Blue Flame Privacy Policy
Blue Flame is operated by Hallowed Ltd. This policy applies to our voice-based social app (the "Service") distributed globally via the App Store and Google Play.
1. Data Controller
Hallowed Ltd (a company registered in the United Kingdom) is the data controller for personal data processed through the Blue Flame app and related services.
2. Information We Collect
Information you provide: Account information (email, phone number, username); profile information (display name, bio, profile picture); voice recordings and audio content you create (posts, direct messages); participation in live voice rooms ("campfires"); messages and support communications.
Information collected automatically: Device information (device type, operating system); usage data (features used, time spent in app); log data (IP address, access times).
3. Voice and Campfire Recordings
Consent: By using voice features or joining a room that records, you consent to the collection and use of your voice as described in this policy.
Campfire recordings: We may create and store recordings of live voice rooms. How long they are kept, who can access them (e.g. room participants, moderators, Hallowed Ltd for safety or legal purposes), and the fact that joining a recorded room means you consent to being in the recording are set out in our product and room settings. Recordings are used to provide and improve the Service.
Ownership and use: You retain ownership of your content subject to our Terms of Service. We do not sell your voice data to third parties.
Participant rights: You may request deletion of your data or your voice from a recording where technically feasible. Contact privacy@blueflame.blue. Some limitations may apply (e.g. already shared or backed-up copies).
4. How We Use Your Information
We use the information we collect to: provide and improve the Service; personalise your experience; send you notifications and updates; ensure safety and security; comply with law; and as otherwise described in this policy.
Legal basis (UK/EEA): We rely on contract, legitimate interests, and consent where required (e.g. marketing, non-essential cookies). In other regions (e.g. California, Brazil), we comply with applicable law (such as CCPA, LGPD) where the policy is offered globally.
5. AI and Third-Party Processing
Voice transcription: When you create voice content (posts, messages, campfire recordings), your audio may be sent to OpenAI (via their Whisper API) for automatic speech-to-text transcription. This processing enables accessibility features, content search, and content moderation. OpenAI processes the audio solely to return the transcription and does not use your data to train their models when accessed via API.
Content moderation: Text content (including transcriptions, comments, and messages) may be analysed by OpenAI's Moderation API to detect potentially harmful content such as hate speech, violence, or harassment. This processing helps us maintain a safe environment for all users.
Consent: By posting voice content or using voice features in the Service, you consent to this processing as described above. You may withdraw consent by not using voice features or by deleting your account.
Data handling: Audio and text sent to OpenAI for transcription and moderation is processed in accordance with OpenAI's data usage policies. We do not share your personal identity with OpenAI; only the audio content and text are transmitted.
6. Sharing
We do not sell your personal information. We may share information: with your consent; with service providers (hosting, transcoding, push notifications, AI processing, etc.) under contract; to comply with legal obligations; to protect our rights and safety and that of users.
7. Data Retention
We retain your data while your account is active and as needed for the purposes described. Upon account deletion, we will delete or anonymise your personal data within 30 days (or as stated in the Service). Campfire recording retention is as described in the app and room settings.
8. Your Rights
You have the right to: access your personal data; rectification; erasure; restriction of processing; data portability; object; withdraw consent where processing is based on consent. You may request a copy of your data or account deletion via the app or by contacting us. You have the right to complain to a supervisory authority (e.g. the ICO in the UK, or the relevant authority in your country).
9. International Transfers
Data may be processed in the UK, EEA, and other countries (e.g. by service providers). Where we transfer data outside the UK/EEA, we use appropriate safeguards (e.g. UK adequacy decisions, standard contractual clauses) as required by applicable law.
10. Security
We implement appropriate technical and organisational measures to protect your information. No system is completely secure; we do not overpromise.
11. Children
The Service is not directed at users below the minimum age required by local law (e.g. 13 or 16 in certain regions). We do not knowingly collect personal data from underage users.
12. Contact
For privacy enquiries or to exercise your rights: privacy@blueflame.blue. Hallowed Ltd.