🔐 Privacy Policy

Effective Date: 21 May 2025
Last Updated: 21 May 2025

1. Introduction

Welcome to Friends of Friendz, a platform operated by ALL CAPPS LTD, a UK-registered company (Company No: 15595753) with its registered address at 6 Freya Court, 162 Lea Bridge Road, London, London, United Kingdom, E10 7NU. We help people find compatible flatmates and properties while prioritizing privacy and transparency. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our app, website, and related services.

2. What Data We Collect

a. Personal Data

  • Name, age, gender, location
  • Mobile number (used for registration and login via SMS)
  • Photos and basic profile details
  • Optional sensitive information (e.g., lifestyle preferences, sexuality)

⚠️ Sensitive data is never required and can always be hidden from public view in profile settings.

b. Profile & Matchmaking Data

  • Flatmate/property preferences
  • Compatibility factors
  • Reviews and other content you submit

c. Usage Data

  • App interactions (screens, session time)
  • Device and log data (via Firebase)
  • In-app chat metadata (not content)

d. Analytics

  • Crash reports
  • Feature usage via Firebase Analytics

3. Legal Basis for Processing

Depending on your jurisdiction, we rely on the following legal grounds:

Consent

Optional data (e.g., sensitive fields, analytics)

Contractual Necessity

Core services like matching and chat

Legal Obligations

Fraud prevention, compliance

Legitimate Interests

Improving app functionality and security

4. How We Use Your Data

  • Operate and improve the platform
  • Facilitate flatmate/property matching
  • Personalize the experience (when consent is given)
  • Communicate via SMS or app notifications
  • Comply with legal obligations

🛠 You can control most of your data sharing preferences via the in-app Privacy Settings.

5. Automated Decision-Making

We use compatibility scoring to suggest matches. However, all decisions (e.g., match requests, chat initiation) are controlled by users — not fully automated.

6. Data Sharing

We do not sell or share your data with advertisers. We may share information with:

  • Other Users: When you match or request a room, basic profile info becomes visible.
  • Service Providers: Supabase (hosting), Firebase (analytics), Twilio (SMS delivery).
  • Legal Authorities: Only when required by law or regulation.
  • Business Transfers: In case of acquisition, merger, or asset sale.

7. International Data Transfers

We may process your data outside your country. Supabase and Firebase infrastructure may store data in the EU or US.

We use Standard Contractual Clauses (SCCs) and equivalent safeguards to ensure data protection.

🌐 The app is not available in China, Russia, or North Korea due to regulatory constraints.

8. Your Privacy Rights

Depending on your location, you may have rights to:

Access & Portability

Get a copy of your data in JSON or CSV format

Correction

Ask us to fix inaccurate or outdated data

Deletion

Request erasure of your personal data (“right to be forgotten”)

Objection/Restriction

Limit or object to certain types of data processing

Withdraw Consent

Revoke optional permissions at any time

Lodge Complaint

With your local data protection authority

➡️ You can exercise these rights by:

9. Children's Privacy

This service is not intended for users under 18. If we learn that data was collected from a minor, we will delete it immediately.

10. Data Retention

  • We retain your data while your account is active or as needed to comply with law.
  • When you delete your account, we aim to remove personal data from active systems within 30 days.

11. Security

We apply industry-standard security practices:

  • Encrypted data transfers
  • Secure Supabase-hosted databases
  • Access logging and controls
⚠️ No system is 100% secure. Use strong passwords and protect your account access.

Data Breaches: If we detect a breach affecting your data, we will notify you and relevant authorities as required by law.

12. Third-Party Links

Our app may link to external services (e.g., Google Maps). These have their own privacy policies and are not under our control.

13. Regional Privacy Addenda

󰏅 UK & 󰎾 EU (GDPR)

  • You have full GDPR rights
  • We process your data under consent, contract, and legitimate interest
  • If necessary in the future, we will appoint an EU representative and/or Data Protection Officer

󰑔 California (CCPA/CPRA)

  • We do not sell or “share” personal data for ad targeting
  • You may request access or deletion of data via app or email

󰎙 Brazil (LGPD)

  • Processing is based on consent and legitimate interest
  • You have rights to access, correct, or delete your data

14. Cookies and Tracking

We do not currently use cookies or tracking tools for marketing or personalization. Any future changes will be consent-based and disclosed.

15. Future Changes

We may update this Privacy Policy to reflect changes in our features or legal requirements. All updates will be posted in-app and on our website, with the “Last Updated” date revised.

16. Contact Us

If you have questions, concerns, or privacy-related requests, contact:

📧 [email protected]

🏢 ALL CAPPS LTD — UK

📜 Company Number: 15595753

📍 Registered Address: 6 Freya Court, 162 Lea Bridge Road, London, London, United Kingdom, E10 7NU