Privacy, consent & data protection

YeboNadi Privacy Policy

This page embeds the YeboNadi User Consent, Privacy & Data Protection Agreement supplied by Simple Concepts LLC, including the security model, lawful use requirements, retention rules, privacy rights, and contact details. The underlying text comes from the uploaded agreement document.

Overview

YeboNadi | User Consent, Privacy & Data Protection Agreement | v3.0 Effective date: 30 March 2026 Developer / Data Controller: Simple Concepts LLC Privacy contact: privacy@concepts-simplified.com Platforms: Apple iOS 15+ and Android 10+

This is a legally binding agreement between you and Simple Concepts LLC. By creating an account or using the app you accept the terms. If you do not agree, do not use YeboNadi.

What YeboNadi does

YeboNadi is described in the agreement as a secure voice and data recording application built around a privacy-first, court-access-only architecture. Recordings are encrypted on the device when created, uploaded in encrypted form, and cannot be played back or retrieved by anyone, including the provider, unless there is a valid court order and the required encryption key is provided.

Core principle: YeboNadi is not a dictaphone or memo app. It is an evidential recording vault. Once a recording is made, it is sealed.

Essential recording facts

  • Two recording modes are defined: continuous recording and short recording.
  • Background recording can continue while the phone is locked or another app is active until the user manually stops it.
  • Recordings are encrypted on-device, in transit, and at rest using AES-256 and TLS 1.3 or higher.
  • The user passphrase is irrecoverable and cannot be reset by YeboNadi.
  • There is no playback, export, or self-retrieval inside the application after upload.
  • Cloud storage can overwrite older recordings when storage is full unless items are explicitly kept.

What we collect

  • Account data: email address, device identifier, authentication credentials.
  • Technical data: device model, OS version, app version, crash diagnostics, and error logs.
  • Recording metadata: encrypted file references, location, timestamps, duration, and internal identifiers.
  • Usage analytics: aggregated or anonymized feature and location usage data to improve the application.
  • Communications: support messages sent to the company.
The agreement states that YeboNadi does not sell personal data and does not use it for advertising or third-party profiling.

Security measures

  • AES-256 device-side encryption before upload.
  • TLS 1.3 encrypted transmission to secure cloud storage.
  • Strict role-based access controls and audit logging.
  • Court-order-gated decryption.
  • Regular independent security audits and penetration testing.
  • ISO 27001-aligned information security management practices.

Retention

Encrypted recordings are retained for the duration of the active subscription, subject to the missed-payment and deletion-request rules set out in the agreement. Account and identity data may be retained for seven years after closure, technical data for a rolling twelve months unless needed for proceedings, support communications for three years from case closure, and pseudonymized analytics for up to two years.

Your privacy rights

Depending on jurisdiction, the agreement lists rights of access, rectification, erasure, restriction, portability, objection, and withdrawal of consent, as well as POPIA and CCPA rights. Requests go to privacy@concepts-simplified.com and may require identity verification.

Your responsibilities

The agreement places responsibility on the user to comply with recording-consent laws, obtain any required consent, use the verbal disclosure mechanism where appropriate, avoid unlawful surveillance or harassment, and not attempt to bypass technical protections.

Third-party providers & international transfers

The agreement states that YeboNadi uses in-house or trusted cloud and infrastructure providers under data processing agreements and may process data internationally using safeguards such as SCCs, UK IDTAs, POPIA cross-border conditions, transfer impact assessments, and the EU-US Data Privacy Framework where applicable.