Privacy Policy

Last updated:

1. Introduction

mapdap OÜ ("we," "our," or "us") respects your privacy and is committed to handling your information responsibly. We are a private limited company (osaühing) registered in Estonia under Registry Code 17400755, with registered address at Harju maakond, Tallinn, Kesklinna linnaosa, Tornimäe tn 5, 10145. This Privacy Policy explains, in general terms, how we collect, use, share, and safeguard information when you use our mobile application, website, and related services (collectively, the "Service").

2. Information We Collect

We collect information you provide directly to us, information generated through your use of the Service, and information from third parties that help us operate the Service. The categories of information we may collect include:

  • Identity & Account Data: such as name, username, date of birth, and authentication identifiers (typically a phone number, since most features of the Service require a verified phone number to use).
  • Contact Data: such as email address and phone number.
  • Profile Data: such as your bio, profile photos, interests, preferences, and any social handles or feedback you choose to share.
  • Location Data: precise and/or approximate location information, including geocoded references such as place codes, to enable core features of the Service (for example, anchoring posts to a place, surfacing nearby content, and connecting you with people in your area). Where you grant the relevant permission, we may receive limited location updates while the app is in the background so the Service can recognize when you have moved between areas.
  • Content Data: posts, photos, videos, comments, and chat messages you create or send through the Service, together with any place you tag, the time of posting, and basic metadata.
  • Communications & Support Data: messages you send to us, reports you submit about other users or content, and your interactions with our support channels.

We also automatically collect certain information when you use the Service, including:

  • Usage Data: information about how you interact with the Service, such as features used, screens viewed, and approximate session timing.
  • Device Data: information about your device, such as device type, operating system, app version, language, network information, and identifiers used for app functionality, push notifications, and security.
  • Diagnostic & Analytics Data: anonymized or pseudonymized event data, performance information, and crash reports used to understand and improve the Service.

3. Verified-Phone Requirement

To help keep mapdap safe, we require users to verify a phone number before they can post vibes, comment, or take part in chats. This applies even when an account is created with email or another sign-in method. We use this requirement to discourage abuse, support trust between users, and assist us in handling reports and lawful requests from competent authorities.

4. How We Use Your Information

We use the information we collect to:

  • Provide, operate, secure, and improve the Service.
  • Personalize your experience and surface content that is relevant to your location and interests.
  • Connect you with other users and support social features.
  • Verify identity (including phone-number verification) and prevent fraud, spam, abuse, and harm.
  • Process subscriptions and related transactions through the relevant app store.
  • Send you service-related messages, security alerts, and (where you have agreed) other communications.
  • Comply with our legal obligations, enforce our Terms, and respond to lawful requests.
  • Conduct analytics and research to understand and improve the Service.

5. How We Share Information

We may share information in the following general categories. We do not sell your personal information.

  • Service Providers: trusted third parties that help us operate the Service. The principal providers we currently rely on are Amazon Web Services (cloud hosting, storage, and website hosting), MongoDB Atlas (database hosting), Cloudflare (network security, content delivery, and bot protection), Apple Inc. (Sign in with Apple, push notifications, and App Store services), Twilio (phone verification and messaging), Brevo (transactional email), IPGeolocation.io (location lookup), Sentry (web crash diagnostics and error reporting), Firebase (mobile push notifications, crash diagnostics, and analytics SDK), PostHog (product analytics, feature flags, and session replay), and Google Analytics (audience attribution and reporting). These providers are only allowed to use your information to perform services for us, under appropriate contractual safeguards.
  • App Stores & Payment Platforms: platforms such as Apple's App Store handle subscription purchases, billing, and related transactions on our behalf and process information in accordance with their own terms and policies.
  • Legal & Safety: we may share or disclose information where we believe in good faith that doing so is necessary to comply with applicable law, valid legal process, or a lawful request from a competent authority (including authorities in jurisdictions where you access or use the Service); to enforce our Terms; to protect the rights, safety, or property of mapdap, our users, or others; or to investigate fraud, abuse, or violations of our policies. Where local law permits and where it is appropriate to do so, we will notify you of a request.
  • Business Transfers: if we are involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction.
  • With Your Direction or Consent: we may share information in other ways that you direct or consent to.

Posts, profile information, and other content you choose to share publicly through the Service may be visible to other users and, depending on your settings, to the wider public.

6. International Operations

mapdap operates internationally. Your information may be processed and stored in countries other than the one in which you live, including in the European Union and other locations where we or our service providers maintain facilities. Where required, we put in place appropriate safeguards (such as contractual protections) for transfers across borders.

7. Data Retention

We keep your information for as long as we reasonably need it to provide the Service to you, comply with our legal and regulatory obligations, resolve disputes, prevent abuse, and enforce our agreements. Retention periods may vary depending on the type of information and the purpose for which it was collected. When we no longer need information, we will delete or anonymize it, or, if that is not feasible, securely store it until deletion is possible.

8. Your Rights & Choices

Depending on where you live, you may have rights in relation to your personal information. Where applicable law gives you these rights, we aim to take reasonable steps to honor them.

Subject to applicable law, you may have the right to:

  • Access, update, or correct the information we hold about you.
  • Request deletion of your account and associated personal information, subject to certain exceptions.
  • Object to or restrict certain processing of your information.
  • Request a portable copy of certain information.
  • Withdraw consent at any time where we rely on consent to process your information.
  • Lodge a complaint with your local data protection authority (for users in the European Economic Area or the United Kingdom).

9. Security of Information

We use reasonable technical and organizational measures designed to protect your information, including encryption of data in transit and at rest using industry-standard methods, access controls, and ongoing monitoring. No method of transmission over the Internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Service is not intended for children under 16, and we do not knowingly collect personal information from anyone under 16. Our account creation process — which requires users to provide and verify contact information such as a phone number or email address, and to confirm they meet our minimum age requirement — is one of the measures we use to support this restriction. If you are a parent or guardian and believe a child under 16 has provided us with personal information, please contact us and we will take appropriate steps to address the matter.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the date at the top of this page and, where appropriate, provide additional notice. Your continued use of the Service after changes become effective constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your information, please contact us at support@mapdap.com.