Privacy Policy

Last updated: April 26, 2026

Who we are

Civic Text is a self-service SMS / MMS platform for political and municipal organizations (“operators”) to communicate with their constituents and supporters (“contacts”). Civic Text acts as a data processor for operators with respect to contact data; operators are the data controllers.

What we collect

From operators (account holders)

• Name, email, hashed password, two-factor secret (encrypted)
• Organization, role, billing details (handled by Stripe)
• Audit logs of every send, opt-out, and account change
• For mobile users: device push token (Apple/Google Push) so we can notify you of inbound replies; rough device platform (iOS/Android)

From contacts (people you message)

• Phone number, opt-in status, opt-in source, timestamp
• Optional uploaded fields: name, address, custom fields, tags
• Inbound messages they send back to your number

How we use it

• To deliver SMS / MMS via Twilio on your behalf
• To honor TCPA opt-out and opt-in keywords (STOP, UNSUBSCRIBE, START, HELP) immediately and irrevocably
• To bill operators (segment counts, overage)
• To prevent fraud and abuse (rate limiting, audit logs)
• To improve the product (aggregate, anonymized usage)

What we don't do

• We do not sell contact data — ever.
• We do not use contact data to train AI models or for any purpose other than the operator's authorized messaging program.
• We do not share contact data across operators. Each organization is tenant-isolated at the database level.

Subprocessors

• Twilio — SMS / MMS carrier delivery
• Apple Push Notification service / Google Firebase Cloud Messaging — mobile push notifications
• Stripe — payment processing
• Vercel / Fly.io — application hosting (US-region)
• Postgres (managed) — primary data store (US-region)

Your rights

Contacts can opt out at any time by replying STOP to any message. The opt-out is enforced platform-wide and is irrevocable until the contact opts back in via START. Contacts can also email privacy@civictxt.org to request access, correction, or deletion of their data — we will forward such requests to the relevant operator within 7 days.

Operators can export or delete their organization's data at any time from Settings → Account → Data Export / Delete Account.

Retention

Message logs are retained permanently for compliance auditing per TCPA / CTIA carrier requirements. Operators can request earlier deletion in writing once the retention floor (4 years from send) has passed.

Children

Civic Text is not intended for users under 13 and we do not knowingly collect data from anyone under 13. If you believe we have collected data from a minor, contact us immediately.

Contact

Questions or requests: privacy@civictxt.org.

This policy is a starter draft generated alongside the app and has not been reviewed by counsel. Operators are responsible for confirming it matches their legal posture before relying on it for App Store submission or commercial use.