logo

Privacy Policy

Last updated: 12/5/2025

This Privacy Policy explains how Vazo (“we”, “us”, or “our”) collects, uses, stores, and protects your personal information when you use our app and services, in accordance with the General Data Protection Regulation (GDPR).

1. What Information We Collect

  • Account Information: Your email, username, and password (stored securely and hashed via Supabase). Optional: profile photo and bio.
  • Location Data: With your explicit consent, we periodically access your device’s GPS location (e.g., every few seconds) to provide relevant nearby content. Location is processed in real time but is not stored or tracked continuously.
  • User Activity: Content you create (messages, clues, comments), friend connections, and game interactions.
  • Device Info: Basic technical info like OS type, IP address, and error logs for debugging and app stability.

2. How We Use Your Data

  • To provide core features like discovering nearby jars and participating in local games.
  • To maintain platform security, prevent abuse, and debug technical issues.
  • To send important notifications (e.g., updates, account issues) if you opt in.
  • To periodically access your live location (when permitted) in order to show nearby jars, clues, or game elements based on your position.

3. Legal Basis for Processing (GDPR)

We process your data based on the following lawful grounds:

  • Consent: For optional features like location sharing or profile personalization.
  • Contract: To deliver the services you've registered for.
  • Legitimate Interests: For security, analytics, and platform improvement, without overriding your rights.

4. Sharing Your Data

We do not sell your data. We may share data only with:

  • Service providers like Supabase, which securely host authentication and storage services.
  • Cloud or analytics providers solely for operational and performance improvements.
  • Authorities if legally required, and with notice to you whenever possible.

5. Data Retention

Your data is retained for as long as your account is active. You may delete your account anytime, which will permanently erase associated personal data from our systems within 30 days.

6. Your Rights Under GDPR

  • Access: You can request a copy of your data.
  • Rectification: You can correct inaccurate information.
  • Deletion: You can permanently delete your account and data.
  • Objection: You may object to data use based on legitimate interests.
  • Portability: You can request your data in a portable format.
  • Withdraw Consent: For features like location sharing, you can withdraw at any time via device or app settings.

7. Security

We take appropriate technical and organizational measures to protect your personal data, including secure storage with Supabase, encrypted transmissions, and limited access by authorized personnel.

8. Changes to This Policy

We may occasionally update this Privacy Policy. If we make significant changes, we'll notify you via email or in-app message. Continued use of Vazo after notice constitutes agreement.

9. Contact Us

For any privacy-related questions, data access, or deletion requests, contact us at:

Email: support@vazo.city