Privacy Policy

VENT is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application ("the App"). By using VENT, you agree to the practices described in this policy.

1.1 Information You Provide

• Account Information: Username (optional), bio, and profile details you choose to set up.
• Vent Content: Text vents (up to 500 characters) and voice/audio vents you record and post, including any category you assign them to.
• Comments: Text and voice comments you make on vents.
• Reactions: "Me too" reactions and likes you give to vents and comments.
• Reports: When you report content or users, we collect the report reason, any additional details you provide, and the associated content. For safety and legal compliance (including reporting to NCMEC and law enforcement when required), we also collect your IP address, device identifier, device model, operating system version, and app version in connection with reports.
• Subscription Information: If you subscribe to vent.so +, Apple processes your payment. We receive subscription status and entitlement information from Apple but do not receive or store your payment card details.

1.2 Information Stored Locally on Your Device

The following information is stored only on your device and is never transmitted to our servers:

• App Lock PIN: If you enable the optional PIN lock feature, your passcode hash is stored in the device Keychain.
• User Preferences: Theme, notification settings, content filter preferences, and other app preferences.
• Vent Drafts: Unsent voice vent drafts, including recorded audio.

1.3 Automatically Collected Information

• Device Identifier: A randomly generated anonymous UUID assigned to your device. This serves as your primary identifier and is not linked to your Apple ID, phone number, or real identity.
• App Version: Used to check compatibility and deliver force-update prompts when necessary.
• Usage Analytics: We record certain in-app events (such as app opens, vents created, reactions added, and comments posted) associated with your device identifier. You can turn off this analytics pipeline in Settings → Analytics (crash reporting may still run separately to keep the app stable).
• Product analytics (TelemetryDeck): When analytics is enabled, we send pseudonymous event names (for example, app_open, vent_created) and optional non-content parameters to TelemetryDeck to understand feature usage. See telemetrydeck.com/privacy.
• Crash & error reporting (Sentry): We use Sentry to collect crash reports and diagnostic context (such as device model, OS version, and stack traces) to find and fix bugs. This is not controlled by the Analytics toggle. See sentry.io/privacy.

1.4 Information We DO NOT Collect

• Your real name or email address
• Your geographic location or GPS data
• Your contacts or address book
• Your photos, camera roll, or files (audio is recorded in-app only for voice vents)
• Any biometric data
• Advertising identifiers (IDFA)

Purpose	Data Used
Display your vents, comments, and profile to the community	Content, username, device ID
Enable social features (reactions, comments)	Device ID, content, interactions
Enforce blocking and ban decisions	Device ID, block/ban records
Moderate content and review reports	Content, reports, device ID
Detect harmful content (self-harm keywords, spam, profanity)	Vent and comment text
Track engagement metrics and award badges	Activity metrics (vents, comments, reactions, streaks)
Manage subscriptions and enforce free-tier limits	Subscription status, daily vent count
Deliver feature flags and A/B experiments	Device ID, experiment assignment
Deliver in-app notifications for social activity	Device ID, notification preferences, activity data
Power home-screen widgets with glanceable stats	Anonymized score totals, theme preference (stored on-device via App Groups)
Improve and personalize the app experience	Anonymized or pseudonymous analytics events (TelemetryDeck; optional Supabase analytics table when enabled)
Diagnose crashes and improve stability	Crash reports and diagnostic data (Sentry)
Provide customer support	Account and content data as needed

When you create a voice vent or voice comment, your audio recording is uploaded and stored in a secure cloud storage bucket. Voice vents are played back to other users as part of the public feed, including a dedicated voice feed. Unfinished voice recordings are saved as drafts on your device and are never uploaded until you choose to post them. Audio files are subject to the same moderation, retention, and deletion policies as text content.

To maintain a safe community, we use automated tools to:

• Detect self-harm and crisis-related keywords
• Filter profanity (when enabled)
• Identify spam and repetitive content
• Validate content length and formatting

Reports submitted by users are reviewed and may result in content removal, account suspension, or permanent bans. Moderation data (reports, actions taken) is retained for safety and legal compliance.

We use HTTPS/TLS for data in transit, store data in SOC 2 compliant infrastructure, hash passwords with industry-standard methods, and restrict access to authorized systems and personnel only.

We DO NOT sell your personal information.

We may share information only in these limited cases:

• Public Content: Vents, comments, and profile information you post are visible to other VENT users. If you use the sharing feature, your vent content may be shared outside the app.
• Service Providers: With Supabase (our database and storage provider) to operate the app infrastructure.
• Apple: Subscription and purchase data is processed by Apple through StoreKit. We do not share your VENT content with Apple.
• Child Safety: If we become aware of content that appears to constitute child sexual abuse material or that suggests a child is in immediate danger, we will report it to the National Center for Missing & Exploited Children (NCMEC), law enforcement, and/or child protection authorities as required or permitted by law. We may disclose relevant user and content information in connection with such reports.
• Legal Requirements: If required by law, regulation, legal process, or enforceable governmental request.
• Safety: To protect the rights, safety, or property of VENT, our users, or the public.
• Business Transfer: In the event of a merger, acquisition, or sale of assets, your data may be transferred. You will be notified of any such change.

You have the right to:

• Access: Request a copy of the data we hold about you
• Delete: Request deletion of your account and associated data
• Correct: Update or correct your profile information at any time
• Export: Request your data in a portable format
• Opt Out of Analytics: Disable analytics tracking in the app's Settings
• Block Users: Block any user to prevent them from seeing your content and to hide theirs from you
• Delete Content: Delete your own vents and comments at any time

To exercise data access, deletion, or export rights, contact us at support@vent.so.

• Active accounts: Data is retained while your account remains active
• Deleted accounts: Data is permanently deleted within 30 days of account deletion
• Reported/moderated content: May be retained for up to 90 days after action is taken, for safety and legal compliance
• Anonymized analytics: Aggregated, non-identifiable data may be retained for up to 2 years
• Audio files: Deleted alongside associated vent content
• Local data (drafts, preferences): Stored on your device only; deleted when you uninstall the app or clear app data

VENT is rated 17+ and is intended for users aged 17 and older. We do not knowingly collect information from anyone under the age of 17. If we learn that we have collected information from a person under 17, we will delete that information and terminate the associated account immediately.

If you believe a user is under 17, please report it to support@vent.so.

If you access VENT from outside the United States, your information may be transferred to, stored, and processed in the United States where our service infrastructure is located. By using VENT, you consent to this transfer. We take steps to ensure your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

VENT uses server-driven feature flags to enable, disable, or modify app features remotely. We may also run A/B experiments where users are randomly assigned to different feature variations. Your experiment assignment is stored locally on your device and associated with your device identifier. Experiment data is used solely to improve the app experience and is not shared with third parties.

VENT may deliver alerts using local notifications and, when you enable them, remote push notifications through Apple’s Push Notification service (APNs). The app may also check our server for activity. A device push token may be stored on our servers when you opt into remote notifications.

You can configure notification preferences in the app's Settings, including:

• Master on/off switch for all notifications
• Social activity alerts (likes, comments)
• Daily vent prompts
• Weekly insights
• Streak and check-in reminders
• Milestone achievements

You can also manage notification permissions through your device's system settings.

VENT offers optional home-screen widgets and supports deep links (URLs that open specific content within the app). Widget data is shared between the main app and the widget extension using on-device App Groups — this data never leaves your device. Widget data includes only your selected theme and anonymized activity totals (e.g. total posts, vent score). No personally identifying information is stored in the widget container.

VENT uses the following third-party services:

Service	Purpose	Privacy Policy
Supabase	Database, cloud storage, real-time features	supabase.com/privacy
Apple StoreKit	In-app subscriptions and payment processing	apple.com/legal/privacy
TelemetryDeck	Pseudonymous product analytics (event names and optional parameters)	telemetrydeck.com/privacy
Sentry	Crash reporting and error diagnostics	sentry.io/privacy

We do not use advertising networks or cross-app tracking for ads (for example, we do not use the advertising identifier IDFA for advertising). TelemetryDeck is used for privacy-oriented product analytics; Sentry is used for reliability. You can disable non-crash usage analytics in Settings → Analytics.

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Posting the new policy in the app and on our website
• Updating the "Last Updated" date at the top of this page
• Sending an in-app notification for material changes

Your continued use of VENT after changes are posted constitutes acceptance of the revised policy.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• The right to know what personal information we collect and how it is used
• The right to request deletion of your personal information
• The right to opt out of the sale of personal information — we do not sell your data
• The right to non-discrimination for exercising your privacy rights

To exercise these rights, contact support@vent.so.