Privacy Policy

Last Updated: February 2026

Wister ("we", "us", "our") operates the Wister mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the App.

1. Information We Collect

1.1 Information You Provide

Data	Purpose
Phone number	Account creation and authentication via SMS verification
Display name, username, bio	Profile visible to your contacts
Profile photo	Profile avatar visible to your contacts
Birthday and nameday	Celebration reminders for your contacts
Chat messages	Facilitating communication between users
Story images	Sharing temporary visual content (auto-deleted after 24 hours)

1.2 Information Provided by Community Recognition Program Applicants

If you apply to the Community Recognition Program (Section 7 of our Terms of Service), we may additionally collect:

Data	Purpose
Government-issued ID (passport, national ID card, or driver's license)	Identity verification (KYC) as required by applicable law
Proof of address (utility bill, bank statement, or official correspondence)	Address verification for compliance purposes
Tax identification number (ΑΦΜ, TIN, or equivalent)	Tax reporting obligations under DAC7 and applicable law
Tax documentation (W-9, W-8BEN, Greek tax declaration forms)	Tax compliance and withholding obligations
PayPal email or SEPA bank details	Processing Community Recognition payments
Content creation and engagement metrics	Evaluating eligibility and contribution to the Wister community

1.3 Information Collected Automatically

Data	Purpose
Firebase Installation ID	Anonymous app instance identifier used for analytics and notifications
Device token (FCM)	Delivering push notifications
Online status and last seen	Showing availability to your contacts
IP address	Security, fraud prevention, approximate geolocation for regulatory compliance (collected by Firebase)
Device information	Device model, operating system version, app version — used for compatibility, debugging, and security
Transaction history	Recording Ruby purchases, gifts, and Community Recognition
Gift and transaction patterns	Gift frequency, volume, and recipient patterns — used for fraud detection and risk scoring (see Section 2A)
App usage data	Feature interactions, screen views, and in-app events — collected via Firebase Analytics for service improvement
Notification interactions	Whether push notifications are opened or dismissed — used to improve notification relevance

1.3A No Advertising or Tracking

Wister does NOT:

Use advertising identifiers (IDFA on iOS, Google Advertising ID on Android)
Integrate any advertising SDKs or ad networks
Implement App Tracking Transparency (ATT) tracking
Use attribution SDKs (such as AppsFlyer, Adjust, or Branch)
Serve advertisements of any kind within the App
Sell, share, or transmit your data to advertisers or data brokers

Firebase Analytics is used solely for anonymous, aggregated usage statistics to improve the App. No personally identifiable information is shared with advertising networks.

1.4 Contact Synchronization

Contact sync is an optional feature that you can enable or disable at any time via Settings > Privacy > Contact Sync.

How it works:

When you enable contact sync, your device contacts' phone numbers are read locally on your device.
Phone numbers are immediately hashed using SHA-256 before being transmitted to our servers.
Raw (unhashed) phone numbers are NEVER transmitted to or stored on our servers.
Hashed values are sent to our Firebase database and compared against hashed phone numbers of existing Wister users to identify your contacts who already use the App.
Hashed contact data is retained on our servers until you disable contact sync or delete your account, at which point it is deleted.
Contact data is NOT shared with any third parties other than Firebase (our database and infrastructure provider).

You are in control:

Contact sync is not enabled by default — you must grant permission.
You can revoke contact access at any time in your device settings or within the App.
Disabling contact sync will delete your hashed contact data from our servers.

1.5 Voice and Video Calls

Voice and video calls within the App are powered by Agora.io. During calls, the following data is processed:

Data	Details
Audio and video streams	Transmitted in real-time between participants. Calls are NOT recorded or stored by Wister or Agora.
Call metadata	Call duration, timestamp, and participant user IDs — stored by Wister for service functionality.
Network quality metrics	Collected by Agora to optimize call quality (e.g., latency, packet loss).

Encryption: All voice and video calls use Agora's encrypted transmission protocols.

No recording: Neither Wister nor Agora records or stores the content of your calls.

For more information, see Agora's Privacy Policy.

1.6 Information from Third Parties

Source	Data	Purpose
Google Play Services	Purchase verification tokens	Verifying in-app purchases of Rubies
Apple App Store	Purchase receipts	Verifying in-app purchases of Rubies

2. How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the App
Create and manage your account
Enable real-time messaging between users
Process Ruby purchases via Stripe
Administer the Community Recognition Program, including eligibility assessment, identity verification, fraud detection, and payment processing via SEPA bank transfer or PayPal
Send push notifications for new messages, gift receipts, celebration reminders, and service-related announcements (you can manage notification preferences in your device settings at any time)
Detect and prevent fraud, abuse, and security incidents (see Section 2A)
Comply with legal obligations
Improve and personalize the App experience

2A. Fraud Detection and Risk Profiling

To protect our community and the integrity of the Gift and Community Recognition systems, Wister operates an automated fraud detection system that processes certain data to identify potentially abusive activity.

What data is processed:

Data	Purpose
Gift transaction patterns	Frequency, volume, and timing of gifts sent and received — to detect velocity anomalies and coordinated schemes
Payout account details	PayPal email — to detect shared payout accounts across multiple users
Withdrawal history	Frequency and amounts of withdrawal requests — to detect suspicious patterns
Account age and activity	Account creation date relative to transaction volume — to identify new account exploitation
Chargeback and dispute history	Payment disputes filed via Stripe or app stores — to detect refund abuse

How it works:

Transaction patterns are analyzed by our automated systems to calculate a risk score (0-100) for each account.
Risk scores are based on configurable thresholds and do not involve profiling based on personal characteristics such as race, ethnicity, religion, gender, or political beliefs.
Accounts that exceed risk thresholds may be flagged for manual review by our team. No automated decision results in account suspension or payout denial without human review, except in cases of confirmed chargebacks or payment disputes where payout freezes are applied automatically to prevent further financial loss.
Fraud alerts generated by the system are reviewed by authorized administrators only.

Your rights:

Under GDPR Article 22, you have the right not to be subject to a decision based solely on automated processing that produces legal effects or similarly significantly affects you. Wister ensures that all consequential actions (account suspension, permanent payout freeze, account termination) involve human review.
You may contact us at info@donationpos.gr to request information about any risk flags on your account or to contest a decision.

Data retention: Risk profile data is retained for the duration of your account. If your account is deleted, risk profile data is anonymized or deleted within 30 days, except where retention is required by law for fraud investigation purposes.

3. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data on the following legal bases:

Legal Basis	Data
Contract performance (Art. 6(1)(b))	Account data, messages, transactions — necessary to provide the service
Legitimate interest (Art. 6(1)(f))	Fraud prevention and risk scoring (Section 2A), security, service improvement, Community Recognition Program eligibility assessment
Consent (Art. 6(1)(a))	Contact sync, push notifications, birthday sharing, Community Recognition Program application — you can withdraw consent at any time
Legal obligation (Art. 6(1)(c))	Financial transaction records, tax compliance, KYC/AML verification for Community Recognition, DAC7 reporting

4. End-to-End Encryption

Chat messages in Wister are protected with End-to-End Encryption (E2EE) using industry-standard cryptography:

Key Exchange: X25519 (Elliptic Curve Diffie-Hellman)
Message Encryption: AES-256-GCM (authenticated encryption)
Key Storage: Encryption keys are stored locally on your device using the operating system's secure enclave

This means that only you and the person you are communicating with can read your messages. Wister cannot access the content of encrypted messages.

5. Third-Party Services

5.1 Google Play Services

The App uses Google Play Services to provide core functionality on Android devices:

Service	Purpose	Data Collected
Google Play Billing	In-app purchases of Rubies	Purchase history, transaction IDs
Firebase Authentication	Account creation and phone verification	Phone number, authentication state
Firebase Realtime Database	Real-time messaging and data sync	User data as described in this Policy
Firebase Cloud Storage	Storing profile photos and story images	Uploaded media files
Firebase Cloud Messaging (FCM)	Delivering push notifications	FCM device token
Firebase Analytics	Anonymous usage statistics	App events, user properties, device info, app version
Firebase Installation ID	Anonymous app instance identification	Unique installation identifier

For more information: Google Privacy Policy and Firebase Privacy

5.2 Apple Services

On iOS devices, the App uses Apple services:

Service	Purpose	Data Collected
Apple Push Notification Service (APNs)	Delivering push notifications	Device push token
App Store In-App Purchases	In-app purchases of Rubies	Purchase receipts, transaction IDs

For more information: Apple Privacy Policy

5.3 Other Third-Party Services

Service	Purpose	Privacy Policy
Stripe	Payment processing for Ruby purchases (credit/debit card). Wister does not store your card details — Stripe handles all card data securely.	stripe.com/privacy
PayPal	Processing Community Recognition payments to eligible Participants	paypal.com/privacy
Agora	Voice and video call infrastructure (see Section 1.5 for details)	agora.io/privacy

5.4 Data Sharing Principles

We do not sell your personal data to third parties.
We share data with third-party services only as necessary to provide the App's functionality as described in this Policy.
Each third-party service operates under its own privacy policy and terms, and you are encouraged to review them.

6. Data Retention

Data Type	Retention Period
Account data	Until you delete your account
Chat messages	Until deleted by sender or chat cleared
Story content	Automatically deleted after 24 hours
Transaction records	7 years (legal/tax requirement)
Community Recognition Program data (KYC, tax docs)	7 years from last transaction (legal/tax/AML requirement)
Risk profile and fraud alert data	Duration of account + 30 days after deletion (or as required by law for fraud investigations)
Push notification tokens	Until you log out or uninstall the App
Contact sync data (hashed numbers)	Until you disable contact sync or delete your account
Firebase Installation ID	Until you uninstall the App or clear app data
Call metadata (duration, timestamps)	1 year from call date
App usage / analytics data	14 months (Firebase Analytics default)
Device information	Until you delete your account

When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

Account Deletion

You may delete your account at any time through the following methods:

In-App: Navigate to Settings > Account > Delete Account
Email: Send a deletion request to info@donationpos.gr from the phone number associated with your account

Upon account deletion:

Your profile, username, and bio are deleted immediately
Your chat messages are deleted (note: copies of messages already delivered to other users remain on their devices due to E2EE)
Your story content is deleted (or was already auto-deleted after 24 hours)
Your hashed contact data is deleted
Your push notification tokens are invalidated
Your transaction records are retained for 7 years as required by law
Community Recognition Program KYC data (if applicable) is retained for 7 years as required by law
All other personal data is deleted or anonymized within 30 days

You will receive a confirmation notification when your account deletion is complete.

7. Data Storage and Transfers

Your data is stored on Google Firebase servers located in the European Union (europe-west1 region). If data is transferred outside the EU, it is protected by appropriate safeguards such as Standard Contractual Clauses (SCCs) in compliance with GDPR.

7A. Data Protection Contact

For all data protection and privacy matters, you may contact us:

Email: info@donationpos.gr
Postal Address: DONATION POS L.P., El. Venizelou 218, Kallithea, 17675, Athens, Greece

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA):

Website: https://www.dpa.gr
Address: Kifisias 1-3, 115 23 Athens, Greece
Phone: +30 210 6475600

8. Your Rights (GDPR)

As a user in the European Union, you have the following rights:

Access — Request a copy of your personal data
Rectification — Correct inaccurate personal data
Erasure ("Right to be forgotten") — Request deletion of your personal data
Restriction — Request limitation of data processing
Portability — Receive your data in a machine-readable format
Objection — Object to processing based on legitimate interest
Withdraw consent — Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at info@donationpos.gr.

We will respond to your request within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at https://www.dpa.gr.

9. Children's Privacy

The App is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. Financial features (Ruby purchases) and the Community Recognition Program require users to be at least 18 years old.

Age verification: Account creation requires SMS verification of a mobile phone number. During registration, users must confirm their date of birth. The App enforces the following age-based restrictions:

Users under 16: Cannot create an account
Users 16-17: May use the App with parental/guardian consent; cannot purchase Rubies or participate in the Community Recognition Program
Users 18+: Full access to all features

If we become aware that a user has provided a false date of birth or that a child under 16 has created an account, we will take steps to suspend the account and delete the associated personal data promptly. We reserve the right to implement additional age verification measures as required by applicable law or platform policies.

If you believe that a child under 16 has created an account, please contact us immediately at info@donationpos.gr.

10. Security

We implement appropriate technical and organizational measures to protect your personal data, including:

End-to-End Encryption for chat messages
Server-side validation and security rules for all database operations
Rate limiting on sensitive operations (purchases, Community Recognition applications, notifications)
Automated fraud detection and risk scoring to protect against abuse (see Section 2A)
Payout freeze mechanisms to prevent financial loss from chargebacks and disputes
Secure storage for encryption keys (device-level secure enclave)
Protected fields (wallet balance, role) that cannot be modified by client applications

No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10A. Google Play Data Safety and Apple App Privacy Disclosures

Google Play Data Safety

In compliance with Google Play's Data Safety requirements, the following summarizes our data practices:

Data Type	Collected	Shared	Purpose	Optional
Phone number	Yes	No	Account creation, authentication	No (required)
Name / Username	Yes	No (visible to contacts within App)	User profile	No
Profile photo	Yes	No (visible to contacts within App)	User profile	Yes
Birthday / Nameday	Yes	No	Celebration reminders	Yes
Messages	Yes	No (E2EE, unreadable by Wister)	In-app communication	No
Photos (Stories)	Yes	No (visible to contacts, auto-deleted 24h)	Content sharing	Yes
Purchase history	Yes	Stripe (payment processor)	Transaction processing	No (if purchasing)
Device identifiers (Firebase Installation ID)	Yes	Firebase (Google)	Analytics, notifications	No
IP address	Yes	Firebase (Google)	Security, fraud prevention	No
App usage data	Yes	Firebase (Google)	Service improvement	No
KYC documents (Community Recognition only)	Yes	No	Legal compliance	Yes (only if applying)

Data deletion: Users can request deletion of their account and associated data at any time via the App settings or by contacting info@donationpos.gr. Data is deleted within 30 days except where retention is required by law.

Data encryption: All data is encrypted in transit using TLS. Chat messages are additionally protected by End-to-End Encryption (E2EE).

Apple App Privacy Labels

In compliance with Apple's App Privacy requirements:

Data Used to Track You: None — Wister does not track users across apps or websites.

Data Linked to You:

Contact Info: Phone number (for account functionality)
User Content: Messages, photos (for app functionality)
Identifiers: User ID (for app functionality)
Purchase History: In-app purchases (for app functionality)

Data Not Linked to You:

Diagnostics: Crash data, performance data (via Firebase)
Usage Data: App interaction data (via Firebase Analytics, anonymized)

10B. Website and Cookies

The Wister website (https://www.wister.site) may use essential cookies required for the website to function properly. We do not use advertising cookies, tracking cookies, or third-party analytics on our website. If this changes in the future, we will update this Privacy Policy and implement an appropriate cookie consent mechanism in compliance with the ePrivacy Directive (2002/58/EC) and applicable national law.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice in the App or sending a push notification. Your continued use of the App after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or your personal data, contact us:

Email: info@donationpos.gr
Postal Address: DONATION POS L.P., El. Venizelou 218, Kallithea, 17675, Athens, Greece
Website: https://www.wister.site