Privacy Policy
Effective date: set at production go-live (G5 human ✋). NOT YET EFFECTIVE.
1. Who we are
Who Texts First (whotextsfirst.com) is operated by:
ZIX DEV Inc, a Delaware corporation
1111B S Governors Ave STE 40023, Dover, DE 19904, United States
Data controller for your personal data in connection with this website
Contact (privacy, data-subject requests, and legal notices): see §11
2. The headline: your chats never leave your device
Who Texts First analyzes a chat export you provide, entirely on your own device — we (ZIX DEV Inc) never receive, see, or store any message content, sender name, or anything else from your export; nothing is transmitted to our servers. Because we never process that content in any way, we are not a "controller" or "processor" of your chat data under privacy law — you stay in control of it at every step, the same way we're not responsible for what you type into an offline document or spreadsheet.
There is no account, no login, and no server-side storage for chats of any kind — this is a hard product constraint, enforced by a strict content-security policy and verified before every release with a zero-network-egress test suite. If a network cable were cut, the app would still work.
That also means it's on you to use Who Texts First responsibly: analyze chats you're actually part of, be thoughtful about anyone else named in your results, and think twice before posting a card publicly if it could identify someone who didn't expect their name or stats to be shared. We let you leave names out or use a nickname instead — we'd encourage you to.
3. What we collect — and what we don't
| Category | Do we collect it? | Details |
|---|---|---|
| Chat content, timestamps, sender names, derived stats/badges | No. | Processed only in your browser — see §2. |
| Usage analytics (Plausible, self-hosted, cookieless) | Yes — aggregate, non-identifying event counts only. | deck_generated, card_shared, parse_failed — no message content, no derived-stat values, no identifiers. See §4. |
| Cookies | No. | Our analytics tool sets none; needs no consent banner (§4). |
| Local/session storage (unlock flag + payment-hop snapshot) | Yes — stays on your device. | See §5. |
| Payment details (card number, name, billing address) | No — Stripe handles this, not us. | See §6. |
| Server / network logs | Yes — standard for any website. | Our host, Cloudflare, logs standard technical request data (e.g. IP address). |
| Accounts, emails, passwords | No. | There is no account of any kind. |
4. Analytics (Plausible) — self-hosted, cookieless, consent-exempt
We run a self-hosted, cookieless analytics tool (Plausible, on our own plausible.zixdev.com infrastructure — not a third-party vendor) to see aggregate traffic and whether people successfully generate and share decks. It records a small set of tagged events (deck_generated, card_shared, parse_failed) with no free-text fields — never message content, never a derived-stat value, never anything that could identify you or the person you texted with. It sets no cookie and stores nothing on your device, so it doesn't trigger cookie-consent rules — it runs the same way for every visitor, with no banner or toggle. We do not sell or share personal information, and there is no advertising in this product.
5. Local storage — the unlock flag and the payment-hop snapshot
Two small items live only in your browser, never on our servers:
- An unlock flag — a single, identical token for every unlocked user, confirming you've paid;
it carries no personal information and can't identify or track you.
- A brief snapshot of your derived stats, temporarily saved in your own browser to survive the
payment hop to Stripe and back, cleared automatically once restored or any time you tap Clear my data.
Tap Clear my data in the footer, any time — it wipes both of these, and anything else held in your browser tab, instantly and with no confirmation dialog needed, since there's nothing of yours stored to lose by accident.
6. Payments — Stripe
If you choose to unlock Pro features, we send you to Stripe, our payment processor, to pay on Stripe's own secure page — we never handle or see your card details ourselves, and no Stripe script or page ever loads on our site. What Stripe collects and how it's used is governed by Stripe's own privacy policy (stripe.com/privacy), not ours — we send Stripe no chat content, derived stats, or Counterpart information; Stripe only ever sees the transaction. When you're done, Stripe sends you back to our site with a payment confirmation code; we have no server to look that code up against, so we simply use it once, in your own browser, to unlock the app, and then store only a local unlock flag on your device (§5) — never your name, email, or payment details.
7. Your privacy rights
Because we never receive or hold your chat content, there is almost nothing on our side to access, correct, delete, or port — the honest answer to most such requests is that we don't have anything to look up. What you can do yourself, any time: tap Clear my data (§5) to wipe the local unlock flag and snapshot. If you're in California or a similar U.S. state, we do not sell or share personal information, so there is nothing to opt out of, but we honor your browser's Global Privacy Control signal regardless. For anything else — a question, a request, or a complaint — contact us (§9); we respond within 30 days (GDPR) or 45 days (CCPA/CPRA), whichever applies. If you're in the EEA or UK, you may also complain to your local data protection authority.
8. Children's privacy
Who Texts First is a general-audience product, not directed at children, and we don't knowingly collect personal data from anyone under 13 (or the relevant age where you live) — there's no account and no chat content ever reaches us to begin with. If you believe a child has given us personal information, contact us (§9) and we'll address it.
9. Data retention
| Data | How long we keep it |
|---|---|
| Chat content, timestamps, sender names, derived stats/badges | None — we never receive it, so there is nothing to retain (§2). |
| Analytics (Plausible) | Aggregate, non-identifying event counts are kept per our own analytics-dashboard configuration; the underlying unique-visitor hash is discarded within 24 hours regardless, per Plausible's own published methodology. |
| Local storage (unlock flag + payment-hop snapshot) | The unlock flag stays on your device until you clear it (§5); the snapshot clears automatically once restored, or any time you tap Clear my data. |
| Server / network logs (Cloudflare) | Kept by our host under its standard operational logging practices. |
10. Changes to this policy
We'll update this policy as our practices change and post the revised version here with a new effective date. For a material change — like adding a new data-collecting feature — we'll give clear notice before it takes effect.
11. Contact us
ZIX DEV Inc 1111B S Governors Ave STE 40023, Dover, DE 19904, United States Email: contact@zixdev.com (click-to-reveal on the site, per house standard)