Privacy Policy

Last updated: March 18, 2026

Plysh ("we," "us," or "our") is a consent and sexual health communication app. We understand that the data you share with us is deeply personal. This policy explains exactly what we collect, why, and how we protect it.

1. What We Collect

Account information: Email address and display name when you create an account.

Consent preferences: Your responses to the desires survey (Yes, Maybe, Ask First, No for each activity). These are stored securely and only shared with partners you explicitly connect with.

Health information: STD test results you choose to upload. You control whether these are shared with partners.

Partnership data: Records of partner connections and party memberships you create.

Device information: We collect crash reports (via Sentry) and anonymous usage analytics (via PostHog) to improve the app. These never contain your consent preferences, health data, or partner information.

2. What We Never Do

• Never sell your data. Not to advertisers, data brokers, or anyone else.
• Never share consent or health data with anyone except partners you explicitly connect with in the app.
• Never use your data for advertising or targeted marketing.
• Never store identifiable information in crash reports or analytics.

3. How We Protect Your Data

Your data is stored in Supabase with row-level security (RLS) — meaning database queries are enforced at the server level to ensure users can only access their own data and data explicitly shared with them.

All data in transit is encrypted via TLS. Authentication uses industry-standard JWT tokens.

4. Third-Party Services

We use the following third-party services:

• Supabase — database and authentication. Their privacy policy.
• Sentry — crash reporting. Collects device type, OS version, and stack traces. No personal data. Their privacy policy.
• PostHog — anonymous usage analytics. Collects which features are used and onboarding completion rates. No personal data. Their privacy policy.

5. Your Rights

• Access: You can view all your data in the app at any time.
• Deletion: You can delete your account and all associated data by contacting us at support@plysh.app.
• Portability: You can export your consent preferences from within the app.
• Control: You choose which partners see your consent preferences and health data. You can revoke access at any time.

6. Data Retention

We retain your data for as long as your account is active. When you delete your account, all personal data is permanently deleted within 30 days.

7. Children

Plysh is not intended for users under 18 years of age. We do not knowingly collect data from minors.

8. Changes

We may update this policy as the app evolves. We will notify you of significant changes via in-app notification or email.

9. Contact

Questions about your privacy? Reach us at support@plysh.app.