When you use the trendy new consent app, Good2Go, you’re theoretically practicing “affirmative consent”: explicit, conscious agreement to sexual activity before it starts.

Incidentally, you’re also telling a new mobile development company with no Internet footprint or track record to speak of (a) who you’re sleeping with, (b) when you did it, and (c) how drunk or sober you were at the time.

Didn’t realize you consented to that, did you?

According to its small print, Good2Go logs personally identifiable information, including names and phone numbers, on all its users. When two people use the app to hook up, it records both users’ phone numbers, as well as the time and one partner’s sobriety. (Because Good2Go requires you to register with a name and phone number, that number is also tied to your name.) Per its privacy policy, Good2Go can share that information with law enforcement, “third-party service providers” and e-mail marketers — or anyone else, really, “for any reason, in Good2Go’s sole discretion.”

This doesn’t just mean that your data is potentially vulnerable to hackers, should they go after the service. (Good2Go stores its users’ information on Amazon Web Services, which are considered secure — but have been hacked before.) It also means the logs could transfer to another company if Good2Go is sold, be subpoenaed in a lawsuit or criminal case, or sold off to someone else entirely.

“To be clear, it is not our policy to disclose these records to just anyone,” Lee Ann Allman, the president of Good2Go and its parent company, Sandton Technologies, told the Post. “Good2Go/Sandton Technologies would need to be presented with an official, legal request via law enforcement or a specific university before we would disclose these records.”

As for marketers, she adds, the company doesn’t currently share records with them, because the app’s “initial focus is to drive adoption … and the concept of affirmative consent on college campuses.” Sandton Technologies, meanwhile, describes itself as a a “group of concerned citizens” that wants to “facilitate education and communication about affirmative consent and sexual assault prevention.”

Even if that’s true, however, and Good2Go is a wholly altruistic (albeit for-profit) enterprise, it’s unclear why its privacy policy is so incredibly lax. It’s likewise unclear why anyone would use the app, to begin with. After forcing both parties to register — with their full names, phone numbers and email addresses — Good2Go takes them through a series of questions that most consenting adults would, one hopes, be mature enough to discuss with … actual words.

“Are we Good2Go?” it starts out. (Options: Yes, no thanks, yes-but-we-should-talk.) It then asks users to self-select their level of sobriety: sober, mildly intoxicated, intoxicated but Good2Go, or pretty wasted. In an odd interface choice that does absolutely nothing to clarify the issue of sobriety and consent, the app will tell you you’re not “Good2Go” if you select “wasted,” but will not do the same if you’re “intoxicated.”

Once your potential partner has logged her alcohol consumption and willingness to get down, the app gives you blessing to do so. Meanwhile, a record of this most intimate interaction flits away into the cloud, where it will live forever until Good2Go shuts down. (Even that’s no guarantee the record will disappear: per the app’s privacy policy, the company “may not be able to control how your personal information is treated, transferred or used,” should they sell it or close shop.)

That’s a little scary from a legal standpoint, notes Slate’s Amanda Hess: do we want to see people’s sexual records showing up in trials? (Particularly when said records could be inaccurate or misleading?) Worse, is this personal, potentially embarrassing data the kind of thing we want to mindlessly hand over to unknown tech companies?

Both questions could very well be irrelevant, as it’s hard to imagine a universe in which Good2Go catches on. But this is a potent reminder that little you do online or on your phone ever really fades away; even now, cookies on washingtonpost.com are tracking you — and if you click over to Facebook, that site will store your every click and keystroke. But by and large, we remain oblivious to how our data is tracked, and by who, and for what purpose. By some estimates, fewer than one in 10 people ever read the terms of service in full.

As Good2Go makes all too clear, however, you can’t consent to something you don’t understand or aren’t aware of. So next time you click the “agree to privacy policy” checkbox … you may actually want to read the privacy policy first.