Effective date: July 5, 2026
This Privacy Policy explains how LittleUs, operated by Egor Iakovlev (“LittleUs,” “we,” “us,” or “our”), collects, uses, stores, shares, and protects information when you use the LittleUs mobile application, widgets, websites, notification services, and related services (collectively, the “Service”).
LittleUs is a private app for two people who want to feel close, even from far away. The Service lets users create or join a private shared space, send messages and media, share daily signals, moods, quizzes, presence information, widgets, reminders, and partner notifications.
By using LittleUs, you agree to the collection and use of information described in this Privacy Policy.
1. Information we collect
We collect information depending on which features you use, what you choose to share, and which device permissions you grant.
Account and authentication information
When you create or use an account, we may collect or process:
- Email address.
- Password or authentication credentials.
- User ID and account identifiers.
- Session and authentication tokens.
- Display name.
- Profile photo or avatar.
- Profile bio, if you add one.
- Password reset information.
- Account status, sign-in, sign-up, sign-out, and account deletion events.
Password handling is provided through Supabase authentication infrastructure. We do not store your plaintext password.
We use this information to create and authenticate your account, keep you signed in, recover access, identify you to your partner inside the app, and secure the Service.
Couple space and relationship information
If you create or join a shared space, we may collect or process:
- Invite codes.
- Couple or shared space ID.
- Partner ID.
- Couple membership and status.
- Relationship dates.
- Next meeting date and optional next meeting note.
- Settings for shared features.
- “Miss you” signals, shared heart counters, streaks, and similar partner interaction data.
We use this information to operate your private shared space and show relevant partner features.
Messages and user content
LittleUs allows you and your partner to create, send, upload, store, and view user content, including:
- Private chat messages.
- Photo signals and captions.
- Daily signal responses.
- Daily quiz answers and result messages.
- Text prompts, choices, notes, love notes, delayed notes, and memory responses.
- Mood values, mood labels, and optional mood notes.
- Heart Sync activity.
- Watch-together activity.
- Photos, images, thumbnails, videos, voice recordings, and audio files.
- Metadata connected to that content, such as sender, receiver, couple ID, timestamps, opened/read state, delivery date, selected option, content type, and related feature state.
Your user content may reveal personal, sensitive, emotional, intimate, location-related, or health-related information depending on what you choose to write, record, photograph, or upload. Please only share content that you are comfortable sharing with your partner and storing through the Service.
LittleUs is not currently described as end-to-end encrypted. Access controls are designed to limit user content to the relevant account, couple space, partner, and service operations, but we and our service providers may be able to process, store, or access content as needed to operate, secure, support, moderate, or comply with legal obligations for the Service.
Photos, videos, camera, and photo library
If you grant camera or photo library access, the app may let you:
- Take photos for Photo Signals or profile photos.
- Pick photos or videos from your device.
- Upload photos or videos to your shared space.
- Generate compressed images and thumbnails.
- Display media in chat, daily signals, memory boards, widgets, or related screens.
We only access camera, photo library, and media files when you use features that require them and grant the relevant iOS permission. You can revoke permissions in iOS Settings.
Audio and microphone information
If you grant microphone access, the app may let you record voice signals or voice responses. Voice recordings may be temporarily stored on your device and uploaded if you choose to send them.
We use audio data to provide voice messaging and Daily Signal features. We do not use voice recordings for advertising.
Approximate location, time zone, weather, and presence information
If you grant location permission or enable presence sharing, we may collect or process:
- Time zone identifier.
- Approximate location, such as city or area.
- City and country derived from approximate location.
- Local time label.
- Awake/asleep estimate.
- Weather condition and approximate temperature.
- Presence privacy settings, including whether to share local time, weather, approximate location, or pause all presence sharing.
Location and presence information are used to show your partner contextual presence information, such as local time, city/area, weather, or distance, depending on your settings.
LittleUs is designed to use approximate presence information. Exact location sharing is not intended to be enabled by default. If a future version adds exact location sharing, it will be controlled by user permission and privacy settings.
You can disable location permission in iOS Settings and adjust sharing in the app’s Presence & Privacy settings, including pausing presence sharing.
Push notifications and local reminders
If you allow notifications, we may collect or process:
- Apple Push Notification service (APNs) device token.
- Device platform.
- APNs environment.
- App version.
- Device name or device label.
- Push token status and last-seen timestamp.
- Notification settings, reminder preferences, and scheduled reminder times.
- Notification event metadata, such as event type, sender ID, recipient ID, title, body, and routing payload.
We use this information to deliver partner notifications, chat notifications, Photo Signal notifications, Daily Signal reminders, mood check-in reminders, widget update notifications, badges, sounds, and local reminders.
Push notification payloads may pass through Apple Push Notification service. You can turn off notifications or notification previews in iOS Settings.
Widgets and on-device cached data
The app may store limited data on your device or in an app group shared with widgets, including:
- Widget snapshots.
- Recent Photo Signal or widget media needed to render widgets.
- Partner or couple display state used by widgets.
- Local preferences and settings.
- Cached images or media for performance.
This data is used to display widgets and speed up the app. Deleting the app or clearing account data may remove local caches, but some device-level backups may be controlled by iOS or Apple.
Analytics and product interaction data
We use PostHog to collect limited product analytics and product interaction data, such as:
- App opened or closed.
- Screen viewed or feature opened when explicitly tracked by the app.
- Tab selected.
- Message sent event count or feature event, without message body.
- Photo or media feature event, without photo, video, or audio content.
- Daily mood, Daily Signal, widget, memory board, presence, Heart Sync, and related interaction events.
- Event properties such as feature name, tab, source, success, media kind, widget type, response type, count, duration, or whether a field had content.
- A user identifier used to understand app usage by account.
The app is configured not to capture automatic screen views, automatic element interactions, or session replay. Our analytics implementation is designed to avoid sending message text, photos, videos, audio, names, precise location, or free-form notes as analytics properties.
We use analytics to understand feature usage, improve reliability, improve design, and make product decisions. We do not use analytics for third-party advertising.
Technical, security, and server information
When you use the Service, we and our service providers may process technical information such as:
- IP address and request metadata in server logs.
- Device type, operating system, app version, network and performance metadata.
- Error, diagnostic, and security information.
- Storage paths and signed URL access logs.
- Database and realtime connection metadata.
We use this information to operate, secure, debug, and improve the Service, prevent abuse, and comply with legal obligations.
2. How we use information
We use the information described above to:
- Provide account creation, login, password reset, account deletion, and authentication.
- Create, join, and manage private shared spaces.
- Send, receive, store, display, and sync chat messages and user content.
- Upload, store, transform, cache, and deliver photos, videos, audio, thumbnails, avatars, and widget media.
- Provide Daily Signals, Daily Quizzes, mood check-ins, Memory Board, love notes, Heart Sync, watch-together, and related features.
- Show partner presence, local time, optional approximate location, weather, distance, and privacy-controlled sharing.
- Send push notifications and schedule local reminders.
- Provide widgets and deep links.
- Maintain security, prevent misuse, enforce our terms, and protect users.
- Respond to support, privacy, legal, or safety requests.
- Analyze app usage and improve the Service.
- Comply with applicable laws, legal process, and App Store requirements.
We do not sell your personal information. We do not use your messages, photos, videos, audio, location, or other user content for third-party advertising.
3. How information is shared
With your partner
The core purpose of LittleUs is to share selected content with your paired partner. Depending on your actions and settings, your partner may see:
- Profile name, avatar, and bio.
- Chat messages.
- Photo Signals, captions, voice/video responses, Daily Signal responses, quiz answers, mood check-ins, notes, memories, and related timestamps.
- Local time, city/area, weather, distance, or presence status if enabled.
- Relationship dates or shared couple settings.
- Opened/read state and feature activity where the app displays it.
With service providers
We use service providers to operate the Service. These providers may process information on our behalf under their own terms, privacy policies, and data processing commitments.
Current service providers include:
- Supabase: authentication, backend database, private file storage, realtime sync, edge functions, and account-related functionality.
- PostHog: product analytics.
- Apple: App Store distribution, iOS permissions, local notifications, widgets, app analytics controlled by Apple, and Apple Push Notification service.
- Resend: transactional email delivery, such as authentication and account-related emails.
- Vercel: website hosting for LittleUs web pages, including policy and support pages.
We may add or replace vendors as the Service evolves. We will update this policy when material vendor practices change.
For legal, safety, and security reasons
We may access, preserve, or disclose information if we believe it is reasonably necessary to:
- Comply with law, regulation, subpoena, court order, or legal process.
- Protect the safety, rights, privacy, or property of users, LittleUs, service providers, or others.
- Investigate fraud, abuse, security incidents, policy violations, or illegal activity.
- Enforce our policies and protect the Service.
- Respond to support, moderation, or safety reports.
Business transfers
If LittleUs is involved in a merger, acquisition, financing, reorganization, bankruptcy, sale of assets, or similar transaction, user information may be transferred as part of that transaction, subject to appropriate protections and applicable law.
4. Data retention
We keep information for as long as reasonably necessary to provide the Service, maintain security, comply with legal obligations, resolve disputes, and enforce agreements.
In general:
- Account information is kept while your account is active.
- User content is kept while needed to provide couple features, unless deleted through available app functionality, account deletion, or a valid deletion request.
- Media files may be stored in private storage buckets and delivered through time-limited signed URLs.
- Local device caches may remain on your device until cleared by the app, iOS, or deletion of the app.
- Push tokens may be kept while notifications are enabled and may be pruned when stale or disabled.
- Analytics data may be retained by PostHog according to analytics configuration and provider retention settings.
- Backups, logs, and security records may persist for a limited period after deletion, unless a longer period is required or permitted by law.
The app includes an account deletion option in Settings. Account deletion allows you to initiate deletion of your LittleUs account. After a deletion request, we will take reasonable steps to delete or de-identify account information and associated personal data that we are not legally required to keep.
Some information may remain for a limited time if it is stored in backups, required for legal/security reasons, belongs to your partner, is part of records needed to protect the Service, or cannot reasonably be associated with your account.
To request deletion, access, or correction manually, contact us at squirreldefend@gmail.com.
5. Your choices and controls
You can control many data practices directly:
- Camera permission: manage in iOS Settings.
- Microphone permission: manage in iOS Settings.
- Photo library permission: manage in iOS Settings.
- Location permission: manage in iOS Settings.
- Notifications: manage in iOS Settings and in the app’s notification settings.
- Presence sharing: manage local time, weather, approximate location, distance, and pause-all-sharing settings in the app.
- Profile: edit your display name, bio, and avatar where available.
- Couple connection: leave or change a shared space where available.
- Account deletion: use the in-app deletion option in Settings or contact us at squirreldefend@gmail.com.
If you revoke a permission, some app features may stop working.
6. Regional privacy rights
Depending on where you live, you may have rights to:
- Access the personal information we hold about you.
- Correct inaccurate information.
- Delete information.
- Export or receive a copy of information.
- Object to or restrict certain processing.
- Withdraw consent where processing is based on consent.
- Opt out of certain sharing, sale, targeted advertising, or profiling where applicable.
- Appeal a denied privacy request where required by law.
To exercise rights, contact us at squirreldefend@gmail.com. We may need to verify your identity before fulfilling a request.
California notice
For California residents, the categories of personal information we may collect may include identifiers, contact information, internet or electronic network activity, geolocation data if enabled, audio/visual information if uploaded, inferences or preferences derived from app settings and activity, and sensitive personal information if you choose to provide it in content.
We do not sell personal information and do not share personal information for cross-context behavioral advertising as those terms are used under California privacy law. We do not use sensitive personal information to infer characteristics for advertising.
EEA, UK, and similar regions
Where GDPR, UK GDPR, or similar laws apply, our legal bases may include:
- Contract necessity: to provide the app and account features you request.
- Consent: for optional permissions, notifications, location sharing, and certain privacy-controlled features.
- Legitimate interests: to secure, maintain, debug, improve, and protect the Service, provided those interests are not overridden by your rights.
- Legal obligations: to comply with applicable laws and lawful requests.
Your information may be processed in countries other than your own, including the United States and other countries where our providers operate. Those countries may have different data protection laws than your country.
7. Children and teens
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.
If you are under the age required to consent to data processing in your country, you may use the Service only with appropriate parent or guardian consent.
If you believe a child has provided personal information to us without proper consent, contact us at squirreldefend@gmail.com and we will take appropriate steps.
The Service may allow private communication, photos, videos, audio, and location-related sharing. Parents or guardians should supervise minors’ use of these features.
8. User content, safety, and moderation
You are responsible for the content you create and send. Do not use the Service to share illegal, abusive, harassing, threatening, exploitative, non-consensual, sexually explicit content involving minors, or content that violates another person’s rights.
Although LittleUs is designed for private shared spaces, we may review, restrict, remove, or disclose content when necessary to investigate abuse, respond to reports, protect safety, comply with law, or protect the Service.
To report abuse, non-consensual content, safety concerns, or illegal content, contact us at squirreldefend@gmail.com. In an emergency, contact local emergency services first.
9. Security
We use reasonable technical and organizational measures designed to protect information, including authenticated access, database access controls, private storage buckets, time-limited signed media URLs, permission-based iOS access, and provider security features.
No method of transmission or storage is completely secure. You are responsible for keeping your device, email account, password, and app account secure.
10. Third-party links and services
The Service may link to third-party websites, App Store pages, Apple settings, or external services. Their privacy practices are governed by their own policies.
Relevant provider policies include:
- Supabase Privacy Policy: https://supabase.com/privacy
- PostHog Privacy Policy: https://posthog.com/privacy
- Apple Privacy Policy: https://www.apple.com/privacy
- Resend Privacy Policy: https://resend.com/legal/privacy-policy
- Vercel Privacy Policy: https://vercel.com/legal/privacy-policy
11. Changes to this policy
We may update this Privacy Policy from time to time. If changes are material, we will take reasonable steps to notify you, such as updating the effective date, posting notice on our website, or providing in-app notice.
Your continued use of the Service after an update means you accept the updated policy to the extent permitted by law.
12. Contact us
For privacy requests, data deletion, support, or safety reports, contact:
Egor Iakovlev
squirreldefend@gmail.com
https://littleus.space
13. Governing law
This Privacy Policy is governed by the laws of the State of Washington, United States, to the extent permitted by applicable law.