Privacy Policy

Introduction

Nearblink values your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and safeguard your information when you use Nearblink (the "App"), a social media platform designed to connect people based on their current location and interests. Nearblink is available on iOS and Android devices through the Apple App Store and Google Play Store.

This Privacy Policy complies with applicable U.S. laws, including the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) for our European users. By using Nearblink, you agree to the collection and use of your information as described below. If you do not agree, please do not use the App.

1. Information We Collect

We collect information to provide, personalize, and improve Nearblink's functionality. The information we collect includes:

1.1 Information You Provide

• Account Information: When you create an account, we collect your full name, email address, social media links (if provided), and any preferences you set.
• User Content: Content you create or share, such as posts, comments, or messages within the App.
• User Feedback: Feedback or inquiries you submit to us, including your name and email address.
• Location Data: Your location when you enable location services to connect with nearby users. Important: We use geohashing technology (GeoFire) which rounds your location to approximately 150 meters (~500 feet) precision. Other users see your approximate location, not your exact GPS coordinates. Location accuracy varies based on your device's GPS capabilities (typically 3 meters to 100+ meters in poor conditions).

1.2 Information Collected Automatically

• Device Information: Information about your device, including device ID, IP address, operating system, mobile network details, and unique device identifiers.
• Advertising Identifiers: With your consent, we collect IDFA (iOS Identifier for Advertisers) or GAID (Google Advertising ID) for personalized advertising. You can opt out through your device settings.
• Usage Data: Data about your interactions with the App, such as features used, pages viewed, session duration, and click patterns.
• Tracking Technologies: We use cookies and similar technologies to track usage and deliver personalized content or ads.
• Push Notifications: If enabled, we collect notification tokens, delivery status, interaction data (opens, dismissals), and use this data to send notifications about messages, nearby activity, and app updates.
• Cross-App Tracking: Only with your explicit consent (iOS 14.5+), we may track activity across apps and websites for advertising purposes.
• Background Activity: On Android devices, we may collect location data in the foreground when the app is active. The app may start automatically on device boot to maintain notification services.
• Crash and Error Data: Automatic collection of app crashes, errors, and performance metrics through Sentry, including device state, stack traces, and user actions leading to the error.

1.3 Information from Third Parties

• Third-Party Services: If you link your Nearblink account to social media platforms or other third-party services, we may collect your name, email, or profile information from those services, subject to their privacy policies.
• Analytics and Payment Providers: We receive aggregated or anonymized data from third-party providers (e.g., Google Analytics for usage metrics, Stripe for payment processing).

1.4 Camera and Photo Access

When you grant camera or photo access:

• Photos You Share: Profile pictures and images you post are uploaded to our secure Firebase servers
• Metadata Handling: We strip EXIF data (location, camera info) from photos before storing for your privacy
• No Facial Recognition: We do not use facial recognition or biometric analysis on your photos
• Storage Duration: Photos are stored while your account is active, plus 30 days after deletion for recovery
• Photo Access: We only access photos you explicitly choose to upload, never your entire photo library
• Compression: Images may be compressed to optimize storage and loading times

1.6 Device Fingerprinting and Security Identifiers

To maintain platform safety and enforce our Terms of Service, we collect and store device-level identifiers:

• Device IDs: We track up to 10 unique device identifiers per user account to prevent ban evasion and protect our community.
• Device-Level Bans: If your account is banned for Terms violations, the ban may apply to all devices associated with your account. Attempting to create new accounts from banned devices constitutes a further Terms violation.
• Security Purpose: This data is used solely for enforcing bans, preventing abuse, and protecting user safety. It is not used for advertising or sold to third parties.
• Retention: Device identifiers for active accounts are retained while the account exists. For banned accounts, device identifiers may be retained indefinitely to prevent ban evasion.

2. How We Use Your Information

We use your information to provide, enhance, and promote Nearblink's services, including:

To Provide and Maintain the App:

• Enable account creation, login, and profile customization
• Connect you with nearby users based on your location and interests
• Facilitate user interactions through posts, messages, or other content
• Process in-app purchases via Stripe

To Personalize Your Experience:

• Recommend connections or content based on your location, interests, and usage
• Deliver push notifications about nearby users or App activity (if enabled)

To Improve the App:

• Analyze usage data to optimize features, fix bugs, and enhance performance
• Use Google Analytics to understand App metrics and user trends

For Marketing and Advertising:

• Deliver personalized ads based on your interests and usage
• Send promotional messages or newsletters about Nearblink or related services

To Communicate with You:

• Respond to your feedback or support requests
• Send important updates about the App, such as policy changes or service interruptions

To Comply with Legal Obligations:

• Fulfill requirements under applicable laws, such as CCPA compliance or tax reporting

2.1 Automated Content Moderation

To protect our community, we use automated systems to review content and user behavior:

• Automatic Content Removal: Content containing threats of violence, child safety concerns, or illegal activity may be automatically flagged and removed.
• Report-Based Actions: Users who receive 8 or more reports within a week, or 15 or more reports within a month, may be subject to automatic account suspension pending review.
• Appeal Process: If your account is suspended, you may appeal within 14 days by emailing appeals@nearblink.com. Appeals are reviewed by our moderation team and you will receive a response within 10 business days.
• Moderation Data: We retain records of content moderation actions, including reports received, actions taken, and appeal outcomes.

3. How We Share Your Information

We do not sell your personal information under the definition of "sale" in the CCPA. However, we may share your information as follows:

3.1 With Third-Party Service Providers

We share limited data with trusted third-party providers to operate Nearblink:

Core Infrastructure

• Firebase (Google): Backend infrastructure including authentication, database, cloud storage for photos, and cloud messaging for push notifications
• Firebase App Check: Security service that protects our backend from abuse and unauthorized access
• Google Maps: Provides mapping and location visualization features
• GeoFire: Location geohashing technology that converts your coordinates into approximate location cells (~150 meter precision) for privacy-preserving proximity features

Email Communications

• Resend: Email delivery service used to send transactional and marketing emails. When you create an account, your email address and name are added to our Resend mailing list for:
  • Welcome emails and account notifications
  • Subscription confirmations and billing updates
  • Account suspension/ban notifications
  • Marketing communications and newsletters (you may unsubscribe at any time)
  Data shared with Resend: email address, first name, account status. For more information, see Resend's Privacy Policy.

Security and Bot Protection

• Google reCAPTCHA v3: We use reCAPTCHA to protect against spam, bots, and automated abuse. reCAPTCHA collects:
  • IP address and approximate location
  • Browser and device information
  • Mouse movements and scrolling behavior
  • Keystrokes and typing patterns
  • Time spent on pages and interaction patterns
  This data is sent to Google to generate a risk score. reCAPTCHA is essential for security and cannot be disabled. For more information, see Google's Privacy Policy and Terms of Service.

Analytics and Monitoring

• Google Analytics: Collects aggregated usage data to analyze app performance and user trends
• Sentry: Monitors app crashes, errors, and performance issues. Collects device info, stack traces, and breadcrumbs of user actions leading to errors
• Mixpanel: Advanced analytics for understanding user behavior, feature adoption, and engagement patterns

Payment Processing

• Stripe: Processes credit card payments securely (PCI compliant), we never see your full card details
• RevenueCat: Manages subscriptions across iOS and Android, handles billing cycles and receipt validation
• Apple App Store / Google Play Store: Process in-app purchases and subscriptions through platform billing

Advertising (Free Tier Only)

• Google AdMob: Primary ad network that displays personalized or contextual advertisements
• Additional Ad Networks via SKAdNetwork: Through AdMob mediation, ads may be served by Meta, Unity Ads, AppLovin, ironSource, Vungle, and 45+ other certified ad networks

All service providers are contractually required to protect your data and use it solely for the purposes we specify. They must comply with applicable privacy laws including GDPR and CCPA.

3.2 Advertising and Analytics

We use Google AdMob to display advertisements in our free tier. Depending on your tracking preferences:

With Tracking Permission (Personalized Ads):

• AdMob collects your IDFA (iOS) or Advertising ID (Android)
• Creates interest profiles based on app usage across multiple apps
• Shows ads tailored to your interests and demographics
• May share data with advertising partners including Google, Facebook, and other ad networks
• Uses cross-app tracking to improve ad relevance

Without Tracking Permission (Non-Personalized Ads):

• Shows generic ads based only on app context (social networking category)
• No IDFA or Advertising ID collection
• No cross-app tracking
• No personal profiles created
• Basic geographic targeting only (country/language level)

Advertising Partners and SDKs:

Our app participates in SKAdNetwork for privacy-preserving ad attribution. Advertising partners include:

The full list of SKAdNetwork identifiers is available in our app configuration. These partners only receive attribution data when you interact with their ads, and this data is anonymized by Apple's privacy framework.

To manage your advertising preferences:

• iOS 14.5+: You'll see an App Tracking Transparency prompt when you first launch the app
• iOS Settings: Settings → Privacy & Security → Tracking → Allow Apps to Request to Track
• Android: Settings → Google → Ads → Opt out of Ads Personalization

For more information about how Google uses your data, visit: https://policies.google.com/privacy

3.3 With Social Media or Third-Party Integrations

If you link Nearblink to social media platforms or other services, we may share limited data (e.g., profile information) to enable those integrations, subject to your consent and the third party's privacy policy.

3.4 For Legal Reasons

We may disclose your information if required by law, such as to comply with a subpoena, court order, or other legal process, or to protect the rights, property, or safety of Software Harbor LLC, our users, or others.

3.5 In Business Transfers

If Nearblink is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4. App Tracking Transparency (iOS 14.5+)

What is App Tracking Transparency?

Starting with iOS 14.5, Apple requires apps to request your permission before tracking your activity across apps and websites owned by other companies. When you first launch Nearblink, you'll see a prompt asking for permission to track.

What happens when you allow tracking?

• We can show you personalized ads based on your interests
• Ads are more relevant to your preferences and activities
• We can measure ad campaign effectiveness
• Your IDFA (device identifier) is shared with advertising partners
• This helps keep Nearblink free for all users

What happens when you deny tracking?

• The app continues to work normally - all features remain available
• You'll still see ads, but they won't be personalized
• Ads will be contextual (based on app category) rather than based on your interests
• Your IDFA is not collected or shared
• No cross-app tracking occurs
• We cannot measure specific ad performance tied to your device

How to change your tracking preference

You can change your choice at any time:

• iOS: Go to Settings → Privacy & Security → Tracking → toggle Nearblink on/off
• Android: Go to Settings → Google → Ads → Opt out of Ads Personalization

5. Android-Specific Permissions

On Android devices, Nearblink requests the following permissions to function properly:

Location Permissions

• ACCESS_FINE_LOCATION & ACCESS_COARSE_LOCATION: Required to connect you with nearby users and show local content
• FOREGROUND_SERVICE_LOCATION: Allows location updates while the app is visible on screen
• Note: We do NOT request or use background location access for privacy reasons

System Permissions

• FOREGROUND_SERVICE: Keeps the app responsive while you're actively using it
• RECEIVE_BOOT_COMPLETED: Allows the app to restore notification services after device restart
• VIBRATE: Provides haptic feedback for notifications and interactions
• INTERNET: Required for all online features and connectivity

Advertising & Payments

• AD_ID (com.google.android.gms.permission.AD_ID): Used for personalized advertising (can be disabled in settings)
• BILLING (com.android.vending.BILLING): Required for in-app purchases and subscriptions through Google Play

Permissions We DON'T Request

For your privacy, we specifically block:

• READ_MEDIA_IMAGES & READ_MEDIA_VIDEO: We don't access your photo gallery directly
• ACCESS_BACKGROUND_LOCATION: We don't track your location when the app is closed
• READ_CONTACTS: We don't access your contact list
• RECORD_AUDIO: We don't use your microphone

6. Your Rights and Choices

As a Nearblink user, you have rights regarding your personal information, particularly under the CCPA if you are a California resident:

• Access: Request a copy of the personal information we hold about you.
• Correction: Update or correct inaccurate or incomplete data.
• Deletion: Request deletion of your personal information, subject to legal retention requirements.
• Non-Discrimination: We will not discriminate against you for exercising your rights.

To exercise these rights, contact us at info@nearblink.com. We will verify your identity and respond within 45 days, as required by the CCPA.

You can also manage your data preferences:

• Location Services: Enable or disable location sharing in your device settings or App preferences.
• Push Notifications: Opt out of notifications via App or device settings.
• Advertising: Limit ad tracking through your device settings (e.g., "Limit Ad Tracking" on iOS, "Opt Out of Ads Personalization" on Android).
• Account Deletion: Delete your account through the App, which will remove your personal information, except where we are required to retain it by law.

Nearblink uses your data for marketing and personalized ads, and we do not currently offer an opt-out for these non-essential purposes within the App. However, you can manage ad personalization through your device settings.

6.1 Data Export (Right to Portability)

You may request a copy of your personal data at any time by contacting info@nearblink.com. Your data export will include:

• Account information (name, email, preferences)
• Content you created (posts, messages, comments)
• Account activity history
• A README file explaining the data format

Export Process:

• We will prepare your export within 30 days of your verified request
• Data is provided in JSON format for machine readability
• Download links remain active for 30 days after generation
• We maintain a record of export requests for auditing purposes
• One export request per 30-day period to prevent abuse

7. Data Security

We use industry-standard security measures to protect your information, including:

• Access Controls: Limiting access to your data to authorized personnel only.
• Security Rules: Implementing rules to safeguard data stored on Firebase and other systems.

While we strive to protect your data, no system is 100% secure. In the event of a data breach, we will notify affected users and relevant authorities as required by law.

7.1 Security Audit Logging

To maintain platform integrity and support abuse investigations, we maintain permanent security audit logs including:

• Moderation Actions: Records of content removals, warnings issued, and account suspensions/bans
• Account Security Events: Login attempts, password changes, and suspicious activity flags
• Appeal Records: Documentation of appeals submitted and their outcomes
• Device Associations: Records of devices linked to accounts for ban enforcement

These logs are retained permanently for security purposes and may be disclosed to law enforcement when legally required. They are not used for marketing or advertising purposes.

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide Nearblink's services. If you delete your account, we will remove your personal information, except where we are required to retain it for legal purposes (e.g., tax reporting or dispute resolution). You may request deletion of your data at any time by contacting us or using the account deletion feature in the App.

9. Consent and Onboarding

Initial Setup and Permissions

When you first launch Nearblink, we request various permissions to enable app functionality. Here's what we ask for and why:

App Tracking Transparency (iOS 14.5+)

• When asked: On first launch or when accessing features that involve ads
• Purpose: To show personalized ads based on your interests
• Your choice: Allow or deny - the app works fully either way
• Change later: iOS Settings → Privacy & Security → Tracking

Location Services

• When asked: When you try to find nearby users or businesses
• Purpose: Core functionality - connecting you with people nearby
• Options: While Using App, Always Allow, or Don't Allow
• Impact: Without location, you cannot use location-based features

Push Notifications

• When asked: After account creation
• Purpose: Alert you about nearby connections and messages
• Your choice: Allow or don't allow - you can still use the app
• Change later: Device settings → Notifications → Nearblink

Camera and Photos

• When asked: When you try to upload a profile photo or share images
• Purpose: To let you personalize your profile and share content
• Your choice: Grant access only when needed

Withdrawing Consent

You can withdraw your consent for any data processing at any time:

• In-app: Go to Settings → Privacy → manage your preferences
• Device level: Use your device's privacy settings to revoke permissions
• Account deletion: Permanently remove all your data by deleting your account
• Contact us: Email info@nearblink.com to request specific consent changes

Note: Withdrawing consent for certain core features (like location for a location-based app) may limit functionality, but we will never penalize you or degrade your experience for exercising your privacy rights.

10. Third-Party Links and Integrations

Nearblink may include links to third-party websites, social media platforms, or services. These third parties have their own privacy policies, and we are not responsible for their practices. We encourage you to review their policies before engaging with them.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the CCPA:

• Right to Know: You can request details about the categories of personal information we collect, use, disclose, or share, and the purposes for these activities.
• Right to Delete: You can request deletion of your personal information, subject to exceptions.
• Right to Opt-Out of Sale: We do not sell your personal information as defined by the CCPA, so this right does not apply.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a verifiable consumer request, contact us at info@nearblink.com. We may require identity verification to process your request.

11.5 Additional State Privacy Rights

If you are a resident of the following states, you have additional rights under their respective privacy laws:

Virginia (VCDPA)

Virginia residents have rights to access, correct, delete, obtain a copy of personal data, and opt out of targeted advertising, sale of personal data, and profiling.

Colorado (CPA)

Colorado residents have rights to access, correct, delete, obtain a portable copy of personal data, and opt out of targeted advertising, sale of personal data, and profiling that produces legal or similarly significant effects.

Connecticut (CTDPA)

Connecticut residents have rights to access, correct, delete, obtain a copy of personal data, and opt out of targeted advertising, sale of personal data, and profiling.

Utah (UCPA)

Utah residents have rights to access, delete, obtain a portable copy of personal data, and opt out of targeted advertising and sale of personal data.

12. European Union Privacy Rights (GDPR)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing

We process your data based on:

• Consent: For location data, marketing communications, and personalized ads
• Contract: To provide the Nearblink service you requested
• Legitimate Interests: For improving our service, security, and fraud prevention

Your GDPR Rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Opt out of certain processing activities
• Right to Withdraw Consent: Withdraw previously given consent at any time

International Data Transfers

Your data may be transferred to and processed in the United States, where our servers are located. We ensure appropriate safeguards are in place for such transfers, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements (DPAs) with all service providers
• Technical and organizational measures to protect your data
• Compliance verification of all third-party processors

Data Protection Officer

For GDPR inquiries, you can contact our data protection team at:

• Email: privacy@nearblink.com or info@nearblink.com
• Subject Line: GDPR Request - [Your Country]
• Response Time: Within 30 days as required by GDPR

Data Processing Agreements

We maintain Data Processing Agreements with all third-party processors including:

• Google (Firebase, Analytics, AdMob) - Uses Google's standard DPA
• Stripe - PCI DSS compliant with EU data processing addendum
• Sentry - GDPR compliant with EU data hosting option
• RevenueCat - Standard DPA available upon request
• Mixpanel - EU data residency option available

Your Right to Complain

If you're not satisfied with how we handle your data, you have the right to lodge a complaint with your local supervisory authority. Find your authority at: https://edpb.europa.eu

13. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

• Notify affected users within 72 hours of becoming aware of the breach
• Provide information about the nature of the breach and potential consequences
• Describe measures taken to address the breach and mitigate harm
• Provide recommendations for protecting your information

If you suspect unauthorized access to your account, immediately change your password and contact us at info@nearblink.com.

14. Biometric Data and Photos

If you upload photos to your profile or posts:

• Photos are stored securely on Firebase servers
• We do not use facial recognition or extract biometric identifiers
• You can delete your photos at any time through the app
• Photos are retained for 30 days after account deletion for recovery purposes

We do not sell, lease, or trade your photos or any biometric data.

15. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or App features. We will notify you of significant changes by:

• Posting the updated policy in the App or on our website
• Sending an in-app notification or email

The updated policy will take effect on the "Effective Date" listed at the top. Your continued use of Nearblink after the effective date constitutes your acceptance of the revised policy.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

For CCPA requests, use the above email to submit verifiable consumer requests. We are here to assist you with any privacy-related inquiries.

Thank you for using Nearblink. We are committed to protecting your privacy and providing a safe, enjoyable experience.