Privacy Policy

Last updated: February 16, 2026

1. Introduction

This Privacy Policy describes how the Naami application ("Service", "we", "us") collects, uses, and protects your information. We are committed to minimizing data collection and protecting your privacy through end-to-end encryption.

2. Information We Collect

2.1 Information You Provide

Data	Storage Method	Purpose
Solana wallet address	Plaintext	Account identification, blockchain transactions
Email hash (SHA-256)	One-way hash	Account recovery, deduplication
Username	Plaintext	Display name within the application
Preferences (locale, theme, currency)	Plaintext	Personalizing your experience

2.2 End-to-End Encrypted Data

The following data is encrypted on your device using ChaCha20-Poly1305 before being transmitted to our servers. We cannot access, read, or decrypt this data:

Session names and descriptions
Expense amounts, names, descriptions, categories, and split modes
Member nicknames
Reimbursement amounts and descriptions
Uploaded files and receipts (except user profile picture)

Encryption keys are derived from your credentials using PBKDF2 with 600,000 iterations and are never transmitted to our servers in plaintext.

2.3 Structural Metadata

The following metadata is stored in plaintext to enable the application's functionality:

Session metadata (currency, token, creation dates)
Expense structural data (date, owner, participants, share allocations)

2.4 On-Chain Data

Only cryptographic roots (Merkle Mountain Range roots) are stored on the Solana blockchain via Light Protocol compressed accounts. No individual amounts, descriptions, or user identities are published on-chain. Zero-knowledge proofs verify data integrity without revealing content.

2.5 Automatically Collected Data

Device push notification tokens: Encrypted with AES-256-GCM on our servers, used solely for delivering push notifications
Error and performance data: Collected by Sentry in production environments at a 20% sample rate for debugging and performance monitoring

3. How We Protect Your Data

3.1 Server-Blind Architecture

Our encryption model ensures that Naami's servers act as blind storage for your most sensitive data. The server stores encrypted blobs but cannot derive the encryption keys needed to decrypt them.

3.2 Security Measures

End-to-end encryption (ChaCha20-Poly1305) for sensitive content
AES-256-GCM encryption for device tokens
PBKDF2 key derivation with 600,000 iterations
Session-based authentication with secure cookies
HTTPS-only communication

4. Third-Party Services

We use the following third-party services, each with a specific and limited role:

Service	Role	Data Shared
Particle Network	Authentication (social login, embedded wallet)	Authentication credentials
Scaleway Object Storage	File and receipt storage (S3-compatible, `fr-par` region)	Encrypted files
Firebase Cloud Messaging (Google)	Push notification delivery	Device tokens, notification payloads
Sentry	Error tracking and performance monitoring	Error data, performance metrics (20% sample rate, production/staging only)
Upstash QStash	Asynchronous workflow orchestration	Workflow metadata
Vercel	Frontend hosting	Standard web request data
Solana RPC	Blockchain transaction processing	Transaction data (public by design)
Light Protocol	Zero-knowledge privacy layer	Cryptographic proofs
Pyth Network	Currency exchange rate feeds	No user data shared
Supabase	Managed PostgreSQL database	Account data, encrypted content, structural metadata
Upstash Redis	Managed caching layer	Temporary cached data

Each third-party service is governed by its own privacy policy. We encourage you to review them.

5. Cookies and Tracking

Naami uses a single session cookie (sst) for authentication purposes. This cookie is essential for the Service to function and maintains your login session.

We do not use:

Analytics cookies
Tracking pixels
Third-party cookies
Advertising trackers
Fingerprinting techniques

6. Data Retention

Account data: Retained for as long as your account is active
Encrypted content: Retained for as long as the associated session exists
Session cookies: Expire according to the session lifecycle
Error logs (Sentry): Retained per Sentry's default retention policy (90 days)

Upon account deletion, we will delete your personal data from our systems. Data that has been published to the Solana blockchain (cryptographic roots only) cannot be removed due to the immutable nature of blockchain technology.

7. Your Rights

You have the right to:

Access: Request a copy of the personal data we hold about you
Rectification: Request correction of inaccurate personal data
Erasure: Request deletion of your personal data
Portability: Request your data in a structured, machine-readable format
Restriction: Request restriction of processing of your personal data
Objection: Object to the processing of your personal data

To exercise any of these rights, contact us at contact@naami.cc. We will respond to your request within 30 days.

Note: Due to end-to-end encryption, we cannot provide copies of your encrypted data in decrypted form, as we do not have access to your encryption keys.

8. Children's Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child, we will take steps to delete that information.

9. International Users

Naami's infrastructure is hosted in the European Union (France) and the United States. By using the Service, you acknowledge that your data may be processed in these regions.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or via email at least 30 days before taking effect. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

For questions or concerns about this Privacy Policy or to exercise your data rights, contact us at contact@naami.cc.