Snapchat on Thursday settled charges with the Federal Trade Commission that it misled customers about the security of the app and how quickly messages sent through the app disappeared.

The FTC ruled that the Los Angeles–based startup must allow independent privacy auditors to inspect it for the next 20 years. It also had to promise to be more transparent with customers in the future, the New York Times reported.

The main concern about the popular messaging app was the safety and privacy of customers’ messages. Though the company made claims that the messages were protected, it was found that this necessarily wasn’t the case. One of the well-known features of Snapchat is the self-destruct timers that allows a user to set a message to be automatically deleted after a specific number of seconds. However, it was found that message recipients could still save an image of the screen, bypassing the timer. Also, though it was thought that the videos and images simply disappeared from the phones, they were actually stored as unencrypted data on the devices.

There were also issues raised about the safety of users’ personal information. It was revealed that Snapchat was gathering users’ data and tracking users as well. The company also uploaded full contact lists from iPhones without the knowledge of users. That contact information was ultimately stolen by hackers, leading to the usernames and partial phone numbers of 4.6 million Snapchat users being posted online.

"If a company markets privacy and security as key selling points in pitching its service to consumers, it is critical that it keep those promises," FTC Chairwoman Edith Ramirez said in a statement.

On Thursday, Snapchat said it had updated its privacy policy, notification to users and its app description. "While we were focused on building, some things didn't get the attention they could have. One of those was being more precise with how we communicated with the Snapchat community," the company said on its blog.