You pay a dollar. We don't sell you.

Effective June 11, 2026.

The short version

• We store what you give us to run your account: email, handle, profile, posts, photos and videos, stories, comments, messages, likes, follows.
• We do not run ads. We do not sell or rent your data. We do not track you across other companies' apps and websites. There are no third-party analytics or advertising SDKs in the app.
• Apple processes payment. We never see your card.
• Delete your account and we actually forget you — immediately, with two narrow, honest exceptions described below.

What we store, exactly

Account. Your email address, your handle, display name, bio, avatar, account settings, and — if you sign in with Apple or Google — the identifier those services give us for your account. We never receive your Apple or Google password.

Content. Posts, photos, videos, stories, comments, collections, and direct messages you create, plus the metadata that makes them work (when they were posted, who can see them). Messages are stored so they can be delivered and shown to you and your recipient; they are not end-to-end encrypted, but they are private to the conversation and we do not read them except as required for safety review of a report or by law.

Social graph. Who you follow, follow requests, and anyone you block or mute. Your follow lists and counts are not public by default — that is a product principle, not just a setting.

Activity that powers features. Likes, reposts, story views, and read-position markers exist so the product can work (your feed remembers where you were; you can see who liked your post). These are product features, not an analytics profile, and they are never public scoreboards.

Membership state. Whether your Apple subscription is active, when it renews or lapsed, and a record of those billing events. Apple processes the payment; we never receive your card or bank details.

Notifications. A device token if you allow push notifications, plus your notification preferences.

Safety records. Reports you file or that are filed about content, blocks, and moderation actions.

Technical basics. Server logs and your IP address are used transiently to operate the service — rate limiting, abuse prevention, and debugging. Rate-limit counters expire automatically within minutes to hours. We do not build location profiles; we do not collect your contacts, your precise location, or your photo library (you choose individual photos when you post).

What we do with it

Run the product. Specifically: deliver your posts to your followers, sync your account across sessions, deliver notifications you asked for, process your membership through Apple, answer support email, keep the service reliable, and enforce the community rules. That is the complete list. There is no advertising use, no profiling for marketing, no sale or rental of personal data, and no "sharing with partners" in the way that phrase usually means.

Who touches the data (our infrastructure)

Level runs on rented infrastructure, like nearly every internet service. These companies process data on our behalf, under their own security and privacy obligations, only to provide their service to us:

• Apple — subscription billing, push notification delivery, Sign in with Apple.
• Google — Sign in with Google only (if you choose it).
• Railway — application hosting.
• Neon — database hosting.
• Upstash — short-lived counters and queues (Redis).
• Cloudflare — photo and video storage, video streaming.
• Resend — transactional email (sign-in codes, account notices).

We share data beyond this only if the law genuinely requires it, or if it is necessary to investigate serious abuse or protect someone's safety. If Level were ever acquired or wound down, this policy's promises would bind whatever happens to the data, and you would be notified first.

Deleting your account

Settings > Delete account. It is immediate and irreversible: profile, posts, stories, comments, likes, follows, messages you received, and your stored photos and videos are erased from the live system, and media files are deleted from storage.

The honest fine print:

• Messages you sent stay in the recipient's inbox with your identity removed — like a letter, a delivered message belongs to its recipient.
• Comment placeholders: if other people replied under your comment, the comment's text is erased and an anonymous placeholder keeps their replies readable.
• 30-day handle quarantine: we keep your old handle and a one-way cryptographic fingerprint of your email (not the email itself) for 30 days, so nobody can grab your name and impersonate you the day after you leave, and so rapid delete-and-return abuse is detectable. After 30 days this record erases itself.
• Backups and logs age out on their own schedules within a bounded window rather than being individually edited — this is standard and short-lived.

Email

We send transactional email only: sign-in codes, account notices (like deletion confirmation), and replies to your support requests. No marketing lists, no newsletters you did not ask for.

Children

Level is not for children under 13, and we do not knowingly collect data from them. If we learn an account belongs to someone under 13, we delete it.

Your rights

Depending on where you live (for example California or the EU), you may have formal rights to access, correct, export, or delete your data. Level's answer is the same everywhere: your data is visible in the product, your account is yours to delete in Settings, and for anything else — including a copy of your data — email [email protected] and a human will handle it. We do not discriminate against accounts that exercise privacy rights, and we do not "sell" or "share" personal information as those terms are defined in the California Consumer Privacy Act.

Changes

If this policy changes in a way that matters, we will tell you in the app or by email before the change takes effect — not after.

Contact

[email protected]

Operator: Fate Jacobson, Reno, Nevada, USA.