Privacy Policy

1. Personal Data We Collect

We collect:

• Name
• Age
• Gender
• Travel group
• Trip duration
• Preferences (categories, budget)
• Referral code (optional)
• App rating (optional)
• Usage data (e.g., swipes, saved places)
• Device type, OS version (anonymized)

2. Legal Basis for Processing (GDPR Article 6)

We process your data based on:

• Consent: for location, notifications, in-app feedback
• Contract: to deliver features you've signed up for
• Legitimate interest: to improve functionality, gather product feedback, and ensure app security

3. How We Collect Data

• Direct input via quiz and in-app actions
• Apple IAP system for subscriptions
• Anonymous tracking via PostHog
• In-app pop-ups for feature feedback and city voting

4. How We Use Data

To personalize your travel experience

• To generate itineraries
• To improve app performance and usability
• To gather product feedback (e.g., new feature ratings, city prioritization)
• To offer relevant subscription options

We do not sell or share your data with third-party advertisers.

5. Data Sharing

We share data only with essential service providers for app functionality, including:

• Apple (for secure in-app purchases)
• PostHog (for anonymized usage analytics)
• Supabase (for backend services, including database, authentication, and storage)

No personal data is sold, rented, or disclosed beyond these essential services required for the App to function.

6. Cookies and Tracking

SwipeCity does not use cookies. Anonymous tracking is performed by PostHog SDK, in accordance with GDPR.

7. International Data Transfers

If data is transferred outside the EU (e.g., to the U.S.), it is protected using GDPR-approved safeguards, including Standard Contractual Clauses.

8. Security Measures

We implement robust security measures to protect your data, including:

• TLS encryption for data in transit
• Secure data storage with Supabase, leveraging their comprehensive security practices for data at rest
• Role-based access control to limit data access to authorized personnel
• Regular internal reviews and updates to our security protocols

While some data may be cached locally on your device for performance, primary user data is stored securely on our backend.

9. Data Retention

We retain your personal data as long as your account is active or as needed to provide you with our services. Specifically:

• Account information and quiz data: Stored securely in Supabase until you request deletion or delete your account.
• Usage analytics (PostHog): Stored indefinitely in an anonymized and aggregated format for analytical purposes.

You may request the deletion of your personal data and account by contacting us at [email protected]. Uninstalling the app from your device will remove locally cached data but will not automatically delete data stored on our servers.

10. Your Privacy Rights

If you are located in the EU, UK, or US, you may have the right to:

• Access your data
• Request correction or deletion
• Object to or restrict processing
• Withdraw consent
• File a complaint with a data protection authority

To exercise your rights, email us at [email protected]

11. Children's Privacy

SwipeCity is not intended for children under 13. We do not knowingly collect personal data from minors. If we learn that we have, we will delete it promptly.

12. Policy Updates

We may update this Privacy Policy to reflect changes in our practices or laws. Major changes will be communicated in-app or via email. You can always find the latest version in the app settings.

13. California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what personal data we collect and how it's used
• Access your personal data
• Request deletion or correction
• Opt out of the sale or sharing of your personal data (note: we do not sell or share data)

To make a CCPA-related request, contact: [email protected]