Privacy Policy
Last updated: January 2024
At LEWO, we believe privacy is a fundamental human right. This policy explains what data we collect, how we use it, and the choices you have. We've designed LEWO from the ground up to collect as little data as possible while still providing you with a great experience.
Our Privacy Commitments
We never sell your personal data
No targeted advertising based on your messages
No third-party tracking in the app
Message content is never stored on our servers
Delete your account and data anytime
Our encryption uses audited, open-source libraries
Information We Collect
We collect information you provide when creating an account: your phone number (for verification), name, and optional profile photo. We also collect basic usage data like app version and device type to improve the service. We do NOT collect or have access to the content of your end-to-end encrypted messages, calls, or shared files.
How We Use Information
We use your information to: provide and maintain the LEWO service, connect you with other users (like finding friends who use LEWO), deliver your encrypted messages, send important service notifications, and ensure the security and integrity of our platform. We never use your data for advertising purposes.
Information Sharing
We do not sell your personal information to anyone. We may share limited information with: service providers who help us operate LEWO (under strict confidentiality agreements), or when required by law (but we cannot provide encrypted message content even if asked—we don't have access to it). Your encrypted content is never shared with anyone, including us.
End-to-End Encryption
All your messages, calls, photos, videos, and files are protected with end-to-end encryption using the Signal Protocol. This means they're encrypted on your device before being sent and can only be decrypted by the intended recipient. LEWO cannot read your messages, see your photos, or listen to your calls. Our servers only see encrypted data that we cannot decrypt.
Contact Privacy
When you choose to sync your contacts to find friends on LEWO, we never upload your actual phone numbers or contact names. Instead, phone numbers are hashed with SHA-256 on your device before being sent. We only receive cryptographic hashes, match them against other users' hashes, and return results. Your raw contacts never leave your device, and you can clear all synced contact data at any time.
Your Rights & Choices
You have full control over your data. You can: access and download your account information, correct or update your profile details, delete your account and all associated data permanently, control who can see your profile and online status, opt out of contact discovery, and request a copy of your data. When you delete your account, we delete your encryption keys, profile, and all associated data.
Data Retention
We keep your data only as long as necessary. Messages are relayed in real-time and not stored on our servers. If a recipient is offline, encrypted messages are queued temporarily and deleted immediately after delivery. Security logs are retained for a maximum of 7 days. When you delete your account, all your data is permanently removed.
Contact Us
If you have questions about this privacy policy, your data, or want to exercise your rights, contact us at privacy@lewohq.com. We're committed to resolving any concerns you may have about your privacy.
Data Protection & GDPR
Learn more about your data rights, including deletion, access, and how we protect your personal information.