | Match invite links to installs | Us only (deleted after 1 hour) |
| Consent records | Legal audit trail | Us only |
On-device processing: Some processing happens on your device before data reaches our servers. EXIF metadata is stripped from photos before upload. Videos and audio may be transcoded on your device to reduce file size. Sensor data (accelerometer) is used for visual effects and never leaves your device.
3. Third-Party Services
We use a small number of service providers to run Zcribbler. Here is what each one does.
What they do for us: Authentication (Google Sign-In), analytics (Firebase Analytics), crash reporting (Crashlytics), push notifications (FCM).
What they receive: Your Google ID token at sign-in, anonymised app usage events, crash stack traces, and your device's push notification token.
Where their servers are: Google Cloud, primarily US and EU data centres.
Apple
What they do for us: Authentication (Sign in with Apple).
What they receive: Your Apple ID token at sign-in (email, name).
Where their servers are: Apple data centres, primarily US.
Cloud Infrastructure
What they do for us: Host the app backend, run our database, store your media files (photos, videos, audio), and deliver content through a global CDN.
What they receive: All app data passes through their infrastructure.
Where their servers are: India (primary), with geo-redundant backups and global edge delivery points.
Why we use them: They offer India-region data centres with strong compliance certifications (ISO 27001, SOC 2).
That's the complete list.
We do not use advertising SDKs, tracking pixels, or data broker integrations. If we add a new service provider, we will update this page and notify you.
4. What Happens When You Delete Your Account
Here is exactly what "delete" means, step by step:
-
Day 0: You confirm deletion
You type "DELETE" and re-authenticate with your sign-in provider (Google or Apple). Your account becomes immediately invisible. No one can see your profile, your zcribbles, your blips, or find you in search. -
Days 0 to 180: Grace period
Your data sits in the database in a soft-deleted state. It is invisible to all users and the app. This window exists because Indian law (IT Intermediary Guidelines Rules, 2021) requires us to retain data for a period in case of legal requests. During this time, you can contact us to restore your account. -
Approximately Day 50: Media files are purged
Your uploaded photos, videos, and audio files are moved to a deletion queue and automatically purged. After this point, your media is gone permanently. -
Day 180: Hard deletion
Our deletion system permanently removes all your remaining data from the database: every zcribble, every reply, every stamp, every blip, every notification. This process is batched and irreversible. -
After Day 180: Nothing remains
Your data is gone. The only traces that may remain: (1) Direct Messages you sent show "[Deleted User]" as the sender, with the message content preserved for the other participant; (2) Spaces you created are transferred to the next admin or oldest member; (3) child safety reports are preserved as required by law (POCSO Act); (4) consent audit records are anonymised (your user ID is removed) but preserved for legal compliance.
5. Content Labels
When you create a zcribble, our backend may generate descriptive labels to help with search and discovery (for example, categorising content by type or subject). These labels describe general content categories, not personal attributes. Your raw media is not sent to any third-party AI service, and your content is not used to train AI models.
6. Location
How location works in Zcribbler:
- We never access your location in the background.
- We never build a location history or movement profile.
- GPS is used only when you tap the locate button while creating an event or memory zcribble.
- When you tap it, we get your coordinates, reverse-geocode them to a place name, and show you the result.
- If you attach the location, it is stored with that zcribble and visible to whoever can see it.
- If you don't attach it, the coordinates are discarded immediately.
You can revoke location permission at any time through your device settings. The app works perfectly without it.
7. Security
How we keep your data safe:
- No passwords: We don't store passwords because we don't use them. Google Sign-In and Apple Sign-In handle authentication.
- Everything is encrypted: Data moving between your phone and our servers is encrypted (TLS 1.2+). Data stored in our database and media storage is encrypted at rest (AES-256).
- Login tokens are hashed: Session tokens are hashed with a cryptographic key stored in a separate secrets vault. Even if someone accessed our database, the tokens would be unusable.
- The database is locked down: Our production database has no public internet access. It sits in a private network. Only our app servers can reach it.
- Photos use signed URLs: Every photo and video is served through a time-limited, cryptographically signed URL. You cannot guess or forge a URL. The URLs expire after 7 days.
- Rate limiting everywhere: Per user (120 requests/minute), per authentication endpoint (30 requests/minute), and per IP at the CDN level (1,000 requests/minute).
- No secrets in our code: All API keys, credentials, and signing keys are stored in a dedicated secrets vault, never in source code.
- We don't log your data: Application logs contain request IDs and user IDs for debugging, never your name, email, message content, or photos.
8. Version History
| Version | Date | Changes |
|---|---|---|
| 1.0 | April 3, 2026 | Initial publication. |
| 1.1 | April 10, 2026 | Comprehensive rewrite. Removed stale on-device AI references. Removed infrastructure provider names. Added Apple Sign-In, Spaces, Direct Messages, invite fingerprinting, and content labels coverage. |
Have Questions?
If anything is unclear, email us at privacy@zcribbler.com.
For formal privacy requests or grievances, see our Privacy Policy.
For the full legal details, see our Terms and Conditions and Privacy Policy.