Privacy Policy

3.1 Account Information

When you create an account, we collect:

• Name and email address

• Password (stored securely using industry-standard encryption)

• Profile photo (optional)

• Account preferences and settings

3.2 Profile Information

Information you choose to add to your profile:

• Bio and personal description

• Interests and preferences

• Location (city/region you choose to display)

• Social links (optional)

3.3 Events and Activities

When you interact with events:

• Events you create, including title, description, date, time, and location

• Events you mark as "Going" or "Interested"

• Event searches and filters you apply

• Comments and reactions on events

3.4 Groups and Organizations

When you participate in communities:

• Groups and organizations you create or join

• Posts, comments, and content shared within groups

• Your role (member, admin, creator)

• Group chat messages

3.5 Connections and Social Features

When you connect with others:

• Connection requests sent and received

• Your connections list

• Direct messages with other users

• Activity feed interactions (likes, comments, shares)

3.6 Messaging and Chat Servers

When you use messaging features:

• Direct messages between you and other users

• Chat server messages and channels you participate in

• Media shared in conversations (photos, files)

Messages are stored securely and are only accessible to conversation participants. We do not read your private messages unless required by law or to investigate reported violations.

3.7 AI Assistant (Porter)

When you use Ask Porter:

• Questions and prompts you submit

• Conversation history within the session

• Context from your profile to personalize responses

Porter conversations are used solely to provide you with helpful responses. We do not use your Porter conversations to train AI models or share them with third parties.

3.8 Location Information

With your explicit consent:

• Precise location (GPS) for finding nearby events

• City/region for search and discovery

• Location entered manually for event searches

Location data is used only to show you relevant local events. You can disable location access at any time in your device settings. We do not track your location in the background or when the App is closed.

3.9 Device and Technical Information

Collected automatically:

• Device type, model, and operating system

• App version

• Unique device identifiers (for push notifications)

• Crash logs and performance data

• IP address (for security and approximate location)

3.10 Usage Information

How you interact with the App:

• Features and screens you access

• Time spent in the App

• Actions taken (taps, scrolls, searches)

• Error logs and technical issues encountered

4.1 Providing Our Services

• Display events based on your location and preferences

• Enable you to create, join, and manage events

• Connect you with other users

• Facilitate messaging and group communications

• Power AI-assisted event discovery through Porter

4.2 Personalizing Your Experience

• Recommend events based on your interests and activity

• Suggest groups and organizations you might like

• Customize your activity feed

• Remember your preferences and settings

4.3 Communications

• Send push notifications about events, messages, and connections (with your consent)

• Email you about account activity and important updates

• Respond to your support requests

4.4 Safety and Security

• Detect and prevent fraud, abuse, and security threats

• Enforce our Terms of Service and Community Guidelines

• Investigate reported violations and harassment

• Protect the safety of our users

4.5 Improving Biome Collective

• Analyze usage patterns to improve features

• Fix bugs and technical issues

• Develop new features based on user needs

• Conduct research using aggregated, de-identified data

6.1 With Other Users (Your Choice)

• Profile information you make public

• Events you create (visible to attendees)

• Posts in groups and organizations

• Your connections (visible based on your privacy settings)

6.2 With Service Providers

We use trusted third-party services to help operate the App. These providers are contractually bound to protect your data and can only use it for the specific services they provide to us:

• Cloud hosting and data storage (DigitalOcean)

• Push notification delivery (Expo/Apple/Google)

• Email delivery services

• Error monitoring and crash reporting

• Location services (OpenCage for geocoding)

6.3 For Legal Reasons

We may disclose information when required by law or when we believe in good faith that disclosure is necessary to:

• Comply with legal process (subpoena, court order)

• Protect the safety of any person

• Prevent fraud or abuse of our services

• Protect our legal rights

6.4 Business Transfers

If Biome Collective is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or uses of your personal information.

8.1 All Users

• Access and update your profile information at any time

• Control your privacy settings (who can see your profile, send requests)

• Manage push notification preferences

• Enable or disable location services

• Export your data through the Settings screen

• Delete your account and associated data

8.2 EEA/UK/Swiss Users (GDPR Rights)

You have additional rights under GDPR:

• Right of Access: Request a copy of all personal data we hold about you

• Right to Rectification: Correct any inaccurate or incomplete data

• Right to Erasure ("Right to be Forgotten"): Request deletion of your data

• Right to Restriction: Limit how we process your data

• Right to Data Portability: Receive your data in a machine-readable format

• Right to Object: Object to processing based on legitimate interests

• Right to Withdraw Consent: Withdraw consent at any time for consent-based processing

To exercise these rights, contact us at privacy@biomecollective.org. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

8.3 California Residents (CCPA/CPRA Rights)

California residents have the right to:

• Know what personal information we collect and how it's used

• Request deletion of personal information

• Opt out of the "sale" of personal information (we don't sell your data)

• Non-discrimination for exercising your rights

We do not sell personal information as defined under CCPA/CPRA. We do not use or disclose sensitive personal information for purposes other than providing our services.