Privacy Policy

Effective July 8, 2026

wisp (“wisp”, “we”, “us”) is operated by minimaleffort.co. This policy explains what we collect, why, and the choices you have. wisp gives you proxy email addresses and phone numbers so you can share contact details without exposing your real ones.

Information we collect

  • Account information. Your email address, display name, and authentication credentials (managed by our auth provider; we never store your password in plain text).
  • Forwarding destinations. The real email address and/or phone number you choose to forward messages to, which we verify before use.
  • Message content. Emails and SMS messages sent to your proxy aliases are received, stored, and forwarded so you can read and reply to them.
  • Payment information. Subscriptions are processed by Stripe. We do not receive or store your full card details; we retain a customer identifier and subscription status.
  • Usage data. Basic logs and metrics needed to operate the service, prevent abuse, and debug issues.

How we use your information

We use your information to operate the core service (creating aliases, receiving and forwarding messages), verify forwarding destinations, process subscriptions, provide support, prevent fraud and abuse, and comply with legal obligations.

Service providers

We share data with the following processors only as needed to run wisp:

  • Supabase — database, authentication, and backend infrastructure.
  • Stripe — subscription billing and payments.
  • Twilio — provisioning phone numbers and sending/receiving SMS.
  • Resend — sending outbound email (replies, verification codes).
  • Cloudflare — DNS and inbound email routing.
  • RevenueCat — mobile in-app subscription management (if you use our mobile app).
  • PostHog — product analytics and error monitoring (see Analytics below).

We do not sell your personal information.

Analytics

We use PostHog to understand how wisp is used (for example, how many aliases are created) and to detect errors before they affect you. Analytics requests are served through our own domain, and events contain internal identifiers and event names only — never the content of your messages, your alias addresses, or the contact details you forward to. We do not record your sessions, we do not use third-party advertising trackers, and we do not sell this data. Analytics data is hosted by PostHog in the United States.

Data retention

We retain your account data and messages for as long as your account is active. When you delete your account, we delete your associated data, subject to any retention required for legal, security, or fraud-prevention purposes.

Your rights

You can access and update your information in the app, and you can delete your account and associated data at any time from Settings. Depending on where you live, you may have additional rights to access, correct, export, or delete your data. To exercise these, contact us at the address below.

Security

We use industry-standard measures to protect your data in transit and at rest. No system is perfectly secure, but we work to safeguard your information and limit access to it.

Children

wisp is not directed to children under 16, and we do not knowingly collect personal information from them.

Changes to this policy

We may update this policy from time to time. We'll post the new effective date at the top and, where appropriate, notify you.

Contact

Questions about privacy? Email us at support@minimaleffort.co.