Privacy at Pluria

Account and sign-in data

• What: Your email and password (handled by our sign-in providers), your phone number, any Google or Apple account you’ve linked, the sign-in sessions on your devices, and a record of how you’ve signed in before.
• Why: So you can create an account, sign back in, recover access if something goes wrong, get security notifications, and so we can stop people abusing the service.
• Required or optional: Email is only required if you use email + password to sign in. Phone is only required for phone sign-in or once you link it. Google and Apple details are only collected if you sign in with those services.
• Public or private: Private. Your sign-in and recovery details never appear on your public profile.
• GDPR / legal basis: Needed to provide the account you asked for, plus a legitimate interest in keeping it secure — and legal obligations when they apply.

Profile and content data

• What: Your @username, display name, avatar, bio, website, social links, the polls you publish, the comments and reactions you make, the people you follow, and a timestamp for what you create.
• Why: So we can run your public profile, your publishing tools, search, credit you on polls, moderate the platform, and build the public poll pages.
• Required or optional: Your @username is required so we have a stable way to identify you. Display name, avatar, bio, website, and social links are optional — you can skip them or edit them anytime.
• Public or private: What you publish and the profile fields you fill in can be public. Drafts, our moderation notes, abuse signals, and internal review records stay private.
• GDPR / legal basis: Needed to provide profile and publishing features, plus a legitimate interest in moderation, safety, and keeping the service fair.

Demographics and eligibility

• What: Your confirmation that you’re 13 or older, your age range, the country you live in, and your gender (if you choose to share it).
• Why: To confirm you’re old enough to use Pluria, to show results by region, to adjust the app for the country you’re in, and to make demographic breakdowns more accurate. For voting, this information is counted separately from your individual answer.
• Required or optional: Confirming you’re 13+, your age range, and your country are required to create and use an account. Gender is optional. We don’t need your full date of birth to sign you up.
• Public or private: Your age confirmation stays private. Country, age range, and gender stay private too — unless you choose to show them on your profile.
• GDPR / legal basis: Needed to provide the service and for our legitimate interest in age checks, regional features, and keeping results fair. If local law treats one of these fields as sensitive, sharing it stays optional.

Voting privacy data

• What: A private record that your account took part in a poll, the one-time pass we use to make sure the same person can't vote again, and the totals that build the public result. Your specific answer is not stored next to your account.
• Why: So each person votes once, so we can show you a "you voted" state, so we can email you when results are ready (if you opt in), and so the public result reflects the real audience.
• Required or optional: Required when you vote. If you vote without a connection, your device holds the answer until it can be sent.
• Public or private: The fact that you voted is a private record. Public pages only show totals and percentages. Your individual answer is never tied back to your account on a public page.
• GDPR / legal basis: Needed to provide voting itself, and a legitimate interest in keeping each poll honest and protected from repeat voting and abuse.

See Voting privacy for the plain-language flow and Transparency for how public results keep context.

Notifications, contact, and support

• What: The information your phone needs to send you push notifications, your notification preferences, any emails you send to support, your account-help requests, and public contact details (like your website or public email) if you choose to share them.
• Why: So we can deliver the alerts you ask for, send important account messages, respond to your support requests, and let you decide which contact details appear on your public profile.
• Required or optional: Push notifications and marketing emails are optional. Sending us a support message is optional too — but if you do, we’ll handle it.
• Public or private: Support messages always stay private. Contact fields only show on your profile if you choose to turn them on.
• GDPR / legal basis: Needed for account messages, with your consent for optional notifications and marketing, and a legitimate interest in running support and keeping the service working.

Purchases and billing

• What: Which product you bought, whether your subscription is active, whether it was paid through Apple or Google, the purchase reference for that transaction, any restore attempts, a link to manage the subscription, whether the subscription is for you or for a publisher page, and any support emails about the purchase.
• Why: So we can confirm that Premium is active, apply it to the right person or page, help you restore a purchase, prevent fraud, answer billing questions, and meet our tax, accounting, and dispute obligations.
• Required or optional: Only collected if you start a purchase, restore one, receive manual Premium from support, or get in touch about billing.
• Public or private: Private. Billing and purchase information never appears on your profile or on public pages.
• GDPR / legal basis: Needed to provide the subscription you bought, plus a legitimate interest in fraud prevention and support — and legal obligations for financial records where they apply.

Device, diagnostics, analytics, and ads

• What: Information about your device and app — like the install ID, your IP address, the app version, crash reports, your language, basic device information, how you use the app, your phone’s advertising ID (where Apple or Google allow it), and a limited set of signals shared with ad providers when ads are on.
• Why: So the app stays stable, so we can fix performance problems, reduce fraud, run a limited number of ads in the app and on the website, measure whether those ads were delivered, and keep improving the product.
• Required or optional: Basic stability and anti-fraud information is generally required for the service to work. Optional analytics or ad processing depend on what the law in your country requires, your phone’s privacy settings, your browser settings, or the ad choice prompt we show you.
• Public or private: Private. None of this appears on your public profile.
• GDPR / legal basis: Legitimate interest plus contract for stability, security, and measurement — and your consent where it’s required for analytics or ads.

Cookies and browser storage

• What: Cookies that keep you signed in, short-lived browser storage used while you approve a sign-in, local storage that remembers a visitor or your choices, and storage used by advertising partners when ads are turned on.
• Why: So we can keep your browser session secure, remember temporary sign-in state, measure how the public site is used, remember your ad choices, and deliver and measure ads where applicable.
• Required or optional: Security and sign-in cookies are needed for anything that requires you to be logged in. Ad-related storage is optional and depends on your ad choices and the provider.
• Public or private: Private. Browser storage isn’t public on its own, but it does affect what you see and how that browser is measured.
• GDPR / legal basis: Needed for secure sessions and a legitimate interest in running the site — plus your consent (or equivalent choice) for optional advertising and measurement.

What is public and what is not

Identity verification

If you choose to verify your identity, we ask you to agree first. We then collect a short front-camera video, a preview frame, a record of the steps you completed, the reviewer's decision, and a note of which consent version you agreed to.

We also tie the verification to your specific app install so one person can't make multiple verified accounts on the same device. The recordings are used to confirm your identity, prevent fraud, handle disputes, and let moderators review unusual cases. They are never used for advertising and never appear on your profile.

Verification is always optional. We only keep what we still need for review, fraud prevention, disputes, or legal reasons.

Phone permissions and optional features

• Camera: Only used when you choose to take a profile photo, attach media to a poll, or verify your identity.
• Microphone: Only used when you record audio or video for a poll or for verification.
• Photos and media library: Only used when you upload media or save a result image to your device.
• Location: Only used when you turn on a feature that needs it — like results from your region or nearby content.
• Push notifications: Only used if you grant permission on your phone.

You control these permissions on your device. If you turn one off, your account still works — but features that need that permission won’t.

How long we keep things, and deletion

When you ask to delete your account, you get a 30-day recovery window before deletion becomes permanent. During that window, your account is scheduled for deletion and public access is limited. Public content from your account is queued to be removed once deletion completes.

A few records may be kept to protect past polls and prevent fraud: the fact that votes were cast, the totals that built each public result, and fraud-prevention logs. These records do not link your individual answer to your account. Verification recordings, review decisions, and the link between a verification and a device may also be kept while we still need them for moderation, fraud prevention, disputes, or legal obligations.

Billing support records, proof of an active subscription, and a small amount of financial or fraud evidence may stay too — where we need them for refunds, disputes, tax, or accounting. Remember: deleting your Pluria account does not on its own cancel an Apple or Google subscription.

If you’d like us to delete your verification or process a consent withdrawal before the full account is closed, email account@pluria.org.

For the full deletion process, see Delete Account.

The companies we work with

To run Pluria we use trusted partners for things like sign-in, cloud hosting, storing data, crash reporting, checking subscriptions, processing app-store purchases, sending messages, customer support, moderation tools, and ads or measurement when ads are on.

Each of those partners only handles the data they need for their job, under their own terms and security rules, and — where it applies — under our instructions. Apple and Google also handle your payment details directly when you buy or manage a subscription.

GDPR and the legal basis we rely on

Depending on the feature, our reason for processing your data is one of these four: providing what you signed up for, our legitimate interest in running the service, your consent, or a legal obligation.

For details on rights in your country, see the GDPR notice.

What you can choose

• Use the privacy controls in the app to decide what appears on your public profile.
• Request an export, ask us to delete your account, or get other help — in the app or by email.
• Link or unlink sign-in methods and optional contact details from your account settings.
• Turn off optional permissions on your phone whenever you want.
• Manage or cancel a Premium subscription through Apple or Google.
• On pluria.org, click Ad choices in the footer at any time to update your ad preferences.
• See the GDPR page for region-specific rights and Billing and subscriptions for help with purchases.

Get in touch

For privacy or account questions, email account@pluria.org. For everything else, email support@pluria.org.