Privacy, by design

Short version: we designed BackBy so we can’t see or infer your personal information.

• We don’t keep IP addresses. We don’t use cookies. We don’t run analytics.
• We don’t store names, contacts, or phone numbers on our servers.
• Your note is encrypted on your device. Only your Backers can unlock it.
• We never send messages. Your Backers choose when to check.
• We publish a public, append‑only history anyone can verify.

Security, explained simply

• No accounts, passwords, or contact lists.
• No cookies or analytics.
• No IP addresses (not at the app, not at the proxy).

If you add a note, it’s encrypted on your device. Your Backers unlock it with information you shared off‑platform. We can’t read it.

We never send messages. Backers quietly check a Plan’s status and then act using their own tools, like Signal or a phone call.

Every Plan change is recorded as a new event. We publish regular snapshots so history can be mirrored and verified independently.

On PIN‑protected Plans, two wrong attempts silently send a “duress” Complete. Backers can tell — we can’t.

Security headers we set

• Referrer-Policy: no-referrer
• X-Content-Type-Options: nosniff
• X-Frame-Options: DENY
• Cross-Origin-Opener-Policy: same-origin
• Cross-Origin-Resource-Policy: same-origin
• Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Legal process

If legally required, we can provide event records, encrypted notes (ciphertexts), and proofs — not plaintext or IP addresses. We publish aggregate counts of requests, not identifiers.