From noplace’s FAQs: *
do you collect my data?
we use your phone number as a way for you to sign up and log into the app. that’s the only thing about you we collect.
we don’t share your number or anything else about you with third parties like some other apps do. we want you to be able to securely log in and chat with ur friends, that’s it.
Emphasis mine. Now their privacy policy: *
Types of Data Collected
Personal Data While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
Phone number Usage Data Usage Data Usage Data is collected automatically when using the Service. Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data. We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
So, it looks like they’re starting off with lies right at the top, like every other tech startup.
EDIT: To also address the “we don’t share your number or anything else about you with third parties” part, the privacy policy also outlines exactly how they will share your data with third parties:
We may share Your personal information in the following situations: […] With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.
Go fuck yourselves, noplace.
EDIT: Another issue I just found with their FAQs:
is this a crypto thing?
wut? no.
I thought it was weird that crypto would be a frequently-asked question for what appears to otherwise be a pretty generic-looking social network. Then I found that noplace’s parent company, Islands XYZ, was originally launched to be an NFT platform of some sort, financially backed by our old friend Alexis Ohanian.
So they’re totally not a crypto thing. Definitely not crypto. 100% something other than crypto.
Guys, I swear they’re not a crypto thing.
Yeah, I thought about that halfway through looking through their ToS. I wish I was smart enough to figure out how to package this into a message Gen Z can actually understand and care about.
- Your Device’s Internet Protocol address (e.g. IP address), - absolutely necessary for anti-ddos techniques
- browser type, browser version, - necessary for UX to build a functional website for the browsers that customers actually use
- the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, - critical for determining what is popular and what isn’t to improve how the interface is designed and what parts are pulled forward and what parts are hidden in menus
- unique device identifiers and other diagnostic data. - useful for determining how often you switch devices and the performance and other experience metrics to drive making the app more user friendly
I work on web software professionally and this is a pretty minimal list that is completely justifiable for maintaining operations. If you can’t answer basic questions like “what are users doing with the app?”, you can’t make intelligent decisions about how to improve it.
There’s a lot of the same stuff here: https://legal.lemmy.world/privacy-policy/
I don’t know anything about this app or company so I’m not going to defend them, but there aren’t any real red flags here. If this amount of data collection bothers you, you really should stop using the internet in general.
If this amount of data collection bothers you, you really should stop using the internet in general.
I’d prefer we not surrender to mass surveillance. If we support alternatives, they remain viable.
Yeah as someone who has worked in web development for over 20 years everything in here is completely standard. Almost every major website in existence collects this kind of analytical data.
Sorry, I kinda got lost in the sauce on my original comment, lol. My issue isn’t so much with the data collection, itself. My problem is that their FAQs say things that appear to be outright lies. Not even just embellishing the truth or something, but complete falsehoods.
I don’t care so much that they collect a bit of data. But if they’re wiling to lie to a potential user about their data collection, I can’t help but wonder what else they might be willing to be dishonest about. I already have doubts about their crypto claim in the FAQ based on their founder’s history with NFTs, so I worry that this might also be something they’re not being truthful about.
And just to piggyback on this comment, I’m an Android developer and we this information is critical for determining similarities for bug solving.
You would not believe how often there is a bug caused by a specific model of phone. That connection you can only know if you log that for every crash you get.
I think you’ve missed the point. It’s not the data they are collecting but the fact they say they don’t collect data.
It’s pedantic, but you are not your computer. They don’t collect (according to them) PII other than phone numbers.
It sounds to me like the usage data is talking about the fact that every major web browser sends identifying information about the browser, device, etc. when you visit any site.
For an app, they’re likely getting data from Google Play or the App Store for crashes, installs, comments, whether they like it or not.
People don’t often accuse me of being an optimist.
Oh for sure, I don’t doubt that. The issue that I take is that their FAQ - which I imagine is rarely actually read by users, but is definitely read more often than the ToS - is directly contradicted by their ToS. While they say they only collect one data point in the FAQ, the ToS outlines several other data points they collect. While they say they don’t share your collected data with third parties, the ToS states that they may share your collected data with third parties for advertising purposes. The FAQ denies being connected to crypto schemes, despite their founder (Tiffany Zhong) and parent company being heavily involved in crypto.
While these are all standard practices for just about every web platform, it’s the lies in the FAQs that should be concerning to users. If they would have just said exactly what they do with your data or what their background is in, or even just not included it in the FAQs at all, I wouldn’t have any problem with it. But they’re willing to openly lie to their users, and I don’t think they should be trusted.
They’re saying they might ask to collect this additional information. A lot of the information, as others have pointed out, is also common and necessary for some basic operations of a service like this.
This is an overreaction, there are many good reasons not to like this app but misunderstanding their data policy isn’t one