← Back to ConnectIRL

Privacy Policy

This Privacy Policy explains how ConnectIRL and its affiliates ("ConnectIRL," "we," "us," or "our") collect, use, disclose, and protect personal information when you use the ConnectIRL mobile application, the website at https://connectirl.app, and related services (together, the "Service"). By using the Service, you agree to this Policy and to our Terms of Service. If you do not agree, do not use the Service.

ConnectIRL is an opt-in, real-world proximity social app for adults. Its design principle is simple: you only ever appear to other people who chose to be seen too, and only while you choose to be discoverable. Much of this Policy describes not only what we collect, but the many things we deliberately do not collect or do.

1. Who we are and how to reach us

The data controller/business responsible for your personal information is ConnectIRL, United States. For any privacy question or to exercise your rights, contact us at privacy@connectirl.app. See also our Contact page and, if you are a U.S. state resident, our U.S. State Privacy Notice.

2. A quick summary

3. Information we collect

We collect the following categories of personal information:

3.1 Information you provide

DataWhy we collect it
Email addressTo create and secure your account, sign you in, prevent duplicate accounts, and contact you about your account.
Authentication credential — a password you choose, or a sign-in through Google or Facebook, or a one-time email codeTo verify it is you. Passwords are stored only in salted, hashed form by our authentication provider; we never see or store your plaintext password. If you sign in with Google or Facebook, we receive basic profile information they provide (such as name and profile photo) per your settings with them — we do not receive your third-party password.
Age confirmation (that you are 18 or older)The Service is for adults only. We do not knowingly create accounts for anyone under 18.
Display name and profile photoThis is what nearby users see when you are discoverable. You choose and can change or remove them.
Optional self-declared genderOptional. Used only for an optional profile label and the viewer-side "Show me" filter. Never inferred from your photo or any other signal.
Social links (for example Instagram, TikTok, X, LinkedIn)Provided only by you — via an official connection (OAuth) or by typing a handle/URL. Shown to others only according to the visibility you set. We store the handle/link you give us; we do not import or store content from those platforms.
Support messages and correspondenceTo respond to you and keep records of support and safety matters.

3.2 Information created when you use the Service

DataWhy we collect it
Approximate location — only while the app is open and you are discoverable (not paused), or when you run a nearby scanTo compute who is near you. Captured with your device permission, in the foreground only. See Section 5 for the full location lifecycle. It is never shown to anyone as coordinates and is deleted quickly.
Push notification tokenTo send notifications about connection requests and approvals only — never about who viewed you or who is nearby.
Device and technical information (for example a device identifier, app version, platform, and IP address)To keep the Service secure, enforce rate limits, detect and prevent abuse and ban-evasion, and diagnose problems.
Aggregate usage analyticsCounts only (for example how many people viewed your profile in total). These carry no coordinates, no viewer identity, and no personal content. They power the aggregate stats you see about your own profile.
Security and operational logsTo investigate abuse reports, enforce our rules, and protect the Service. These never contain your coordinates.

4. What we do NOT collect or do

5. How location works (the full lifecycle)

Location is the most sensitive data we handle, so here is exactly how it is treated:

6. How we use information

Where required by law, our legal bases for processing include performing our contract with you, your consent (for example for location access and optional marketing), our legitimate interests in operating and securing the Service, and compliance with legal obligations.

7. How we share information

We do not sell your personal information. We share it only as follows:

We may also share aggregated or de-identified information that cannot reasonably be used to identify you.

8. How long we keep information

DataRetention
Current location recordUp to 60 minutes; deleted immediately on pause, invisible mode, or account deletion.
Presence/session metadata (no location)Up to 90 days, then deleted (aggregate counts may persist).
Profile, photo, social links, connectionsUntil you delete them or delete your account.
Security and abuse logs; safety recordsUp to 180 days for routine logs; records tied to enforcement or legal obligations may be kept up to 2 years, or longer where the law requires.
BackupsPurged on a rolling basis after deletion propagates.

9. Your choices and rights

10. Security

We protect information using data minimization (what we do not collect cannot leak), encryption in transit, strict server-side access controls including row-level security, and sensitive data (such as location) that is reachable only through secure server functions and never by direct client access. No system is perfectly secure, so we cannot guarantee absolute security, but we design the Service to limit what could ever be exposed.

11. Children

The Service is strictly for adults 18+ and is not directed to children. We do not knowingly collect personal information from anyone under 18. If we learn that an account belongs to someone under 18, we will suspend and delete it. If you believe a minor is using the Service, contact safety@connectirl.app.

12. International users and data transfers

The Service is operated from, and information is processed and stored in, the United States and other countries where our service providers operate. If you access the Service from outside the United States, you understand your information will be transferred to and processed in the United States, which may have different data-protection laws than your country. Where required, we rely on appropriate safeguards for such transfers.

13. Third-party links and platforms

The social links users share lead to third-party platforms with their own privacy practices, which we do not control. Following a link, and anything that happens on that platform, is governed by that platform's terms and privacy policy, not ours.

14. Changes to this Policy

We may update this Policy from time to time. If we make a material change, we will provide notice (for example in the app or on this site) before it takes effect where required. Continued use of the Service after an update means you accept the revised Policy.

15. Contact

Questions or requests: privacy@connectirl.app or ConnectIRL, United States.