M MangoConnect The messenger that works
RU EN
Download
Home

Privacy Policy

MangoConnect privacy policy

This policy describes what data MangoConnect processes, why that data is needed, and what controls users have.

Effective date: 26 April 2026

In short

  • MangoConnect is invite-only. We do not collect or store phone numbers — registration does not require a phone, the user database has no phone field, and the system has no SMS / OTP infrastructure.
  • We do not sell user data and do not use it for ad targeting.
  • Media on the server acts as a temporary relay: copies are deleted after recipients confirm local storage or after a clean-up timer.
  • Camera, microphone, photos, notifications, and location permissions are managed at the iOS / Android level.

1. Who we are and where this policy applies

MangoConnect, "Mango", and "we" in this document refer to the operator of the MangoConnect service. The policy applies to the mobile apps, the backend infrastructure, the website, and the support communication tied to MangoConnect.

If a separate agreement or corporate contract describes a different data-processing regime for a specific team, that agreement applies in combination with this policy.

2. What data we process

Account and profile

User ID, invite code, display name, nickname, avatar, registration date, block status, profile and notification privacy settings.

Chats and messages

Text, emoji, media captions, reactions, replies, forwards, edit and delete markers, send / delivery / read statuses, chat membership, and roles.

Media

Photos, videos, voice messages, video notes, plus the technical parameters of the file: type, size, link, ID, upload time, and recipient local-storage acks.

Calls

Call ID, chat, initiator, participants, call type, status, start / end times, LiveKit / TURN data needed for the connection. We do not record call content.

Device and delivery

APNs / FCM push tokens, platform, technical delivery events, WebSocket sessions, IP addresses, error and security logs, auth / refresh tokens.

Support and website

Support email content, ordinary website logs, user agent, language, approximate IP-based geo, and network requests to external assets such as fonts.

3. Data we do not collect by default

  • Phone number — not requested at registration or later. The user-table schema has no corresponding column.
  • The full device address book or contact list.
  • Payment cards or payment details. Subscriptions are processed by Apple (App Store) or Google (Google Play); MangoConnect does not receive or store card data.
  • Advertising identifiers for targeting.
  • Biometrics: Face ID, Touch ID, and Android biometrics stay inside the device's system mechanism.
  • Continuous background location. Location is processed only when the user actively shares a point in chat.

4. Why we use this data

  • Create and maintain an account based on an invite.
  • Deliver direct and group messages, media, reactions, and delivery / read statuses.
  • Connect voice and video calls.
  • Send push notifications and respect the "hide content" preference.
  • Operate security: authentication, rate limiting, abuse prevention, incident investigation.
  • Support users and respond to inquiries.
  • Meet legal obligations and protect the rights of users and MangoConnect.

5. Who can access the data

Information a user sends to a chat becomes available to the chosen recipients or group members. Recipients can save, forward, take a screenshot, or screen-record; we cannot fully control what they do outside the service.

To run the service we use infrastructure providers: hosting, databases, object storage, Redis, APNs, FCM, LiveKit, TURN / STUN, the website, and email. They receive only the data needed for that specific function. We may also disclose data when required by lawful process, service security, or to protect user rights.

6. Security and encryption

We use TLS for network exchange, access tokens with refresh rotation, request rate limits, chat-level access controls, media upload restrictions, and isolated infrastructure secrets.

7. Storage and deletion

  • Profile and account-level data are stored as long as the account is active or as long as needed for security and legal obligations.
  • Message history is stored for chat participants until it is deleted by the user, by a participant with delete rights, or by the operator for a lawful reason.
  • "Delete for me" hides the message for that specific user; "delete for everyone" turns the message into a shared deletion marker, where allowed.
  • Media relay is cleaned up after all active participants ack local storage or after a clean-up timer if no acks arrive.
  • Push tokens are kept while the device uses notifications and are deleted or replaced when the token is rotated, the provider returns an error, or the user signs out.
  • An account-deletion request can be sent to the support email or through the app settings.

8. User rights

Subject to applicable law, the user may request access to their data, profile correction, account deletion, restriction of processing, objection to processing, or export of data available to them. To make a request, write to hello@mango-connect.com.

9. International infrastructure

MangoConnect may process data on servers and via providers in different countries, including infrastructure for the API, media, push, calls, the website, and support. For any such transfer we use technical and organizational safeguards appropriate to the function and risk.

10. Age

MangoConnect is intended for users 18 years of age and older. We do not build the product for children and do not knowingly collect children's data.

11. Changes and contact

We may update this policy when the product, infrastructure, law, or data-processing model changes. Material changes will be published on the website or communicated inside the service.

Privacy contact: hello@mango-connect.com.