Privacy Policy
Pessage is a structured project-coordination tool for AEC (architecture, engineering, construction) teams — design, field, ops, and everyone in between. This page explains what we collect, why, who we share it with, and how to delete it.
1. What we collect
| Category | What it is | Why |
|---|---|---|
| Account | Email, display name, optional phone number, optional display color | Identity, mentions, push targeting |
| Content | Pessages, replies, DMs, tasks, project membership, reactions, stars, attachments | The core product — coordinating with your team |
| Attachments | Photos, sketches, PDFs, files you upload | Stored in Supabase Storage; referenced from messages |
| Device | Expo push token, platform (iOS/Android), device name | Sending you notifications |
| Diagnostics | Crash and error events (if Sentry is enabled) | Fixing bugs that affect you |
We do not collect advertising IDs, browsing history, contacts, or precise GPS. EXIF metadata (including GPS coordinates) is stripped from photos before upload.
2. Where it lives
- Supabase (Postgres + Auth + Storage) — primary backend. Hosted in the region you chose at project creation.
- Expo Push Service — relays push notification payloads (title + short body) to Apple APNs and Google FCM.
- Sentry (optional) — crash reporting if your build has
EXPO_PUBLIC_SENTRY_DSNset. - Apple App Store / Google Play — distribution only; they receive your install metadata, not your content.
3. Who can see what
Server-side row-level security (RLS) policies enforce that:
- You can read pessages, replies, and tasks only from projects you're a member of.
- You can read DMs only from conversations you're a participant in.
- Project admins can manage memberships and per-member clearance.
- Pessage employees never read your content. We can run aggregate queries against the database for product diagnostics, but those queries don't return message bodies, attachments, or PII unless required for a billing dispute or law-enforcement request.
4. Retention
- Soft-deleted messages are kept for 30 days before being purged from active tables (audit-trail requirement for AEC compliance).
- Hard-deleted accounts (via Settings → Delete account) are removed within 24 hours, including all DMs, project memberships, push tokens, and read receipts.
- Backups are retained for up to 30 days, encrypted at rest, and not searchable by key without a manual restore.
5. Your rights
Depending on your jurisdiction (GDPR, CCPA, and similar laws), you have the right to:
- Access — Settings → "Download my data" exports a JSON of every row authored by or assigned to you.
- Correct — change your display name, email, or phone in Settings.
- Delete — Settings → "Delete account forever" wipes your account in 24 hours.
- Object / opt out — turn off any per-channel push notification in Settings → Notifications. We don't run targeted ads.
- Portability — your data export is JSON; reusable in any spreadsheet or another app.
If you'd rather email us than use the in-app controls, write to gorkyaitech@gmail.com. We respond within 30 days.
6. Children
Pessage is not directed to children under 13. We don't knowingly collect data from anyone under 13. If you believe we have, contact us and we'll delete it.
7. Security
- All client/server traffic is HTTPS / TLS 1.2+.
- Passwords are hashed by Supabase Auth (bcrypt-equivalent); we never see the plaintext.
- Attachment uploads are virus-scanned by Supabase Storage's default policies.
- RLS policies are enforced at the database level, not just the client — a malicious client cannot bypass project membership.
8. Changes
If we change this policy in a way that affects what we collect or share, we'll either show an in-app banner or email registered users at least 14 days before the change takes effect.
9. Contact
Questions, complaints, or requests: gorkyaitech@gmail.com.
Pessage is operated by Gorkyai Tech. This document is provided for transparency and to satisfy App Store / Google Play submission requirements; it does not constitute legal advice.