What we collect, why, and how to get it back.

Account basics (email, age verification result), what you make on Coeta (profile, photos, posts, messages, audience choices), and the device telemetry we need to keep the app running — none of which includes your email, phone, coordinates, display name, or photo URLs. The deny-list at the foundation strips those before they leave your device.

Server-side data sits in Postgres and Firestore in US data centers. Device-side data is encrypted at rest with a hardware-backed key — on iOS via the Secure Enclave, on Android via the Keystore. Signing out regenerates the device key.

Crash reporting (Crashlytics) — opaque IDs only. Push notification delivery (APNs, FCM). Stripe for paid features. We do not share your data with advertisers, brokers, or "partners" of any kind.

Export your data at any time from Me · settings · data. Delete your account from the same screen. Adjust audience defaults, opt out of presence, and mute per-community / per-chat / per-event from the same settings screen.

Coeta is 18 and over. We use age verification at signup and do not knowingly retain data on minors. If you believe a minor is using Coeta, write privacy@coeta.io and we will act.