Back to Home
Oathian
Privacy Policy
Effective Date: October 22, 2025
Oathian, United Kingdom
Important for young users: If you're under 16 or need help understanding this policy,
ask a parent, guardian, or trusted adult to review it with you. Users must be at least 16 years old to use Oathian.
This Privacy Policy describes how Oathian ("we," "us," or "Oathian") handles your personal information
when you use our web/mobile application. We're committed to protecting your privacy and being transparent about
our data practices.
Using Oathian means you accept this Privacy Policy. If these practices don't work for you, we respect
that; just please don't use our service.
1. Information We Collect
The information we gather falls into three categories:
1.1 Information You Give Us
When you create an account:
- Email address (required for login, password recovery or a rare support email)
- Password (hashed and encrypted; we can't see the actual password)
- Age (to confirm you meet our age requirement)
When you build your profile:
- Your chosen display name and username
- Profile picture (if you choose to add one)
- Bio information (completely optional)
When you use Oathian's core features:
- The oaths you make (your written commitments and time limits)
- Photos you upload as proof of completion
- Your comments on your own and others' content
- When you post content (timestamps)
When you contact support:
- Any messages or inquiries you send us
- Bug reports and feature suggestions
1.2 Information Collected Automatically
Technical information about your device:
- Whether you're using iOS or Android
- Your operating system version
- Which version of Oathian you're running
- Your IP address
- Advertising identifiers (Apple's IDFA or Google's AAID)
How you use the app:
- Frequency of app sessions
- Features you engage with most
- Your interactions (encouragements, awards, follows)
- Technical errors and crashes (so we can fix bugs)
What we DON'T automatically collect:
What you do in other apps or websites, or anything from your device that isn't directly related to using Oathian.
1.3 Information Others Provide About You
Sometimes we receive information from external sources:
- From other Oathian users: When they tag you, share your content, or reference your username
- From analytics services: Aggregated statistics that help us understand app performance
- From advertising networks: If you found Oathian through an ad, we might get anonymized attribution data
2. How We Use Your Information
This table shows what we do with your data, what information we use, and our legal justification:
| Why We Process Your Data |
What Data We Process |
Legal Basis |
| So you can create and keep your account |
Email, password, age |
Performance of contract |
| So you can make oaths and prove completion |
Oaths, fulfilment photos, timestamps |
Performance of contract |
| So you can build your profile and reputation |
Profile data, oath statistics, completion rates |
Performance of contract |
| So you can interact with friends |
Comments, encouragements, awards, follows |
Performance of contract |
| To keep Oathian secure and prevent abuse |
Device data, IP address, usage patterns |
Legitimate interest |
| To improve the app and fix bugs |
Usage data, crash reports, device info |
Legitimate interest |
| To send you notifications about activity |
Device tokens, notification preferences |
Legitimate interest (you can opt out) |
| To verify you're old enough to use Oathian |
Age |
Legal obligation |
| To detect and remove illegal content (UK Online Safety Act) |
Content data, user reports, moderation decisions |
Legal obligation |
| To show you relevant ads |
Mobile advertising IDs, usage patterns |
Consent |
| To comply with legal requests and report serious crimes |
Any relevant data |
Legal obligation |
3. How We Share Your Information
3.1 Sharing Under Oathian's Control
We share your information with trusted partners who help us run Oathian:
Service Providers:
- Supabase: Our database and authentication provider (stores your data securely)
- Cloud storage providers: To store your photos securely
- Push notification services: To send you app notifications
- Analytics tools: To understand how people use the app (anonymized data)
These providers can only use your data to help us provide Oathian's services—they can't use it for their own purposes.
Oathian Employees:
- Our team may access data when necessary to provide support, fix bugs, or investigate abuse
- Access is restricted to what's necessary
Legal & Professional Advisors:
- Lawyers, accountants, and consultants who help us run the business (under confidentiality agreements)
3.2 Sharing with Third Parties
Other Oathian Users:
- Your profile, oaths, fulfilments, and comments are visible to other users (this is how the app works!)
- You can control visibility through privacy settings
Ad Partners:
- When we add advertising, we'll share mobile advertising IDs with ad networks
Legal Authorities & Safety:
- We may share data if required by law, court order, or to protect safety
- Examples: responding to subpoenas, preventing fraud, protecting users from harm
- UK Online Safety Act compliance: We report CSAM to the National Crime Agency (NCA) and Internet Watch Foundation (IWF), terrorism content to Counter Terrorism Internet Referral Unit (CTIRU), and other serious crimes to UK law enforcement
- Ofcom reporting: We may share data with Ofcom to demonstrate compliance with online safety regulations
Business Transfers:
- If Oathian is acquired or merged with another company, your data may transfer to the new owner
- We'll notify you before this happens
Zero data sales: We don't sell your personal information. Not your email, not your photos,
not your name—nothing. Your data isn't a product we sell to advertisers or data brokers.
4. Children's Privacy
Oathian requires users to be at least 16 years old. We do not knowingly collect personal data from anyone under 16.
If we discover a user is under 16, we'll immediately delete their account and all associated data. If you're a parent or
guardian and believe your child under 16 has created an account, please contact us at privacy@oathian.com so we can
remove it promptly.
5. International Data Transfers
Oathian is based in the United Kingdom, but our service providers may be located in other countries (including the
United States). This means your data may be transferred outside the UK or European Economic Area (EEA).
When we transfer data internationally, we protect it using:
- Standard Contractual Clauses: EU-approved contracts that require strong data protection
- Adequacy decisions: Countries the EU/UK recognizes as having adequate privacy laws
- Encryption: Your data is encrypted during transfer and storage
6. How Long We Keep Your Data
We keep your information only as long as needed to provide Oathian's services and comply with legal requirements.
- Active accounts: We keep your data while your account is active
- Deleted accounts: Most data is permanently deleted (see our Data Retention Policy for details)
- Legal requirements: Some data may be kept longer to comply with laws (like financial records or legal holds)
- Anonymized data: We may keep anonymized, aggregated data indefinitely for analytics
For full details on what happens when you delete your account, see our Data Retention Policy.
7. Controls You Have
You're in control of your data. Here's what you can do:
7.1 In the Oathian App
Manage Your Profile:
- Edit your name, handle, photo, and bio anytime
- Delete individual oaths, fulfilments, or comments
Privacy Settings:
- Hide from public feed: Make your oaths visible only to followers
- Block users: Prevent someone from seeing or interacting with you
- Mute users: Hide someone's content without blocking them
Notification Settings:
- Choose which notifications you receive
- Turn off notifications entirely in your device settings
Download Your Data:
- Settings → Account → Data & Privacy → Download My Data
- Get everything we have about you in JSON format
Delete Your Account:
- Settings → Account → Data & Privacy → Delete Account
- Permanently removes your account and most data (see Data Retention Policy)
8. Your Privacy Rights
Depending on where you live, you may have additional privacy rights:
8.1 Rights for Everyone
- Right to access: See what data we have about you (use "Download My Data")
- Right to rectification: Correct inaccurate information (edit your profile in the app)
- Right to deletion: Delete your account and data (use "Delete Account")
- Right to portability: Get your data in a portable format (use "Download My Data")
- Right to object: Object to certain data processing (contact us at privacy@oathian.com)
- Right to withdraw consent: If we process data based on consent, you can withdraw it anytime
8.2 Additional Rights for UK/EU/EEA Users
- Right to restrict processing: Ask us to limit how we use your data
- Right to complain: File a complaint with your data protection authority
- UK authority: Information Commissioner's Office (ICO) - ico.org.uk
8.3 Additional Rights for U.S. Users
If you live in California, Virginia, Colorado, Connecticut, or other U.S. states with privacy laws, you may have
additional rights:
- Right to know: What personal information we collect and how we use it
- Right to delete: Request deletion of your personal information
- Right to opt-out: Opt out of "sales" of personal information (we don't sell your data)
- Right to non-discrimination: We won't treat you differently for exercising your rights
- Right to correct: Correct inaccurate personal information
To exercise your rights, email us at privacy@oathian.com or use the in-app tools.
9. Data Security
We take security seriously and use industry-standard measures to protect your data:
- Encryption: Your data is encrypted in transit (HTTPS) and at rest
- Password hashing: Your password is hashed—we never see it in plain text
- Row Level Security: Database policies ensure users can only access their own data
- Access controls: Employee access to user data is restricted
- Regular security updates: We keep our systems up to date with security patches
However, no system is 100% secure. If you believe your account has been compromised, change your password
immediately and contact us at privacy@oathian.com.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect new features, legal requirements, or changes in
our practices.
When we make significant changes, we'll notify you through:
- An in-app notification
- Email to your registered address
- A notice on our website
The "Effective Date" at the top of this policy shows when it was last updated. We encourage you to review this
policy periodically.
11. Contact Us
If you have questions about this Privacy Policy, want to exercise your rights, or need help with your account:
Data Controller:
Email: privacy@oathian.com
Support: Via the Oathian app (Settings → Help & Support)
We'll respond to all inquiries as required by UK GDPR.