Privacy Policy

1. Who We Are

SocialIRL Inc. ("SocialIRL," "we," "our," or "us") is a Delaware corporation headquartered in New Jersey, USA. We operate the SocialIRL mobile application and this website (collectively, the "Service"). Our mission is to help people make genuine, in-person connections with people nearby.

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use the Service. If you have questions, contact us at privacy@socialirl.com.

2. Information We Collect

2.1 Information You Provide Directly

• Account information: First name (or nickname), profile photo, phone number, date of birth (to verify you are 18+), and gender (optional, required for Women-Only features).
• Hangout data: Activity descriptions, locations you enter, times, and any notes you add to hangouts you post.
• Messages: In-app messages between users regarding hangout logistics. We do not read your messages except as required for safety investigations.
• Support requests: Communications you send to our support team.
• Trusted Contact designation: The phone number or contact information you provide for your trusted contact. We use this solely to deliver location notifications.

2.2 Information Collected Automatically

• Precise location: When you use location-based features (finding nearby hangouts, sharing location with trusted contacts), we access your precise GPS location. We only do this with your explicit permission and only when the app is in active use, unless you have enabled background location sharing for an active hangout.
• Approximate location: We may infer your general geographic area from your IP address to show relevant city content even when precise location is not enabled.
• Device information: Device model, operating system version, unique device identifiers, push notification tokens, and app version.
• Usage data: Features used, pages viewed in the app, time spent, and interaction events (e.g., hangouts viewed, requests sent). This data is used in aggregate to improve the product.
• Crash reports: Diagnostic data when the app crashes or encounters errors, used solely for debugging.

2.3 Information From Third Parties

If you sign in through Apple Sign-In or Google Sign-In, we receive a limited set of profile information (typically an email address and unique identifier) from those providers, subject to your permissions and their privacy policies. We do not receive your password or payment information from these providers.

3. How We Use Your Information

We use the information we collect to:

• Create and maintain your account and authenticate your identity
• Enable you to post, discover, and join hangouts in your area
• Operate the Trusted Contact safety system, including transmitting your live location to designated contacts during active hangouts
• Enforce our Community Standards and investigate safety reports
• Send you push notifications about hangout requests, confirmations, and safety alerts (you may opt out of non-safety notifications at any time)
• Send transactional emails (account verification, hangout confirmation, safety notifications)
• Analyze aggregate, anonymized usage data to improve the Service
• Comply with applicable law and respond to lawful requests from authorities
• Investigate and prevent fraud, abuse, and violations of our Terms of Service

We do not use your information for: behavioral advertising, selling to data brokers, creating psychological profiles, or any purpose not listed above.

4. How We Share Your Information

4.1 With Other Users

Your first name, profile photo, and hangout history are visible to other users on the platform. Your precise location is never visible to other users on the discovery feed — only a fuzzed neighborhood or the specific venue of a hangout you've posted. Confirmed hangout attendees see the hangout venue address but not your personal address.

4.2 With Trusted Contacts

Your precise GPS location is shared with your designated trusted contact(s) only during active hangouts, via a secure, time-limited link. Trusted contacts do not need a SocialIRL account to receive this information. The link expires when the hangout ends.

4.3 With Service Providers

We use the following third-party infrastructure providers:

• Firebase (Google LLC): Authentication services (phone number verification, social sign-in). Subject to Google's Privacy Policy and Firebase Terms of Service.
• Supabase Inc.: Primary database for storing user profiles, hangout data, and messages. Data is encrypted at rest and in transit. Hosted on AWS infrastructure in the United States.
• Expo (Expo Technology Inc.): Mobile app build and over-the-air update infrastructure.
• Vercel Inc.: Website hosting for this marketing site.

All service providers are contractually bound to process your data only as directed by us, to maintain appropriate security measures, and not to use your data for their own purposes.

4.4 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to prevent imminent harm to any person, investigate fraud or abuse, or protect our legal rights.

4.5 Business Transfers

In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you via email or in-app notification at least 30 days before any such transfer and you will have the option to delete your account before it occurs.

5. Data Retention

• Active account data is retained for as long as your account exists.
• Precise location data collected during hangouts is deleted automatically 7 days after the hangout ends, except where retained for an open safety investigation.
• Trusted contact location-sharing links expire within 24 hours of hangout end.
• Support communications are retained for up to 2 years for legal compliance purposes.
• Anonymized, aggregated analytics data may be retained indefinitely.
• Upon account deletion, all personal data is purged within 30 days.

6. Your Rights and Choices

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request that we correct inaccurate or incomplete data.
• Deletion: Request that we delete your account and all associated personal data.
• Portability: Request your data in a machine-readable format.
• Objection: Object to certain uses of your data, including any future marketing communications.
• Restriction: Request that we restrict processing of your data in certain circumstances.

To exercise any of these rights, email us at privacy@socialirl.com. We will respond within 30 days. For account deletion, you can also delete directly in-app at Settings → Account → Delete Account.

7. Children's Privacy

SocialIRL is not directed to individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. Age is verified at sign-up via date of birth. If we discover that a user is under 18, we will immediately suspend the account and delete all associated data. If you believe a minor is using the app, please contact us immediately at privacy@socialirl.com.

8. Security

We implement industry-standard security measures including TLS encryption for all data in transit, AES-256 encryption for sensitive data at rest, regular security audits and penetration testing, strict role-based access controls limiting which employees can access user data, and multi-factor authentication requirements for all internal systems.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach affecting your information, we will notify you as required by applicable law.

9. International Users

SocialIRL is operated from the United States. If you are located outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where our servers are located. By using the Service, you consent to this transfer. We comply with applicable data protection laws including GDPR (for EU/EEA users) and CCPA (for California users).

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification at least 30 days before the changes take effect. The updated policy will be posted on this page with a new effective date. Continued use of the Service after the effective date constitutes your acceptance of the revised policy.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us: