Privacy Policy

Last Updated:

Introduction

LYYST (“we,” “our,” or “us”) provides a wishlist and gifting app. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the controls you have. It applies to the LYYST mobile app, our web pages, and the LYYST API.

Information We Collect

Information you provide directly:

• Account profile from your sign-in provider through Clerk: email address, username or display name, and profile picture (when provided by you or the OAuth provider).
• Optional phone number, used only for friend discovery when you turn it on.
• Wishlist content you create: list titles, occasions, items, notes, quantities, and privacy/visibility settings.
• Reservation activity on lists you can see (which you reserved or marked as purchased).
• Friend graph: friend requests, friendships, and the LYYST users you connect with.
• Optional contact information you choose to import to find friends already on LYYST. We store a normalized form of the emails or phone numbers you uploaded so we can match against future signups; we do not share that list with anyone else.
• Messages you send to support.

Information collected automatically when you use the app:

• Push notification tokens issued by Apple (APNs) and Google (FCM) and a device descriptor (platform, app version, OS version) used to deliver notifications.
• Service logs (request paths, response codes, error reports) that may include your user identifier so we can debug, secure, and improve the service.
• Aggregated, non-identifying counts of feature usage (for example, how many wishlists exist).

How We Use Your Information

• To run the core wishlist, reservation, and gifting features you ask for.
• To enable social features: friend requests, friend discovery (only against the channels you opt into — email, phone, or contact-based), and shared/joint lists.
• To send you push, email, and in-app notifications about activity on your account and the lists you participate in. You can turn each channel and category on or off in Settings.
• To verify your identity through Clerk and keep your session secure.
• To investigate abuse, prevent spam (rate limiting, anti-enumeration controls), and comply with legal obligations.

Affiliate Links

LYYST uses affiliate links on supported retailers. When you purchase through a product link in our app or on a shared wishlist page, we may earn a commission at no extra cost to you. This does not change the price you pay at the retailer. We do not sell your personal information and we do not run third-party advertising in the app.

What We Do Not Do

• We do not run in-app display advertising, do not sell your personal information, and do not use it to target ads on or off LYYST.
• We do not collect Apple's advertising identifier (IDFA) or Google's advertising ID.
• We do not track you across other companies' apps or websites.

Who We Share Information With

We share data only with the service providers that help us run LYYST, and only the data they need to do their job:

• Clerk — identity and authentication (sign-in, OAuth, session management).
• Apple Push Notification service (APNs) and Google Firebase Cloud Messaging (FCM) via Expo — delivery of push notifications.
• Email transport for transactional email (account, reservation, and reminder messages).
• Cloud hosting for the API and database.
• Optional error reporting (Sentry) when enabled in production.
• Legal authorities when we are required by law.

If a friend has a public or friends-only wishlist with you, the items and any reservation activity you can already see in the app may be visible to them or to other friends per the visibility rules of that list (open, surprise, anonymous).

Your Choices

• Notifications: turn channels (push, email, in-app) and categories on or off in Settings → Notifications.
• Discovery: turn email-, phone-, and social-based discovery on or off in Settings → Privacy. You can also clear your stored phone number at any time.
• Wishlist visibility: set each list's privacy (public, friends, private) and gifting mode (open, surprise, anonymous) when you create or edit the list.
• Linked accounts: manage social connections through Clerk and the in-app Connected Accounts screen.

Account Deletion

You can delete your LYYST account from Settings → Account. Deleting your account permanently removes your profile, wishlists, items, reservations, friend graph, push tokens, and uploaded contact identifiers from our systems. If you signed in through Clerk, we also remove your linked Clerk identity. Some non-identifying analytics events that reference only an internal numeric ID may be retained for product analytics.

To change the email on your account, use your sign-in provider (Google, Apple, etc.) or Clerk account settings—LYYST does not offer a separate in-app email change flow. For privacy questions or data requests, contact privacy@lyyst.app.

Data Retention

We keep your account and content while your account is active. After account deletion, content is removed from production databases. Backups follow a rolling retention window and are deleted on the same schedule.

Children

LYYST is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). If you believe a child has created an account, contact us and we will remove it.

Changes to This Policy

We will update this page when we change how we handle data. The “Last Updated” date at the top of this page reflects the most recent change.

Contact Us

If you have questions about this Privacy Policy or want to exercise any of the rights above, contact us at privacy@lyyst.app.

← Back to Home