Gchat Privacy Policy

Updated May 3, 2012

Privacy and security were some of the main concerns we had when building Gchat. Rest assured that we consider you privacy of utmost importance. We will never rent, sell, or share your personal information with any third party. All communication with the app is secured through HTTPS, and all communication with Microsoft Push Notification Services is done via HTTPS; some of it is additionally encrypted using AES.

 

We store the following unencrypted data in our servers to provide you with the service:

  1. Your Google account name, for initial registration purposes
  2. Contact avatars for showing images in the app

 

We also store the following encrypted data in our servers to provide you with the service:

  1. An authentication token (we never receive your password, it only goes to Google and Google gives us an auth token)
  2. An encryption key so we can provide AES-encrypted communication with the app
  3. The list of chat messages you receive when the app is not open, so they can be delivered to you when you open the app; this list is cleared every time you open the app

 

We send the following data encrypted only via HTTPS (not AES) to Microsoft to provide you with toast notifications:

  1. Names of contacts that have sent you a chat, only if you have toast notifications on
  1. Contents of incoming chat messages, only if you have toast notifications on and the chat is not off the record (OTR); if the chat is OTR, you will only get a toast saying you received an OTR message from that contact

Additionally, the following data also goes encrypted through HTTP and AES through Microsoft’s push servers:

  1. Contents of incoming chat messages.

 

We periodically collect anonymous, aggregated data from app users to improve the app. This data is sent to the Flurry analytics service, so we can know what features users use the most and how we can improve the app. This is a list of some of the stuff that Flurry collects:

  1. Pages visited ('contact list', 'chat', 'search', etc) and time spent on each page
  1. Certain events, like 'chat sent' or 'setting toggled'
  1. App version
  1. OS version
  1. Phone model
  1. Country and carrier
  2. Anonymous user ID, to track uniqueness

For more details, please read Flurry's Privacy Policy.

 

Finally, if the app crashes, you are given the option send a crash report the next time you open the app so we can have information to fix the bug that caused the crash. The following anonymous data is sent in the crash report:

  1. App version
  2. Error message
  3. Stack trace showing where the app crashed

 

Be sure to also check out the Google, Microsoft and Flurry privacy policies to see exactly what data they collect and how they use it.