ATMChat — Privacy Policy & Terms of Use

Effective date: April 13, 2026 | Last updated: April 13, 2026

This document contains both the Privacy Policy and the Terms of Use for ATMChat. Please read both sections carefully before using the App.

Part I — Privacy Policy

1. Introduction

This Privacy Policy explains how ATMChat ("the App"), developed and published by Approve The Move ("we", "us", or "our"), handles information when you ("you" or "the user") download, install, or use the App on any supported device.

We are committed to protecting your privacy. This policy applies to all versions of ATMChat distributed through the Apple App Store and any future platforms.

By downloading, installing, or using ATMChat, you acknowledge that you have read, understood, and agree to the practices described in this policy. If you do not agree, please do not use the App and remove it from your device.

2. Information We Collect

We do not collect, transmit, or process any personal data. ATMChat is designed from the ground up as a privacy-first, offline mesh messaging application. Specifically:

No account creation — You are never required or asked to sign up, log in, create an account, or provide an email address, phone number, or any other personal identifier. Your device identity is a randomly generated UUID that is not linked to your Apple ID, phone number, or any personal information.
No analytics or tracking — We do not use any analytics frameworks, crash reporting services, telemetry tools, device fingerprinting, or usage tracking of any kind.
No advertising — The App contains no advertisements, no advertising SDKs, no ad identifiers (IDFA), and no advertising networks.
No server-side communication — The App does not connect to the internet, does not make HTTP requests, and does not transmit any data to any external server, cloud service, or remote endpoint. All networking activity is strictly local peer-to-peer.
No cloud sync — Messages, conversations, and all other data remain exclusively on your device. There is no cloud backup, no server-side message storage, and no synchronization service of any kind.
No in-app purchases — No financial, billing, or payment information is collected or processed.
No location data — The App does not request, access, or store your geographic location.

3. On-Device Storage

ATMChat stores data locally on your device using two storage mechanisms. This data is stored within the App's private sandbox, is not accessible to other apps, and never leaves your device except when explicitly transmitted to nearby peers during active messaging sessions (see Section 4).

3.1 UserDefaults

A small amount of non-personal preference data is stored using Apple's UserDefaults system:

Display name (the name you choose, shared only with peers you connect to)
A randomly generated unique identifier (UUID) used solely to identify your device during local messaging sessions — not linked to your Apple ID or any personal information
Theme preference (System, Light, or Dark)
Accent color selection
Haptic feedback preference

This data is declared in our Privacy Manifest (PrivacyInfo.xcprivacy) under API category NSPrivacyAccessedAPICategoryUserDefaults with reason code CA92.1 (access to store and retrieve user preferences), as required by Apple.

3.2 ChatStorage (Custom Local Storage)

ATMChat uses a custom on-device storage system called ChatStorage to persist your messaging data locally. This includes:

Message history (text messages, media metadata, and message content)
Conversation list (the list of peers you have communicated with)
Read receipts (which messages you have read and when)

All ChatStorage data resides exclusively within the App's iOS sandbox on your device. It is never uploaded, synced, backed up to any cloud service, or transmitted to any server. The only time message content leaves your device is when it is sent directly to a nearby peer over the local network (see Section 4).

How to delete: You can delete individual messages, clear entire conversations from within the App, or erase all locally stored data at any time by deleting ATMChat from your device. No residual data is retained after uninstallation.

4. Local Networking & Mesh Messaging

Local networking is the primary feature of ATMChat. The App enables direct, peer-to-peer mesh messaging between nearby devices using two Apple frameworks: MultipeerConnectivity (Wi-Fi) and CoreBluetooth (Bluetooth Low Energy). This section provides comprehensive detail about how your data is handled during messaging sessions.

4.1 How It Works

No internet connection is used or required. All communication occurs directly between devices over local Wi-Fi and Bluetooth Low Energy (BLE). No data passes through our servers, Apple's servers, or any third-party relay.
The App uses Apple's Bonjour protocol (via MultipeerConnectivity) and BLE advertising (via CoreBluetooth) to discover nearby devices that are running ATMChat.
Once peers discover each other, a direct connection is established. All subsequent data exchange occurs over this local peer-to-peer link.
No message logs exist on any server. Because the App never connects to the internet and operates no backend infrastructure, there is no server that could store, log, intercept, or retain any of your messages. We have no ability to read, access, or recover your messages.

4.2 Data Transmitted During Sessions

During an active local messaging session, the following types of data may be transmitted between connected devices:

Text messages — The content of messages you type and send to other peers.
Photos — Images you select from your photo library or capture with your camera to send to peers.
Videos — Video files you select or record to send to peers.
Voice messages — Audio recordings you create within the App to send to peers.
Contact cards — Contact information you explicitly choose to share with peers.
Files — Documents and files you explicitly select to send to peers.
Delivery receipts — Confirmation signals indicating that a message has been delivered to the recipient's device.
Read receipts — Signals indicating that a recipient has opened and viewed your message.
Message reactions — Emoji reactions you attach to specific messages.
Delete requests — When you delete a message for all participants, a deletion signal is sent to connected peers to remove the message from their devices.
Display names and device UUIDs — So peers can identify each other during messaging sessions. UUIDs are randomly generated and not linked to any personal information.

All of this data is transmitted directly between devices over the local network. None of it is routed through the internet, stored on any server, or accessible to anyone other than the connected peers in the session.

4.3 Mesh Routing & Privacy Implications

ATMChat supports mesh networking, which means messages can hop through intermediate devices to reach their intended recipient. This enables communication even when two devices are not directly within range of each other, as long as intermediate ATMChat devices form a connected path.

Important privacy details about mesh routing:

Intermediate devices act as relays only. When a message hops through an intermediate device, that device forwards the encrypted data without storing, decrypting, or displaying it. The message content is not accessible to the relay device's user.
All mesh-routed data is encrypted. Messages transmitted through the mesh are protected by Apple's built-in TLS encryption (see Section 4.4). Intermediate devices cannot read the content of messages they relay.
No persistent relay logs. Intermediate devices do not retain any record of messages they have forwarded. Once a message is relayed, no trace of it remains on the relay device.
Routing metadata is minimal. The only information an intermediate device processes is the minimum necessary to forward data to the next hop — it does not have access to the full message content, sender identity, or conversation context.

4.4 Encryption

All peer-to-peer communication is encrypted using Apple's built-in TLS encryption (MCSession with .required encryption preference). This means:

All data transmitted between devices — including text messages, photos, videos, voice messages, files, and all metadata — is encrypted in transit.
Data cannot be intercepted or read by other devices on the same network that are not part of the active session.
The encryption is handled entirely by Apple's MultipeerConnectivity framework at the transport layer, using industry-standard TLS protocols.
We do not implement custom encryption on top of Apple's TLS — we rely on Apple's well-audited, system-level encryption implementation.

4.5 Session Lifecycle

When a messaging session ends (either by disconnecting, moving out of range, or closing the App), the active peer-to-peer connection is terminated. Message history that has been saved to ChatStorage (Section 3.2) persists locally on your device for your convenience. However, no session data is transmitted to any server, and no session metadata is retained beyond what is stored locally on your own device.

4.6 Media & File Privacy

Photos, videos, voice messages, contact cards, and files you send through ATMChat are transmitted directly to the recipient's device over the local peer-to-peer connection. They are never uploaded to any server, cloud storage service, or content delivery network. Once transmitted, the media exists only on the sender's and recipient's devices.

5. Third-Party Services & SDKs

ATMChat does not integrate, embed, or communicate with any third-party services, SDKs, APIs, or frameworks that collect, process, or transmit user data. The App uses exclusively Apple-provided first-party system frameworks:

Framework	Purpose	Data Collection
SwiftUI	User interface rendering	None
MultipeerConnectivity	Local peer-to-peer Wi-Fi mesh networking	None (local only)
CoreBluetooth	Bluetooth Low Energy (BLE) mesh networking	None (local only)
AVFoundation	Audio and video recording for voice messages and media capture	None
PhotosUI	Photo and video selection from user's library	None

We do not use Firebase, Google Analytics, Facebook SDK, Unity, AdMob, Crashlytics, Sentry, Amplitude, Mixpanel, or any other third-party data collection tool.

6. Apple's Data Practices

While ATMChat itself does not collect data, please be aware that Apple may independently collect certain information related to your use of the App Store, such as download statistics and crash logs. This data collection is governed by Apple's Privacy Policy, not ours, and is outside our control.

We have declared in App Store Connect that ATMChat collects no data linked to or tracking the user, as reflected on the App's App Store product page under "App Privacy."

7. Children's Privacy

ATMChat is rated 4+ by Apple and is designed to be suitable for users of all ages. The App does not contain violence, gambling (real or simulated), horror, mature themes, profanity, or any other objectionable material.

Because we do not collect any personal information from any user of any age, we are compliant with the following regulations regarding children's privacy:

COPPA (Children's Online Privacy Protection Act, United States) — We do not knowingly collect personal information from children under the age of 13. Since the App collects no personal information from anyone, no COPPA violation can occur.
GDPR-K / Age of Digital Consent (European Economic Area) — We do not process personal data of minors under 16 (or the lower age set by individual EEA member states). Since no personal data is processed, no parental consent is required.
Apple's Guidelines for Apps Used by Children — The App contains no data collection, no third-party analytics, no advertising, and no external links within the messaging experience.

Parents, guardians, and educators can allow children to use ATMChat with full confidence that no personal information is collected, stored, or shared.

8. Your Rights Under Applicable Laws

We respect and support the privacy rights granted to individuals under applicable data protection legislation worldwide.

8.1 European Economic Area (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent local laws grant you the following rights regarding personal data:

Right of access (Article 15) — Request a copy of personal data held about you.
Right to rectification (Article 16) — Request correction of inaccurate personal data.
Right to erasure (Article 17) — Request deletion of your personal data.
Right to restrict processing (Article 18) — Request that we limit how we use your data.
Right to data portability (Article 20) — Receive your data in a structured, machine-readable format.
Right to object (Article 21) — Object to processing based on legitimate interests.
Right to withdraw consent (Article 7) — Withdraw previously given consent at any time.

Since we do not collect, store, or process any personal data, there is no data for us to provide, correct, restrict, delete, port, or cease processing. Your local preferences and message history can be erased by deleting the App. If you believe we hold data about you in error, please contact us and we will investigate promptly.

Legal basis for processing: We do not process personal data. The on-device preference and message storage operates under legitimate interest (providing a functional messaging experience) and does not constitute data processing under GDPR as the data never leaves the device or reaches us.

Data controller: Approve The Move (contact details in Section 14).

8.2 California (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) grants you specific rights regarding personal information:

Right to know — You may request disclosure of the categories and specific pieces of personal information collected.
Right to delete — You may request deletion of personal information collected.
Right to correct — You may request correction of inaccurate personal information.
Right to opt out of sale or sharing — You may direct us not to sell or share your personal information.
Right to non-discrimination — You will not be discriminated against for exercising your privacy rights.

We do not collect, sell, or share personal information. We have not sold or shared personal information of any consumer in the preceding 12 months, nor do we intend to do so.

California's "Do Not Track" signals and Global Privacy Control (GPC) are respected by default, as the App does not track users in any capacity.

8.3 Qatar & Middle East

If you are located in Qatar or other Gulf Cooperation Council (GCC) states, we comply with applicable data protection laws, including Qatar's Law No. 13 of 2016 on Personal Data Privacy. As we do not collect personal data, no registration with the Compliance and Data Protection Department is required.

8.4 Other Jurisdictions

Regardless of your location, the same principle applies: we do not collect personal data, so there is no data to exercise rights over. If your local laws grant you additional privacy rights, please contact us and we will cooperate fully.

9. Data Security

Although we do not collect or store personal data on any server, we employ the following security measures to protect your experience within the App:

Encrypted peer-to-peer communications — All local messaging sessions use Apple's mandatory TLS encryption via MCSession, ensuring all data transmitted between devices — including messages, media, files, and metadata — is encrypted in transit and cannot be intercepted.
Sandboxed storage — On-device preferences and message history are stored within the App's iOS sandbox, which is isolated from other apps and protected by the operating system.
No network exposure — The App makes no internet connections, eliminating the risk of remote data breaches, man-in-the-middle attacks, or unauthorized server access.
No persistent sensitive data — No passwords, tokens, credentials, or financial data are ever stored or processed.
Mesh relay isolation — When messages are routed through intermediate devices in the mesh, relay devices cannot decrypt, read, or store the content of messages they forward.

10. Data Retention

We do not operate servers, databases, or cloud storage of any kind. We do not retain any user data. All data associated with ATMChat exists exclusively on your personal device:

Data Type	Storage Location	Retention Period
User preferences	Device (UserDefaults)	Until App is deleted
Message history	Device (ChatStorage)	Until deleted by user or App is deleted
Conversation list	Device (ChatStorage)	Until deleted by user or App is deleted
Read receipts	Device (ChatStorage)	Until deleted by user or App is deleted
Active session data	Device (RAM only)	Active session only

When you delete the App, all associated data is permanently removed from your device by the operating system.

11. International Considerations

ATMChat is available worldwide through the Apple App Store. Since the App does not collect or transmit any data to external servers, there are no international data transfers to disclose. All data remains on your local device at all times, regardless of your geographic location.

When you send messages to nearby peers, the data travels directly between devices over the local network and never crosses international boundaries via the internet or any remote infrastructure.

Part II — Terms of Use

12. Acceptance of Terms

By downloading, installing, accessing, or using ATMChat, you agree to be bound by these Terms of Use. If you do not agree to these terms, do not use the App and remove it from your device.

These terms constitute a legally binding agreement between you and Approve The Move ("we", "us", "our") governing your use of the App.

13. License Grant

Subject to your compliance with these terms, we grant you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to download, install, and use ATMChat on any Apple device that you own or control, solely for your personal, non-commercial communication purposes.

This license is also governed by the Apple Licensed Application End User License Agreement (EULA), which is incorporated into these terms by reference.

14. Restrictions

You agree not to:

Copy, modify, distribute, sell, lease, sublicense, or create derivative works based on the App.
Reverse-engineer, decompile, disassemble, or attempt to extract the source code of the App.
Remove, alter, or obscure any copyright, trademark, or proprietary notices.
Use the App for any unlawful purpose or in violation of any applicable laws or regulations.
Exploit the App or any part of it for commercial purposes without our prior written consent.
Attempt to interfere with or disrupt the integrity of the App or the experience of other users during local messaging sessions.
Use the App to transmit content that is illegal, harassing, threatening, defamatory, obscene, or otherwise objectionable.
Attempt to intercept, monitor, or tamper with messages transmitted between other users' devices.

15. Intellectual Property

All rights, title, and interest in and to ATMChat — including but not limited to the software code, visual design, user interface elements, graphics, animations, sound effects, messaging protocols, and documentation — are and shall remain the exclusive property of Approve The Move.

The name "ATMChat", the Approve The Move name and logo, and all associated branding are trademarks of Approve The Move. Nothing in these terms grants you any right to use our trademarks without prior written permission.

16. User Content

ATMChat enables you to send messages, photos, videos, voice messages, files, and other content ("User Content") to nearby peers. You retain full ownership of all User Content you create and transmit through the App.

Because ATMChat operates without servers or cloud infrastructure, we never receive, store, access, or have any control over your User Content. You are solely responsible for the content you transmit to other users.

17. Message Delivery Disclaimer

ATMChat is an offline, peer-to-peer mesh messaging application. Message delivery is not guaranteed. Due to the inherent nature of local mesh networking:

Range limitations — Messages can only be delivered to devices within range of your local Wi-Fi or Bluetooth Low Energy signal, either directly or via intermediate mesh devices.
Mesh availability — If there is no connected path of ATMChat devices between you and the intended recipient, messages cannot be delivered.
Session dependency — Messages can only be transmitted while both sender and recipient (or a connected mesh path) have the App actively running. There is no server to queue or store messages for later delivery.
Environmental factors — Physical obstacles, interference, device settings, and distance may affect connection quality and message delivery reliability.
No offline queuing — If a recipient is not reachable at the time of sending, the message may not be delivered. The App does not queue messages for future delivery via the internet because the App does not use the internet.

You acknowledge and agree that ATMChat is not a substitute for reliable, guaranteed communication services. Do not rely on ATMChat for time-sensitive, emergency, or critical communications.

18. Disclaimer of Warranties

THE APP IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED.

To the fullest extent permitted by applicable law, we disclaim all warranties, including but not limited to:

Implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
Warranties that the App will be uninterrupted, error-free, secure, or free of viruses or other harmful components.
Warranties regarding the accuracy, reliability, or completeness of any content within the App.
Warranties that messages will be delivered successfully, completely, or in a timely manner.
Warranties regarding the availability, range, or reliability of local peer-to-peer or mesh networking connections.

You acknowledge that the App is a communication tool that depends on local networking conditions and that your use of the App is at your sole risk.

19. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL APPROVE THE MOVE OR ANY OF ITS AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE FOR ANY:

Indirect, incidental, special, consequential, or punitive damages;
Loss of profits, revenue, data, goodwill, or other intangible losses;
Damages arising from your use of or inability to use the App;
Damages arising from any unauthorized access to or alteration of your device;
Damages arising from failure to deliver messages or loss of message content;
Damages arising from interception or unauthorized access to data transmitted over local networks;
Any other damages arising out of or in connection with these terms or the App;

regardless of the theory of liability (contract, tort, negligence, strict liability, or otherwise), even if we have been advised of the possibility of such damages.

In jurisdictions that do not allow the exclusion or limitation of liability for certain damages, our liability shall be limited to the maximum extent permitted by law. In no event shall our total aggregate liability exceed the amount you paid for the App (which is zero, as the App is free).

20. Indemnification

You agree to indemnify, defend, and hold harmless Approve The Move, and their respective officers, directors, employees, contractors, agents, licensors, and suppliers from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or related to:

Your use of or access to the App;
Your violation of these Terms of Use;
Your violation of any applicable law or the rights of any third party;
Any content you transmit through the App.

21. Governing Law & Dispute Resolution

These terms shall be governed by and construed in accordance with the laws of the State of Qatar, without regard to its conflict of law provisions.

Any dispute, controversy, or claim arising out of or relating to these terms or the App shall be resolved as follows:

Informal resolution — You agree to first attempt to resolve any dispute informally by contacting us at support@approvethemove.com. We will attempt to resolve the dispute within 30 days.
Binding arbitration — If informal resolution fails, any remaining dispute shall be resolved through binding arbitration administered in Doha, Qatar, in accordance with the rules of the Qatar International Court and Dispute Resolution Centre (QICDRC), unless otherwise required by your local laws.

Nothing in this section shall prevent either party from seeking injunctive or equitable relief from a court of competent jurisdiction to prevent the actual or threatened infringement of intellectual property rights.

For EU/EEA residents: Nothing in these terms limits your right to bring proceedings before the courts of your country of residence, as required by Regulation (EU) No 1215/2012.

For US residents: You and we each waive the right to a jury trial and the right to participate in a class action lawsuit or class-wide arbitration.

22. Termination

These terms are effective until terminated. Your rights under these terms will terminate automatically and without notice if you fail to comply with any provision.

Upon termination, you must cease all use of the App and delete all copies from your devices. Sections 15 through 21 shall survive any termination of these terms.

We reserve the right to modify, suspend, or discontinue the App (or any part thereof) at any time without notice or liability.

23. Severability

If any provision of these terms is found to be unlawful, void, or unenforceable by a court of competent jurisdiction, that provision shall be deemed severable and shall not affect the validity and enforceability of the remaining provisions, which shall continue in full force and effect.

24. Entire Agreement

These terms, together with the Privacy Policy above and Apple's Licensed Application EULA, constitute the entire agreement between you and Approve The Move regarding your use of ATMChat. These terms supersede any prior agreements, communications, or understandings, whether written or oral, relating to the App.

General

25. Changes to This Document

We may update this Privacy Policy and Terms of Use from time to time to reflect changes in the App, our practices, or applicable laws. When we make changes:

We will update the "Last updated" date at the top of this page.
For material changes, we will notify you through the App before the changes take effect.
The updated document will be posted at this URL: approvethemove.com/chat/privacy

Your continued use of the App after changes are posted constitutes acceptance of the updated terms. If you disagree with any changes, your sole remedy is to stop using the App and delete it from your device.

26. Contact Us

If you have any questions, concerns, complaints, or requests regarding this Privacy Policy, these Terms of Use, or our practices, please contact us:

Email: support@approvethemove.com
Organization: Approve The Move
Website: approvethemove.com

We commit to responding to all privacy-related inquiries within 30 days of receipt. For GDPR-related requests, we will respond within the legally required timeframe of one calendar month.

Document version 2.0 | Effective April 13, 2026 | Applies to ATMChat v0.1 and all subsequent versions unless superseded.