1. Introduction
Welcome to Mistabu. We are proud to be an independent, India-first social media platform designed and developed locally. Our commitment is to foster genuine connections, self-expression, and community engagement while maintaining a highly secure, reliable, and privacy-conscious environment for our users.
This Privacy Policy outlines how Mistabu collects, uses, handles, and protects your information when you register, access, or interact with our mobile application and related web systems. By using our platform, you acknowledge and agree to the data collection and processing methods described in this document.
2. Information We Collect
To deliver a personalized, modern, and high-performance social networking experience, we collect specific types of information. This collection occurs either directly from your inputs or automatically through your interaction with the platform.
-
Account Registration Your full name, username, and email address.
-
Phone Number Collected for future support, secure login, and verification.
-
Profile Customization Your profile picture and biographical status notes.
-
Uploaded Media Photos, videos, and stories uploaded to your feed.
-
Social Activity Your posts, comments, reactions, and relationship feeds (followers/following).
-
Private Communications Direct private messages exchanged between you and other users.
-
Device Attributes Device model, operating system details, and unique identifiers.
-
Network Metadata IP address, connection logs, and geographic coordinates.
-
Usage Analytics Feature interactions, session durations, and screen transitions.
-
Stability Reports System logs, stack traces, and crash diagnostics to fix issues.
3. How We Use Your Information
We process the collected information with care, and only for specific, legally grounded, and service-oriented purposes.
-
Provide Social Networking Services: Rendering your news feed, processing your likes/comments, and facilitating user searches.
-
Improve User Experience: Diagnosing structural interface inefficiencies, running A/B feature tests, and fixing performance bottlenecks.
-
Personalize Content: Customizing recommendation algorithms to match your preferences and suggesting relevant creators to follow.
-
Prevent Spam and Abuse: Deploying content-filtering models to prevent hate speech, harassment, fake profiles, and malicious activities.
-
Maintain Security: Validating login sessions, logging unauthorized access attempts, and protecting servers against cyber attacks.
-
Process Verification Payments: Verifying identities for premium profile statuses and collecting payments securely via third-party processors.
4. Public and Private Content
We put you in control of your content. Mistabu offers flexible visibility configurations for every piece of content you share, ensuring you determine who can see your thoughts and media.
-
Public Posts: Visible to anyone on or off the Mistabu platform. These can be crawled by search engines.
-
Followers-Only Posts: Restricted exclusively to users whose follow requests you have explicitly approved.
-
Custom Audience Posts: Restricted to specific groups or selected lists of users of your choosing.
5. Messaging Privacy
Private communication should remain private. Mistabu uses multiple layers of security to protect your conversations. We offer two distinct tiers of private chat services depending on your security needs.
-
Standard Messaging Protected using industry-standard transport layer security (TLS/SSL). Messages are stored securely on our database.
-
End-to-End Encrypted (E2EE) Chat Optional E2EE locks messages with keys only you and the recipient possess. No one else, not even Mistabu, can read them.
To maintain a high-trust network and prevent bots or bad actors from abusing our end-to-end encrypted messaging channels, Mistabu requires identity verification for E2EE features.
Requirements: Users must submit a valid government-issued ID (which is deleted immediately after validation) and complete a one-time identity verification fee.
6. Media Uploads
Mistabu allows you to share rich media to express yourself fully. The media you upload is processed and delivered via our Content Delivery Network (CDN) and optimized in real-time through ImageKit to ensure fast rendering.
You can upload and share the following types of media:
-
Photos Shared on your feed or private chats.
-
Videos Short or long-form clips uploaded to posts.
-
Stories Ephemeral media that automatically vanishes after 24 hours.
-
Profile Pictures Uploaded to identify your profile across the network.
Metadata Notice
To protect your location privacy, we automatically strip EXIF metadata (GPS coordinates, camera model) from photos and videos uploaded to public feeds.
7. Third-Party Services
We build on top of trusted, global cloud infrastructures to offer a highly secure, reliable, and scalable application. The following third-party services process data under strict data protection protocols:
8. Data Security
At Mistabu, security is not an afterthought. We implement multi-layered technological and administrative safety measures to keep your data safe from unauthorized access, loss, or manipulation.
-
Encryption in Transit & at Rest: All communication is encrypted via HTTPS / TLS 1.3, and data stored in databases uses AES-256 standard encryption.
-
App Check Verification: We enforce Firebase App Check to prevent unauthorized app instances or API queries from scraping content.
-
Access Control Lists (ACLs): Database access rules block users from querying profiles, posts, or private messages they don't have permissions to view.
-
Regular Security Audits: Continuous penetration testing and dependency upgrades protect against emerging system exploits.
9. Children's Privacy
Mistabu is designed for a general audience but is specifically intended only for individuals who are 13 years of age or older.
Age Restriction Notice
We do not knowingly collect or request personal information from children under 13. If we discover that a child under 13 has registered and provided personal data without parental consent, we will purge the account and delete all associated data from our servers immediately.
10. Account Deletion
We respect your right to be forgotten. You have complete control to request the absolute deletion of your profile, media files, and engagement metrics at any time. Once requested, your account transitions into a cooling period, followed by complete removal from our databases.
11. Changes to this Privacy Policy
Mistabu reserves the right to update or modify this Privacy Policy at any time. When updates occur, we will adjust the "Last Updated" timestamp at the top of this page.
We will notify users of any significant modifications by sending an in-app notice, push notification, or an email to your registered address. We encourage you to check this page periodically to stay informed about how we protect your information.
12. Contact Information
If you have questions, complaints, feedback, or inquiries regarding our data handling or this policy, please reach out to us: