Privacy Policy

Section 01

Information We Collect

a) Account & Identity Data

When you register, we collect your phone number (used as your primary identifier), full name or display name, username (3–20 characters), email address, date of birth (used to calculate and store your age), gender, and avatar or profile photo. You may optionally provide your job title or company name and a personal bio.

b) Profile & Preference Data

To personalize your experience, we collect your selected interests from 70+ categories (e.g., Art, Music, Gaming, Fitness, Travel), your music profile including up to 5 favorite tracks, your preferred plan vibes (e.g., Chill, Romantic, Adventurous, Deep, Nerdy), your age and gender discovery preferences, and your discovery radius (defaulting to 50km).

c) Plan & Social Data

We collect all data related to plans you create or participate in, including plan title, description, emoji/type, location, date and time, duration, group size, activity category, age and gender filters, smoking preference, payment details, and any photos attached to the plan. We also store the status of plan requests and post-plan feedback responses, and the Trust Scores derived from aggregated feedback.

d) Location Data

We collect your precise GPS coordinates when you actively use discovery, proximity map, or location-sharing features. Location data is processed in real time to show you nearby plans and provide weather context. Your precise GPS coordinates are not permanently stored on our servers beyond the active session. When you use the "Check Distance" button on a plan, your current location is used solely to calculate the distance between you and the plan's location · this coordinate is never saved or logged. We do not collect or store your IP address. You can revoke location permission at any time in your device settings.

e) Communication Data

Messages and voice notes exchanged between users are end-to-end encrypted. We store them securely but cannot access or read the content of your conversations. This includes text messages, voice note audio files, shared images (compressed to 1200px max, JPEG format), shared plan cards, shared contact cards, and shared music tracks. Typing indicators are processed in real time and are not stored. Message read status is stored to support the messaging experience.

f) Usage & Analytics Data

We collect behavioral engagement data including plan impressions (recorded when a plan card remains visible on screen for 500ms or longer), plan detail page views, map opens, profile taps from plan cards, and reminder additions. This data may be presented as aggregated analytics to Prime+ subscribers who created the plans being viewed.

g) Profile Visitor Data

When you view another user's public profile, a visitor record associated with your account may be created and stored. This record can be surfaced to that user if they subscribe to Prime+. If you activate Ghost Mode before visiting a profile, no visitor record is created or stored for that session.

h) Poke & Interaction Data

We store a record of pokes sent and received between users, including timestamps and interaction status. This data is used to enforce the one-poke-per-day limit and to surface mutual connections.

i) Feedback & Trust Score Data

After a plan is completed, participants may submit feedback about each other. Individual feedback is anonymized; your Trust Score (0–100%) is a calculated aggregate and is visible on your public profile.

j) Device & Technical Data

We collect device identifiers, operating system version, app version, and push notification tokens to deliver notifications and maintain app functionality.

k) Audit Log Data

Key account-level actions · including reports submitted, subscription changes, account deletions, and significant profile modifications · are logged via WorkOS for security, compliance, and fraud prevention purposes. Audit logs are not visible to end users.

Section 02

How We Use Your Information

• To create and manage your account and authenticate your identity
• To power discovery: surfacing nearby plans and profiles that match your preferences
• To facilitate plan creation, requests, messaging, and post-plan feedback
• To calculate and display Trust Scores based on anonymized, aggregated user feedback
• To operate Ghost Mode: suppressing visitor records and online status when enabled
• To operate Locked Profile: restricting visibility of photos, music, stats, and interests
• To deliver push notifications including plan alerts, message notifications, poke alerts, and profile visitor alerts (Prime+)
• To provide Prime+ subscribers with plan analytics and profile visitor insights
• To enforce community safety: detecting abuse, fraud, spam, harassment, and policy violations
• To process in-app subscriptions and purchases via Apple App Store
• To respond to support requests, reports, and legal inquiries
• To improve app performance, fix bugs, and develop new features
• To comply with applicable laws and respond to lawful legal requests

We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects without human review.

Section 03

Ghost Mode

Ghost Mode is a privacy control that allows you to browse Meetfleet invisibly. When Ghost Mode is active:

• Your profile is not added to any user's visitor list, regardless of how many profiles you view
• Your online status is not displayed to other users
• You can still send messages, pokes, and plan requests · these interactions are attributed to your account as normal
• Ghost Mode can be configured for 1 hour, 6 hours, 24 hours, or indefinitely
• Unlimited Ghost Mode is a Prime+ exclusive feature
• Deactivating Ghost Mode resumes normal visitor tracking immediately

Ghost Mode protects your browsing behavior; it does not remove your account from discovery feeds or make your existing profile content invisible to others.

Section 04

Locked Profile

The Locked Profile feature gives you granular control over what others can see on your profile. You may independently toggle visibility for:

• Profile photos (hidden from all non-matched users when locked)
• Music taste (your 5 selected tracks hidden from public view)
• Profile stats (impression count and visitor count hidden)
• Interests (your 70+ category selections hidden)

Locking your profile does not remove you from discovery. Your name, age, gender, and avatar remain visible. Locked settings take effect immediately and can be changed at any time in Settings → Privacy.

Section 05

Profile Visitors & Plan Impressions

a) Profile Visitors

When another user views your profile, a timestamped visitor record is created. As a Prime+ subscriber, you can access a list of users who visited your profile. Free users may see a visitor count only. Visitor records are suppressed when the viewing user has Ghost Mode active.

b) Plan Impressions & Analytics

Plans you create accumulate engagement data: impressions (card visible 500ms+), detail views, map opens, profile taps from the plan card, and reminder additions. As a Prime+ subscriber, you can view this data broken down per day. This data is never shared with users other than the plan creator.

Section 06

Sharing of Information

We do not sell, rent, or trade your personal data to third parties for marketing or advertising purposes.

We share your data only with the following trusted third-party processors, solely to operate the Service:

• Supabase ·primary database, authentication infrastructure, and real-time messaging
• Mapbox ·interactive proximity maps and location visualization
• Apple Inc. ·App Store subscription billing
• WorkOS · audit log events for security and compliance tracking
• Expo · push notification delivery and app build infrastructure

All third-party processors operate under data processing agreements that prohibit them from using your data for any purpose other than providing services to Meetfleet. We may also disclose your information when required by law or to protect the safety of any person.

Section 07

Data Security

We implement industry-standard security measures including:

• TLS/HTTPS encryption for all data transmitted between the app and our servers
• Encryption at rest for sensitive fields including passkey hashes and authentication tokens
• Passkey PINs are hashed before storage and never stored in plain text
• Authentication tokens are stored in iOS Secure Enclave (SecureStore) on your device
• Role-based access control limiting internal access to user data
• Automated abuse detection and rate limiting on all API endpoints

Despite these measures, no system is completely secure. We encourage you to use strong credentials, enable passkey protection, and report suspicious activity immediately.

Section 08

Data Retention & Deletion

We retain your personal data only as long as necessary to provide the Service or as required by law.

You may permanently delete your account at any time via Settings → Account → Delete Account. Account deletion triggers the immediate and permanent removal of your profile, all plans you created, all messages sent and received, all uploaded photos and voice notes, your Trust Score and feedback history, and your subscription records.

Audit logs and records required for legal compliance, fraud prevention, or active dispute resolution may be retained for up to 7 years in accordance with applicable law.

Section 09

Children's Privacy

Meetfleet is intended exclusively for users who are 18 years of age or older. We do not knowingly collect personal data from anyone under 18. If you become aware that a minor has created an account, please report it immediately using the in-app report system (Report → Underage User). We will investigate and terminate the account promptly.

Section 10

Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right of Access ·Request a copy of the personal data we hold about you
• Right to Rectification ·Correct inaccurate or incomplete data
• Right to Erasure ·Request permanent deletion of your data (via in-app account deletion)
• Right to Restriction ·Request that we limit processing of your data in certain circumstances
• Right to Object ·Object to processing based on legitimate interests
• Right to Data Portability ·Receive your data in a structured, machine-readable format
• Right to Withdraw Consent ·Withdraw consent at any time where processing is based on consent

California residents have additional rights under the CCPA including the right to know what personal information is collected, the right to opt out of sale (we do not sell data), and the right to non-discrimination for exercising privacy rights.

To exercise any of these rights, contact us at support@meetfleet.app. We will respond within 30 days.

Section 11

Cookies & Local Storage

The Meetfleet mobile app does not use browser cookies. We use device-local storage (AsyncStorage, SecureStore) to cache session tokens, passkey credentials, and location geocode data to improve performance. This data remains on your device and is cleared when you log out or delete the app.

Section 12

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via in-app notification and/or email at least 14 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.