At HangSpot, safety and privacy are the core pillars of our technical architecture. This Privacy Policy details how we handle your information. We do not track, sell, or maintain historical logs of your movements, ensuring your real-world footprint remains completely secure.
1. Information We Collect
Because HangSpot is built on a "Privacy-First" hybrid architecture, we collect only the minimum required information to facilitate spontaneous matchmaking:
- Account Information: Google or Apple Sign-In credentials to verify identity via Firebase Auth. We do not access or store your social account passwords.
- Public Profile Details: Display name, age, bio, gender, drink preferences, vibe tags, and uploaded profile photos. Photos are stored securely in isolated Firebase Storage buckets.
- Private Social Handles: Instagram handles, Snapchat handles, or custom direct-social links. This information is stored in a private secure vault (Firestore
users_private) and is encrypted/hidden from all users until a mutual match is explicitly established. - Fuzzed Geolocation Data: Raw coordinates from your mobile GPS sensor are rounded on your device to 3 decimal places (within ~1.1km / 0.6mi) before being uploaded to our servers. We never store or broadcast your precise address or coordinates.
2. How We Use and Share Information
Your fuzzed location is placed in a temporary feed partition (Realtime Database nearby_feed) and is only visible to active, authenticated users nearby to check surrounding area presence. We do not sell your data, use analytics trackers, or display advertisements.
3. The "Vaults" Strategy (Security & Isolation)
We partition data into strictly separated layers ("Vaults") based on security level:
- Vault A (Realtime Feed): Highly active, fuzzed location data, deleted completely every morning.
- Vault B (Public Profiles): Static profile data, readable only by authenticated HangSpot users.
- Vault C (Private Vault): Owner-only read/write access. Houses social handles, device tokens, and age parameters. Hidden from other users.
- Vault D (Matches): Permanent matches written exclusively by server-side Cloud Functions upon mutual consent.
4. The Daily 4:00 AM Data Wipe
We enforce a strict ephemerality policy. Every morning at 4:00 AM local time, our Firebase Cloud Scheduler triggers a server-side routine (the "Wipe") which:
- Deletes all location and presence records inside the
nearby_feeddatabase. - Converts all pending hang invites in our logs to "EXPIRED".
5. Silent Rejection and Low-Pressure Design
To prevent target-harassment or social discomfort, declining a hang request is silent. If a user rejects a request, the request card disappears from their tray, while the sender's UI continues to show "Invite Sent" (similar to a pending queue) to protect privacy and provide a pressure-free experience.
6. Data Deletion and Account Termination Rights
We respect your right to disappear. If you choose to delete your account, clicking "Delete Account" inside your Me Settings tab fires a callable server function which instantly and permanently deletes your credentials from Firebase Auth, wipes your storage folder, and cleanses all associated records in all Vaults. There is no grace period—deletion is immediate and absolute.
7. Security Rules and Anti-Scraping Protection
We deploy strict security rule enforcement on our databases to verify that only authenticated owners can read or write their private records. Additionally, we enforce Firebase App Check (using Google Play Integrity on Android and Apple App Attest on iOS) to block unauthorized clients, bots, and emulators from scraping user feeds or profiles.
8. Contact Us
For questions or support regarding this Privacy Policy, please contact our support team at support@hangspot.app.