MINAWATerms of Service →

Legal

Privacy Policy

Last updated: May 2026

What we collect

When you use MINAWA, we collect the following information:

  • Handle and display name — chosen by you when you sign up
  • Password — stored as a hashed value (we cannot read your actual password)
  • Profile information — bio, profile photo, and banner image if you add them
  • Voice posts — audio files and their metadata (topic, duration, timestamp)
  • Activity — likes, follows, replies, bookmarks, and direct messages you send (text DM content is stored in plaintext on our server)
  • Voice messages and calls — voice DM audio is stored as a file and served only to conversation participants via an access check. For voice calls, the audio between you and the other person is encrypted end-to-end via WebRTC's SRTP, but we log call metadata (who called whom, when, codec choices, network candidates) in plaintext for the duration of the call
  • Push notification subscriptions — if you enable browser push for calls and messages, your browser's push endpoint and keys are stored so we can deliver notifications. You can revoke at any time from your browser's site settings or by tapping “Turn off” on the notifications page
  • IP address — collected temporarily for rate limiting and abuse prevention, not stored long-term. For grouping repeat-abuse signals (e.g., bulk signups from one network) we keep only an HMAC hash of the IP and an HMAC hash of the /24 subnet, never the raw address
  • Anti-abuse signals — when you sign up we record a lightweight, hashed fingerprint (the hashes above, plus a hash of your browser's user-agent string and a risk score) so we can detect automated and bulk signup abuse. We do not use this for advertising, do not build behavioural profiles, and do not share it
  • Error logs — anonymous technical errors to help us fix bugs

We do not collect email addresses (unless you contact us), payment information, or device identifiers.

How we use it

  • To operate and improve the platform
  • To show your content to other users (voice posts, profile, replies)
  • To prevent abuse, spam, and policy violations
  • To respond to support requests you initiate

We do not sell your data. We do not use your voice recordings to train AI models without explicit consent.

How we store it

Your account data is stored in a database on our server at minawa.fun. Voice files and images are stored as files on the same server. During the beta, we do not use third-party cloud storage providers.

We take reasonable technical precautions to protect your data, including encrypted HTTPS connections for all traffic, hashed passwords, and access controls. No system is perfectly secure, and we cannot guarantee absolute security.

What is public vs private

Public by design: your handle, name, bio, profile photo and banner, your public voice posts (the audio file is link-shareable), your replies on public posts, your followers and following counts.

Private (server-side, not end-to-end encrypted): the contents of your direct messages — both text and voice DMs. Text DMs are stored in plaintext on our database. Voice DM audio is stored as a file and gated by a participation check at request time. Anyone with database access could in principle read text DMs; for that reason, MINAWA is not the right place for sensitive messages today. We are honest about this in /trust.

We do not share your personal data with third parties except when legally required (e.g., a valid legal process or court order) or to protect the safety of users.

Your rights

You can:

  • Delete your own posts at any time
  • Update your profile information at any time
  • Request deletion of your account and data by emailing support@minawa.fun
  • Request a copy of your data (during beta, handled manually on request)

Account deletion removes your profile and posts. Some information may remain in aggregated or anonymized logs for a limited period.

Cookies and storage

MINAWA uses session cookies for authentication and local storage in your browser to remember preferences (like followed accounts and bookmarks). We do not use third-party tracking cookies or advertising trackers.

Children's privacy

MINAWA is not intended for children under 13. We do not knowingly collect data from children. If you believe a child under 13 has created an account, contact us and we will remove it.

Changes to this policy

We may update this policy as the product evolves. Material changes will be announced on the platform. The date at the top of this page reflects when the policy was last updated.

Contact

Privacy questions or data requests: support@minawa.fun.