Privacy Policy

Overview

This policy explains how the Places application ("we" or "our") collects, uses, and protects personal data when you access the web client and its related APIs. By signing in or using the service you consent to the practices described below.

Data We Collect

• Phone number when you use phone-based authentication (one-time passcodes, OTPs) or when you provide it for account recovery or notifications.
• We may record OTP delivery metadata (timestamp, delivery status) to diagnose authentication issues and prevent abuse.
• Name, email address, profile photo, and provider ID returned by Google or Facebook OAuth.
• Place submissions, reviews, photos, favorites, and moderation decisions you create in the app.
• Audit information (timestamps, IP address, user agent) recorded for security and compliance.

Community Posts & Public Visibility

Community posts are public by default. Any text, image, video, or other content you publish as a community post is visible to everyone — including users who are not logged in, search-engine crawlers, and visitors who arrive via a shared link on social media (Facebook, Instagram, WhatsApp, X/Twitter, Snapchat, etc.). Do not post content you do not want the public to see.

• Location — each post is tagged with the approximate location you provided. This location is stored and may be shown alongside the post content to other users.
• Anonymous mode — you may publish a post anonymously. In that case your name is hidden from public view, but your user account, IP address, and post metadata are still recorded internally and may be disclosed to law-enforcement as described in the Law Enforcement & Legal Disclosure section above.
• Cross-region promotion — popular posts (measured by likes, comments, and shares) may be surfaced to users in other cities, regions, or countries. A post that reaches a high enough engagement score can appear in the feeds of users anywhere in the world.
• Social sharing & link previews — when your post's link is shared on a social-media platform, that platform's crawler fetches the page to generate a link-preview card containing your post content and image. We have no control over how third-party platforms store or display this preview data.
• View counting — every time someone opens a shared post link (regardless of which platform they came from) a view is recorded against the post.

If you want to remove a community post, you can delete it at any time from your profile. Deletion removes the post from all public feeds immediately, but content that was already cached or shared externally may persist on third-party platforms beyond our control.

How We Use Your Data

• Use phone numbers to send one-time passcodes (OTPs) for authentication and for account recovery when requested.
• Share phone numbers only with third-party providers when required to deliver OTPs or messages, and only under confidentiality agreements.
• Authenticate you and keep your session active via secure cookies.
• Show your contributions (places, reviews, photos) to other users.
• Enforce community guidelines and protect the platform from abuse.
• Generate anonymous analytics about feature adoption (only if you consent to optional cookies).

Cookies & Consent

When you first visit Places we display a cookie banner explaining the optional analytics cookies we use. Essential cookies stay on to keep you logged in, but analytics are opt-in. You can open the Cookie Preferences dialog at any time from the header or footer to update your choice. Your selection is stored locally and synced before we load any analytics script (Google Analytics via Google Tag Manager). If you reject or withdraw consent we immediately disable analytics collection.

Storage & Retention

Account data, including phone numbers provided for authentication, are stored securely. We retain phone numbers while your account is active and for a reasonable time afterward to comply with legal obligations and to prevent fraud. If you delete your account, we will remove your phone number and associated personal data within a reasonable timeframe unless retention is required by law.

Audit logs (records of actions such as logins, place creation, phone views, and navigation events) are retained for a minimum of 90 days and may be retained for longer where required by law, regulation, or an active legal hold. Audit logs are stored in encrypted, access-controlled storage and are reviewed only by authorised personnel or in response to verified legal requests.

Law Enforcement & Legal Disclosure

We may disclose account data, activity logs, IP addresses, and any other retained information to:

• Law enforcement agencies acting under a valid court order, search warrant, or lawful government request.
• Regulatory authorities enforcing applicable data-protection or cyber-crime statutes.
• Other parties where disclosure is required to protect the safety of any person, prevent fraud, or satisfy a legal obligation we are subject to.

Legal Hold on Deletion Requests. If we receive a verified legal demand (court order, preservation notice, or equivalent) before or after a user submits a deletion request, we will pause or cancel the deletion of the relevant data and apply a legal hold until the obligation is resolved. This is consistent with GDPR Article 17(3)(b) (legal claims), DPDP Act 2023 Section 8(7), and equivalent provisions under CCPA, LGPD, and PDPA.

What data we can provide. Subject to a valid legal process we can supply: account identifiers, registration dates, email / phone used at sign-up, IP addresses and user-agent strings recorded at login and key actions (audit logs), place listings, community posts, and messaging metadata.

Law enforcement agencies may contact us at [email protected] with the subject line "Law Enforcement Request". We will verify the identity of the requesting agency and respond through proper legal channels.

We rely on Google and Facebook only for OAuth authentication. We do not sell or share your personal information with advertisers or unrelated third parties. Infrastructure providers (e.g., hosting, storage) only process data on our behalf under contractual safeguards.

Your Rights

• Access: request a copy of the personal data we store about you.
• Correction: ask us to update inaccurate profile information.
• Deletion: request that we remove your account and associated data.

You can trigger export or deletion requests directly from the in-app Privacy Center or email [email protected] from the address tied to your account. We respond to every request within 30 days.

GDPR & EU Data Subject Rights

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR), including the right to access, rectify, erase, restrict processing of, or obtain a copy of your personal data. You can exercise these rights through the in-app Privacy Center (see the Data Deletion & GDPR Request page) or by contacting us at [email protected]. We will handle your request in accordance with GDPR requirements and respond within the timeframe required by applicable law.

Push Notifications

We offer optional browser push notifications to deliver real-time updates such as message alerts and moderation notices. When you opt in, we store a Push Subscription record that includes the subscription endpoint and the encryption keys (p256dh and auth). If you are authenticated we may also associate the subscription with your user id so we can target your devices.

The VAPID public key is exposed to the browser so it can subscribe; the VAPID private key is kept secret on our servers and is never shared. We only use push subscriptions to deliver notifications and do not include notification content in long-term logs. Subscriptions are retained until you unsubscribe, delete your account, or the subscription becomes invalid (we remove entries that consistently fail delivery).

Legal basis: we rely on your consent for optional notifications. For urgent, service-critical notifications we may rely on legitimate interest where permitted and clearly communicated. You can revoke permission in your browser settings or unsubscribe from the profile page at any time.

To stop receiving push notifications, open your browser's site settings to revoke permission, or visit your profile and unsubscribe. If you need assistance, contact [email protected] and include the device/browser details.