Red Flags ("Red Flags," "we," "us") is a private relationship-clarity app operated by Plutorock. This policy explains what we do — and deliberately don't — with your information. Our north star: your data is yours, it stays on your device, and we never build a database of real people.
The following is kept in local storage on your phone and is never transmitted to us: your decode history and reports, tracked people ("guys") and notes, your first name and onboarding answers, daily streak, settings, and subscription status. Uninstalling the app or tapping "Delete all my data" removes it.
When you ask Ruby to decode a conversation, the text and/or screenshot you submit is sent over an encrypted connection to our backend (Google Cloud Functions) and on to our AI processor (Anthropic, the Claude API) solely to generate that report. This content is processed transiently and not retained by our backend after the response, is not used to train AI models, and is never sold. We apply on-device redaction that scrubs names, @handles, phone numbers, and emails from the report text the app displays, stores, and lets you share. Please crop anything private (faces, real names, numbers) before uploading — automatic face-blurring is on our roadmap but not yet available.
If you buy Ruby+, the purchase is handled by Apple (App Store in-app purchase) and managed via RevenueCat, our subscription infrastructure provider. They process a purchase/receipt identifier and subscription status. We do not receive your full payment details. See Apple's and RevenueCat's privacy policies.
We do not use third-party advertising or cross-app tracking SDKs. We do not track you across other companies' apps or websites.
The anonymized stories shown after a decode are fictional, composite examples authored for the app to help you feel less alone. They are not real posts, not scraped from any platform, and not about real, identifiable people. They are selected on your device — your situation text is not sent anywhere for this feature.
Red Flags is rated 17+ and is not directed to anyone under 17. We do not knowingly collect information from children.
You can view and delete all your data in-app at any time (You → Delete all my data). Because we hold no server-side account data, deletion is immediate and complete on the device. Depending on where you live (e.g., EEA/UK GDPR, California CCPA/CPRA), you may have rights to access, correct, delete, or restrict processing of personal data and to not be discriminated against for exercising them; contact us at harry.lite6@gmail.com and we will honor applicable requests.
We use encrypted transport (HTTPS/TLS) and a stateless backend that does not retain your decode content. No method of transmission or storage is 100% secure, but we minimize what we hold by design.
Red Flags offers signals, not diagnoses, for entertainment and self-reflection. It is not medical, legal, or mental-health advice, and not a background-check or safety-verification service. If you may be in danger, contact local emergency services or, in the US, call/text 988 (Suicide & Crisis Lifeline) or 1-800-799-7233 (National Domestic Violence Hotline).
We'll update this policy as the app evolves and revise the "Last updated" date. Material changes will be surfaced in-app.
Questions or requests: harry.lite6@gmail.com · Plutorock, United States.