privacy

Privacy Policy

Last updated — July 11, 2026
Plain-language summary: Commit exists to make posting irreversible on purpose. We collect your account details, the content you seal, who's in your circle, and the technical data needed to deliver on time. Once something ships — or you pay to cancel it — a record of that stays visible to your circle by design. We don't run ads, and we don't sell your personal information. Today, no real money changes hands: cancellation fees are recorded, not charged.

1. Who we are

Commit is a product of Queri Labs and is powered by the Queri Platform. The service is operated by Queri K.K., a company organized under the laws of Japan ("Commit," "we," "us," or "our"). This Privacy Policy explains how we handle information when you use the Commit mobile application and the commit.queriapp.com website (together, the "Service"). Questions: hello@sayitpostitcommitit.com.

2. What Commit is (and why it matters for your data)

Commit is a communication app for delayed, irreversible posting. You write a post, direct message, or letter now and lock it to a future delivery time. Once sealed:

  • It cannot be edited or deleted. The only way to stop delivery is to cancel and incur the cancellation price you set yourself when sealing.
  • If you cancel, the item's content is permanently hidden, but a redacted "receipt" remains visible to the original audience, showing that you cancelled and the amount of your cancellation price.
  • Your friends ("witnesses") can see that something sealed is coming — the countdown, the kind of item, and your cancellation price — before it ships, and can react and comment on it.
  • Delivered posts remain on your record, and your kept/cancelled history (including totals paid to cancel) is visible to your circle, for example on the "Class of Fail" board.

This permanence is the product, not a side effect. Please post accordingly.

3. Information we collect

Information you provide

  • Account — the username (handle) and display name you choose, a password (stored only as a salted hash), and optionally a short bio and a profile photo. Sign-up currently requires no email address or phone number.
  • Content you create — posts, direct messages, and letters (including presentation choices such as letter penmanship, envelope, and signature style); comments, replies, likes, and emoji reactions; photos and videos you attach from your library or capture in-app with your camera; each item's scheduled delivery time, audience, self-set cancellation price, and optional add-ons (such as the last-minutes price-doubling add-on).
  • Your connections — friend requests, your friends list, and the private "inner circle" groups you create to filter your own feed (inner-circle membership is visible only to you, never to the members).
  • Reports — if you report content or an account, we collect the report, your selected reason, and the reported material.

Information created by using the Service

  • Cancellation ledger — a record of each cancellation ("bail") including the amount of your self-set price. See Section 6: today this is a bookkeeping entry only; no money is charged.
  • Engagement records — which sealed posts you interacted with, including taps on the "would you pay to preview?" prompt (recorded once per person per post; shown to others only as an aggregate count).
  • Notifications & push tokens — in-app notification history and, if you enable push notifications, your device push token.
  • Device & log data — app version, device platform, language preference, authentication tokens, and server logs (timestamps, IP addresses, request metadata) used to operate and secure the Service.

We do not use third-party advertising or analytics SDKs in the app.

4. How we use information

  • To run the core mechanic: deliver your sealed items exactly when scheduled, show countdowns to their audience, and maintain the permanent record described in Section 2.
  • To notify you and your circle about sealed, arriving, and delivered items and activity from your circle (mentions, comments, likes, friend requests).
  • To record cancellations and apply the pricing rules you chose at sealing.
  • To review reported content, keep the Service safe, prevent abuse, and enforce our Terms of Service.
  • To diagnose problems, secure, and improve the Service.
  • To comply with legal obligations.

5. Legal bases

Where laws such as the EU GDPR apply, we rely on: performance of a contract (running the Service you signed up for, including its intentional permanence), legitimate interests (safety, security, anti-abuse, service improvement), consent (push notifications, camera and photo-library access — each requested via your operating system and revocable in system settings), and legal obligation.

6. Payments — important, please read

No real money is charged today. Cancellation prices ("bail," "cowardice fee") and the price-doubling add-on are currently recorded as internal ledger entries only. No payment method is collected, and no charge is made to you, even when the app displays amounts in dollars. The "would you pay to preview?" prompt never charges anyone and never reveals content; it only records that you tapped yes.

If we introduce real payments in the future, charges will be processed by a third-party payment processor; we will receive transaction confirmations and records but will not store full payment-card numbers. We will update this Policy and provide notice before real charges begin.

7. How information is shared with other users (by design)

  • Your profile (handle, display name, bio, photo, and kept/cancelled statistics) is visible to other users; a private-account setting limits who can follow your record.
  • Posts are visible to your accepted friends; DMs and letters are visible to their recipient.
  • Countdown metadata for sealed items (that something is coming, its kind, its cancellation price, aggregate reactions/comments/"already paid" counts) is visible to the item's future audience before delivery. Content is never visible before delivery.
  • Cancellation receipts (the fact of cancellation and the amount) remain visible to the original audience. Totals paid to cancel appear on your circle's "Class of Fail" board.

8. How we share information with third parties

  • Infrastructure — the Service runs on Amazon Web Services in the Asia-Pacific (Tokyo) region (ap-northeast-1). Media files are stored in Amazon S3 and served through Amazon CloudFront using signed, expiring URLs.
  • Push notifications — device push tokens are registered with AWS SNS, which delivers notifications through Apple's Push Notification service. Notification payloads necessarily transit Apple.
  • Safety review — when content is reported, a review card (including the reported content and reporter context) is forwarded to a private Slack workspace used by our operations team. Slack, Inc. processes that data as our service provider.
  • Legal — when required by law, or to protect the rights, safety, and property of our users, the public, or us.
  • Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this Policy.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

9. Retention — and the deletion tension you should understand

We keep your information while your account exists and as needed to provide the Service. Because permanence is the product, delivered content and cancellation receipts are intended to remain on the record indefinitely, including as they appear to other users.

When your account is deleted, your profile and content are removed from the Service, and we delete or de-identify associated personal information within a reasonable period, except where retention is required for legal compliance, dispute resolution, or fraud and abuse prevention. You can delete your account yourself at any time in the app under Settings → Delete account, which closes it immediately. If you cannot reach the app, you can request deletion here, where we also set out exactly what is removed and what we retain.

10. Security

Passwords are stored only as salted bcrypt hashes. Media is served via signed, expiring URLs. Sessions use signed tokens over TLS. We apply reasonable technical and organizational safeguards, but no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Children

The Service is not directed to children under 13 (or the higher minimum age your jurisdiction requires), and we do not knowingly collect their personal information. If you believe a child has provided us information, contact us and we will delete it.

12. International transfers

Our infrastructure is located in Japan. If you use the Service from elsewhere, your information is transferred to and processed in Japan (which holds an EU adequacy decision) and by the service providers listed in Section 8. Where required, we implement appropriate safeguards for transfers.

13. Your rights

Depending on where you live (including under Japan's APPI, the EU/UK GDPR, and the California CCPA/CPRA), you may have rights to access, correct, delete, or receive a copy of your personal information, to object to or restrict certain processing, and to lodge a complaint with a supervisory authority. Exercise them via hello@sayitpostitcommitit.com; we will verify your request against your account. We do not discriminate against you for exercising rights.

14. Changes to this Policy

We may update this Policy from time to time. If we make material changes, we will update the date above and, where appropriate, provide additional notice in the app.

15. Contact

Queri K.K. — Commit privacy team: hello@sayitpostitcommitit.com.
Commit is a product of Queri Labs, powered by the Queri Platform.

Commit ✦ © 2026 Queri K.K.