Privacy Policy

Our Privacy Commitment

At NOOK, your privacy is our top priority. We believe that your conversations are yours alone. This Privacy Policy explains how NOOK handles your data and protects your privacy.

What Information We Collect

Information You Provide

• Nickname (Optional): If you choose to share a nickname, it's stored locally on your device and optionally shared with room members
• Room Names: Names you give to your chat rooms
• Messages & Attachments: All encrypted end-to-end before transmission
• Subscription Data: If you subscribe to NOOK Premium, Apple processes your payment (we never see your payment details)

Automatically Collected Information

• Device Identifier: A unique ID generated on your device (not tied to your personal identity)
• iCloud Account: Used for encrypted storage and syncing across your devices
• App Usage: Basic app functionality data (crashes, performance)
• Subscription Status: Whether you have an active Premium subscription (managed by Apple)

How We Use Your Information

Primary Uses

• Message Delivery: Encrypted messages are routed through iCloud
• Synchronization: Keep your rooms synced across all your Apple devices
• Security: Manage encryption keys and room access
• Notifications: Alert you to new messages (content is never visible in notifications)
• Subscription Management: Verify Premium status for feature access (via Apple's StoreKit)

Subscription & Payments

How Subscriptions Work

NOOK Premium is offered as an auto-renewable subscription through Apple's In-App Purchase system:

• Monthly: €1,99/month
• Yearly: €19,99/year

What Apple Knows

When you subscribe, Apple processes:

• Your Apple ID
• Payment method
• Subscription status
• Purchase history

We (NOOK) only receive:

• Anonymous subscription status (active/expired)
• Subscription type (monthly/yearly)
• NO payment details
• NO personal information

Cancellation & Refunds

• Manage subscriptions in iOS Settings → Apple ID → Subscriptions
• Cancel anytime (access continues until end of billing period)
• Refunds are handled by Apple (not NOOK)

End-to-End Encryption

What This Means

Every message you send is encrypted on YOUR device before it leaves. Only the intended recipient's device can decrypt it. Not us, not Apple, not anyone else.

Technical Details

• Encryption Standard: AES-256-GCM symmetric encryption
• Key Management: Each room has its own encryption key, stored in iOS Keychain
• Key Storage: Keys are stored encrypted in your device's secure Keychain (hardware-protected)
• Forward Secrecy: Key rotation ensures past messages remain secure even if current keys are compromised
• Owner Verification: RSA-2048 signatures for owner authentication

Data Storage

Where Your Data Lives

All your encrypted data is stored in Apple iCloud. We chose iCloud because:

• It's tied to YOUR Apple ID
• It syncs automatically across your devices
• It's subject to Apple's security standards
• We don't manage our own servers
• Data remains encrypted with keys only YOU control

Data Retention

• Active Rooms: Data persists until you or the room owner deletes the room
• Deleted Rooms: Data is permanently deleted from iCloud within 24 hours
• Left Rooms: Your messages remain for other members, but you lose access
• Device Changes: Data follows your Apple ID to new devices
• Subscription Data: Managed by Apple according to their policies

Backups

Your encrypted data is included in your iCloud backup. However:

• Messages remain encrypted in backups
• Encryption keys are stored in iOS Keychain (backed up securely)
• Only you can decrypt them with your device
• If you lose your device and encryption keys, messages cannot be recovered

Security Features

Keychain Storage

All encryption keys are now stored in the iOS Keychain with:

• Hardware encryption via Secure Enclave
• Not included in plain iCloud backups
• Protected from jailbreak access (90%+ effectiveness)
• Inaccessible to other apps

Invitation Security

To prevent unauthorized access, all room invitations now expire:

• Open Mode: 5-60 minutes (customizable)
• Password Mode: 10 minutes - 24 hours (customizable) - Premium only
• Q&A Mode: 10 minutes - 24 hours (customizable) - Premium only
• Live Challenge: 5-60 minutes (customizable) - Premium only

This prevents old screenshots or links from being used long after they were shared.

Key Rotation

Room owners can rotate encryption keys to:

• Revoke access from kicked members
• Enhance security after password changes
• Respond to suspected unauthorized access

New keys are automatically distributed to authorized members only.

Your Privacy Rights

You Control Your Data

• Export: Not applicable (messages are only in your iCloud)
• Delete: Remove rooms anytime
• Modify: Edit settings, nickname, and preferences
• Opt-Out: Stop sharing your nickname anytime

Room Owner Rights

Room owners have additional controls:

• Kick members (revokes their access)
• Delete rooms for all members
• Rotate encryption keys
• Change security settings
• Manage invitations

Premium vs. Free

We collect the same minimal data for Free and Premium users. Premium status only adds anonymous subscription verification via Apple. Your message privacy is identical whether you're Free or Premium.

Technical Transparency

Encryption Details

• Algorithm: AES-256-GCM
• Key Size: 256-bit symmetric keys
• Key Storage: iOS Keychain with Secure Enclave protection
• Key Derivation: PBKDF2 (for password-based keys)
• Signature: RSA-2048 (for owner verification)
• Random Generation: SecRandomCopyBytes (Apple's cryptographically secure random)

All encryption levels are identical. Premium only affects features, not security.

Your Data, Your Control