How Witness handles
what you share.

Last updated: May 2026

This is a working draft. It describes the principles Witness operates by today. Anything specific to your jurisdiction (GDPR rights, CCPA disclosures, etc.) will be appended once finalized with counsel.

What we collect

• One selfie image you submit during onboarding.
• One short voice recording (about ten seconds).
• The text and audio of conversations you have with your future self.
• Anonymous diagnostic events (e.g. “rendered successfully”) so we can fix crashes.

What we do not collect

• Your contacts, calendar, location, or photos beyond what you explicitly submit.
• Advertising identifiers. Witness has no ads.
• Third-party trackers. We do not sell, rent, or share your data.

Where it lives

Your face and voice never train anyone else’s model. The selfie and voice sample are sent over an encrypted connection to render your future self, then stored on your device. Conversations are stored locally and, if you enable cross-device sync, on Witness servers in an encrypted form.

Your rights

You can delete your render and all stored conversations at any time inside the app (Settings → Erase). You can also email us at privacy@witness.app to request a full data export or deletion confirmation.

Children

Witness is not designed for, marketed to, or intended for users under 16.

Contact

Questions? Write to privacy@witness.app.

Draft — not final legal text. Replace before App Store / Play Store submission.