GửiLẹ

Privacy Policy

Effective date01/05/2025
Version1.0

1. Data Controller

GửiLẹ (guile.vn) is an ephemeral sharing platform operated in Vietnam, complying with Decree 13/2023/ND-CP on personal data protection and the Cybersecurity Law 2018.

2. Data We Collect

We collect only the minimum metadata necessary to operate the service:

  • Hashed IP (SHA-256) — one-way hash, original IP is never stored.
  • Timestamps — when messages are created, viewed, and deleted.
  • User agent — browser and device type (non-identifying).
  • Action log — created, viewed, expired, deleted, reported.

3. What We Do Not Collect

Privacy guarantee

  • Message content in plaintext — encrypted AES-256-GCM before storage.
  • Original IP address — only the SHA-256 hash is stored.
  • Name, email, phone, or any personal identifier.
  • Tracking cookies or third-party analytics.

4. Data Retention

Message contentDeleted at TTL expiry or after first read
Access metadataMax 90 days

5. Security

  • AES-256-GCM encryption with per-message random IV.
  • Servers located in Vietnam (data localization compliance).
  • HTTPS enforced, HSTS, security headers (CSP, X-Frame-Options).
  • No content logging — access logs contain only metadata.

6. Third-Party Sharing

We do not sell or share user data for commercial purposes. We may provide hashed metadata to Vietnamese authorities when legally required.

7. Contact

Privacy contact

lived.and.devil@gmail.com