© 2026 Misd
We designed Misd so that we couldn't surveil you even if we wanted to. Here's exactly how.
Plain English. No legalese. Everything that matters about how we handle — and don't handle — your information.
You choose your own alias fresh each session — "Blue Hoodie," "Corner Table," "Late Train." We don't ask for your real name. We don't link aliases across sessions. Two sessions with the same alias are not connected in our system.
This isn't a nickname layered on top of a real account. There is no underlying account. The alias is the entire identity — ephemeral, self-assigned, gone when the session ends.
When you post, you choose a neighborhood — not a coordinate. We never store your exact GPS coordinates. We never transmit your precise location to other users or to our own servers beyond the moment of neighborhood selection.
"Westside, Atlanta" is as precise as Misd ever gets. We can't show anyone where you were standing. We don't know ourselves.
Moments expire in 72 hours depending on type. After expiry, they are deleted — not archived, not anonymized and retained, not moved to cold storage for future analysis. The database row is gone.
Context cards (behavioral patterns that personalize your feed) reset weekly. Match conversations expire when both parties leave. Ephemeral isn't a setting you toggle on. It's the only mode Misd operates in.
Here is the complete inventory of what Misd stores and for how long:
| Data type | Retention |
|---|---|
| Session token | Deleted on logout |
| Alias + posts | Deleted at expiry (72 hrs) |
| Match conversation | Deleted when match expires or either party leaves |
| Context card | Reset weekly |
| Device identifiers | Not collected |
| IP address | Rate limiting only — not stored beyond 24 hours |
That's it. There is no "additional data" column. There is no list of third-party recipients. We don't have more to disclose because we don't collect more than this.
We do not sell, share, license, or otherwise transfer user data to third parties. Not to advertisers. Not to data brokers. Not to analytics platforms. Not to anyone.
Our only revenue source is business subscriptions — place pages for local venues. We make money when businesses pay us directly for presence in their neighborhood. We have no financial incentive to monetize user behavior, because user behavior isn't in our data model.
Sponsored posts from businesses pass an AI tone review before appearing in feeds. The AI checks for authenticity — not your identity. It's looking at the post itself, not at you.
We don't use your behavior to target you with sponsored content. Sponsored moments appear at fixed intervals — one in every twenty posts — regardless of what you've done on the platform. There is no behavioral profile being maintained to serve you "relevant" ads.
When two people mutually react to the same moment, a match opens a temporary chat. This chat is end-to-end encrypted. Neither party's alias is linked to a real identity in our system — because there is no real identity in our system to link to.
When the match expires, the conversation is deleted from our servers. We don't retain match metadata. We don't store who matched with whom. The connection existed, briefly, and then it didn't.
Since we don't store personally identifiable information, there's no data to request, export, or delete under GDPR, CCPA, or any other framework. You can't submit a data request because there's nothing to respond to with.
If you want to be gone from Misd, stop using it. Within 72 hours, your posts expire, your session token is cleared, and there is nothing left. No account deletion form. No 30-day waiting period. Just absence.
These aren't policy choices. They're architectural constraints. The system wasn't built with the capability — so it can't be unlocked by a policy change, a court order, or a bad actor inside the company.
If you have a question about this policy, a concern about how Misd handles data, or just want to understand something better — we want to hear from you.
privacy@misd.me