Privacy Policy
Effective Date: February 12, 2026 · Last Updated: February 12, 2026
Gibbet ("we," "us," or "our") is a community-focused social platform. We are committed to protecting your privacy and being transparent about how we handle your data. This Privacy Policy explains what information we collect, how we use it, and the choices you have.
Information You Provide
- Account information: When you create an account, we collect your email address, username, and password (managed securely through our authentication provider). You may also provide a display name, profile picture, bio, and other profile details.
- Community identities: Gibbet allows you to create separate identities for each community ("Lily Pad") you join. Each community-specific profile (display name, avatar, bio) is stored separately.
- User-generated content: Posts, comments, messages, wiki contributions, and other content you create within communities.
- Chat messages: Direct messages and group chat messages you send through the app.
- Media: Photos, images, and other media you upload to the platform.
- Payment information: If you purchase a subscription (Cricket, Deluxe, or PatoPlus) or send tips, payment processing is handled by third-party providers. We do not directly store your credit card or payment details.
- Communications: Information you provide when you contact us for support or feedback.
Information Collected Automatically
- Device information: Device type, operating system, unique device identifiers, and app version.
- Usage data: Features you use, communities you join, interactions with content, and general app activity patterns.
- Log data: IP addresses, access times, and error logs for app stability and security purposes.
- Push notification tokens: Device tokens for delivering push notifications, managed through Firebase Cloud Messaging.
Information From Voice & Video Calls
Gibbet offers voice and video calling features within communities. Audio and video streams are processed in real time through our communications provider (Agora) to deliver the call. We do not record, store, or monitor the contents of your voice or video calls.
2. How We Use Your Information
We use your information for the following purposes:
- Providing the service: Operating communities, delivering messages, enabling social features, and processing subscriptions and in-app currency.
- Identity management: Maintaining your compartmentalized identities across different communities.
- Notifications: Sending you in-app and push notifications about activity relevant to you (new messages, community updates, moderation actions).
- Safety & moderation: Enforcing our community guidelines, detecting and preventing abuse, spam, and other violations.
- Improvements: Understanding how the app is used to fix bugs, improve features, and enhance the user experience.
- Security: Protecting against unauthorized access, fraud, and other security threats.
- Legal compliance: Meeting legal obligations and responding to lawful requests from authorities.
3. How We Share Your Information
We do not sell your personal information. We may share your information in the following limited circumstances:
- With other users: Your community-specific profile information and content you post are visible to other members of that community, according to the community's privacy settings (public, unlisted, invite-only, or private).
- Service providers: We use third-party services to operate the platform (described in Section 4). These providers only access data necessary to perform their services and are bound by their own privacy commitments.
- Community moderators: Community leaders (Agents, Leaders, and Curators) may view certain user activity and content within their communities for moderation purposes.
- Legal requirements: We may disclose information if required by law, legal process, or government request, or to protect the rights, safety, or property of Gibbet, our users, or others.
- Business transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction. We will notify you of any such change.
4. Third-Party Services
We rely on the following third-party services to operate Gibbet. Each has its own privacy policy governing how they handle data:
We may use additional third-party tools for analytics, error reporting, or payment processing. When we do, we select providers that maintain appropriate privacy and security standards.
5. Data Security
We take reasonable technical and organizational measures to protect your personal information, including:
- Secure authentication with token-based session management
- Encrypted data transmission (HTTPS/TLS)
- Access controls and role-based permissions for internal systems
- Rate limiting to prevent abuse
- Regular security reviews
No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
6. Data Retention & Deletion
We retain your personal data for as long as your account is active or as needed to provide you with our services. You may request deletion of your account and associated data at any time.
When you delete your account:
- Your profile information and community identities will be removed.
- Your direct messages will be deleted.
- Publicly posted content (posts, comments, wiki contributions) may be anonymized rather than deleted to preserve community context, unless you specifically request full deletion.
- Some data may be retained for a limited period as required for legal compliance, safety, or fraud prevention.
7. Your Rights & Choices
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your personal data and account.
- Portability: Request a copy of your data in a portable format.
- Objection: Object to certain processing of your data.
- Withdraw consent: Where processing is based on consent, withdraw that consent at any time.
To exercise any of these rights, please contact us at the email address listed below. We will respond to requests within 30 days (or sooner where required by applicable law).
Notification Preferences
You can manage your push notification preferences within the app's settings at any time. You may also disable push notifications through your device's system settings.
8. Children's Privacy
Gibbet is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal data, we will take steps to delete that information promptly.
If you are a parent or guardian and believe your child has provided personal information to Gibbet, please contact us so we can take appropriate action.
Users between the ages of 13 and 17 may use Gibbet with the consent of a parent or legal guardian. We encourage parents and guardians to monitor their children's online activity.
9. International Data Transfers
Gibbet is operated from the United States. If you access our service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.
By using Gibbet, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date at the top of this page. For significant changes, we will notify you through the app or by other means.
We encourage you to review this policy periodically to stay informed about how we protect your information.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: