PRIVACY POLICY

Last updated: June 2026

This privacy policy describes how 21 Corp collects, uses and protects the personal data of Capsoom users (iOS and Android).

1. Data Controller — Contact

21 Corp

Email: contact@capsoom.com

2. Personal Data Collected

2.1 Account Data

• Username
• Email address
• Password
• If signing in via Apple or Google: provider and associated identifier
• Interface language

2.2 Content and Exchanges

• Capsule photos, text and overlays
• Capsule metadata: sender, recipient(s), unlock time, view date
• Messages, voice messages and reactions
• Profile photos and group avatars
• Friends list
• Streaks
• Memories

2.3 Location

Only if you enable the "city" overlay on a capsule. Your location is used at that moment to display a city name. No GPS coordinates are stored on our servers; location is never used in the background.

2.4 Technical Data

• Device identifier and platform for push notifications
• Technical logs related to sensitive actions

2.5 Capsoom+ Subscription

• Subscription status, expiry date, store
• No payment data is processed by Capsoom

2.6 Reports

• Reporter, target, reason and processing status

3. Purposes

1. Account creation and management
2. Providing app features
3. Sending push notifications
4. Transactional emails
5. Managing Capsoom+ subscriptions
6. Moderation and security

Capsoom does not include any third-party tracking or analytics SDKs and does not serve targeted advertising.

4. Legal Bases

• Contract performance: account, exchanges between friends, transactional emails
• Consent: push notifications, device permissions
• Legitimate interest: moderation, security logs, anti-fraud

5. Device Permissions

• Camera — capsule photos
• Microphone — voice messages
• Photo library — selecting and saving photos
• Location — city overlay on a capsule, during use only, never in the background
• Notifications — capsule and message alerts

6. Data Recipients

Data is accessible to 21 Corp teams and to hosting and infrastructure providers acting on our behalf.

Capsoom does not sell your personal data.

7. International Transfers

Some providers are based in the United States. These transfers are governed by the appropriate safeguards under the GDPR.

8. Retention Periods

• Active account: data retained for the lifetime of the account
• Ephemeral capsules: expire according to the delay set at the time of sending
• Technical logs: retained for the strictly necessary duration

9. Account Deletion

You can delete your account from the app at any time. A 30-day grace period applies, with email reminders before the deadline. After this period, your personal data and all your content are permanently deleted.

10. Your Rights

Under the GDPR, you have the rights of access, rectification, erasure, restriction, objection, portability and withdrawal of consent.

To exercise your rights: contact@capsoom.com

You may also lodge a complaint with your local data protection authority.

11. Security

Capsoom implements technical and organizational measures to protect your data against unauthorized access or disclosure.

12. Policy Updates

In the event of a material change, you will be notified via an in-app notification or by email.

13. Contact

21 Corp — contact@capsoom.com