← Jinuine

Privacy Policy

Last updated: April 12, 2026

Jinuine is a photo-sharing service built around a single idea: every image you post is cryptographically proven to be a real, unedited photo of a real moment. This document explains what data we collect to make that work, how we use it, and the choices you have. It's written in plain language on purpose — if anything is unclear, email us at privacy@jinuine.com.

What we collect

Account info
An email address (required), and optionally a phone number, display name, username, and profile picture. If you sign in with Apple or Google, we receive a verified email address and a stable user identifier from that provider — nothing else.
Photos and posts
The photos you capture in Jinuine, their captions, and the metadata we generate at capture time: a cryptographic hash of the image, the device brand and model, the time of capture, motion-sensor readings used to prove the photo came from a real camera, and — only if you grant location permission — the approximate GPS location. A hash of each photo is anchored on the Base public blockchain so you and anyone else can independently verify the image hasn't been altered.
Social activity
Follows, likes, comments, mentions, and which accounts you have blocked or reported. This is the normal bookkeeping a social app needs to show you a feed and deliver notifications.
Contacts (optional)
If you opt into “Find friends from contacts,” your device computes a one-way SHA-256 hash of each email address and phone number in your address book and sends only the hashes to our server. We match those hashes against the hashes of other Jinuine users' verified emails and phones so we can show you people you already know. The raw contact entries — names, emails, phone numbers — never leave your phone. You can turn this off at any time in Settings.
Push notification token
If you allow notifications, we store the token issued by Apple or Google so we can deliver likes, comments, follow requests, and mentions.
Basic service logs
Request timestamps, error diagnostics, and rate-limit counters. Used to keep the service running and to investigate abuse.

What we don't collect

  • Your raw address book. Ever. Only hashes if you opt in.
  • Your precise location in the background. GPS is read only at the moment you capture a photo, and only if you grant permission.
  • Third-party ad-tracking identifiers.
  • Biometric or face-recognition data beyond what Apple's Face ID / Touch ID APIs handle locally on your device.

How we use it

  • To run the service — show your feed, deliver notifications, let you follow and be followed.
  • To cryptographically verify your photos and anchor their hashes on-chain so authenticity is provable by anyone, forever.
  • To help you find people you already know (contacts opt-in) and to help people you know find you.
  • To prevent abuse: spam detection, blocking, reporting, rate limiting.
  • To fix bugs and improve the app. We do not profile users for advertising.

How we share it

We do not sell your data. We do not share it with advertisers. The only third parties who touch your data are the infrastructure providers we need to run the service:

  • Supabase — our database, authentication, and file storage provider.
  • Vercel — hosts the Jinuine backend and website.
  • Apple and Google — deliver push notifications and verify Sign in with Apple / Google authentication.
  • Base (a public Ethereum layer-2 blockchain) — stores only the cryptographic hashes of verified photos, never the photos themselves or any personal data.
  • Twilio (or equivalent SMS provider) — delivers one-time passcodes for phone verification.

We may also disclose data if legally compelled to, but we will push back on overly broad requests and notify affected users where legally permitted.

Public share links

When you tap Share on one of your verified photos, Jinuine gives you a public URL at jinuine.com/v/<id> that shows the photo alongside its cryptographic proof. Only the image, its hash, the blockchain transaction, and the capture time are shown — never your account name, your location, your caption, or any social-graph data. The link is public but not indexed, and only exists if you choose to share it.

Your choices

  • You can delete any post or photo from your Gallery at any time. Deleting a post removes it from feeds, notifications, and our servers; the on-chain hash remains because public blockchains are immutable by design, but it's a one-way fingerprint and cannot be reversed back into a photo.
  • You can revoke camera, photo library, contacts, location, notifications, and motion permissions at any time in your iOS Settings.
  • You can delete your entire account from Settings → Account → Delete Account. This removes your profile, posts, comments, and follower relationships from our servers within 30 days.
  • You can email us at privacy@jinuine.com to request a copy of your data or to ask us to correct or delete something specific.

Data retention

We keep your account data for as long as your account exists. When you delete your account, we delete your data within 30 days, except for minimal logs we're required to keep for security and fraud prevention, and the public on-chain hashes of your verified photos.

Children

Jinuine is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe a child has created an account, please email us and we will remove it.

Changes to this policy

If we make material changes, we'll update the “Last updated” date above and, for significant changes, notify you in-app. Continuing to use Jinuine after changes means you accept the updated policy.

Contact

Privacy questions, data requests, or anything else: privacy@jinuine.com.

© 2026 Jinuine