HOPMEET/ legal

Privacy Policy

This policy explains how HopMeet processes personal data under the GDPR. It applies to the HopMeet mobile app.

Last updated: 2026-03-05App scopeGDPR / EU

1. Controller

HopMeet — operated by Soumyakanta Pattanaik (Germany).
Contact: legal@hopmeet.app

2. Data we process

  • Phone number (for authentication).
  • Profile details (e.g., display name, optional attributes).
  • Location data (to show nearby hops and city missions).
  • User-generated content (missions/hops content, uploaded photos/videos).
  • Device and log data (IP address, device identifiers where applicable, timestamps, app events for security).

3. Purposes and legal bases (GDPR)

  • Account creation & service delivery — Art. 6(1)(b) GDPR.
  • Location-based discovery features — Art. 6(1)(b) GDPR and/or Art. 6(1)(a) GDPR (permission/consent at device level).
  • Security, abuse prevention, fraud detection — Art. 6(1)(f) GDPR (legitimate interest).
  • Content moderation and enforcement of community rules — Art. 6(1)(f) GDPR.

4. Location data

HopMeet uses location to enable city-based missions and nearby hops. Location access is requested through your device permissions. You can disable location at any time in your device settings.

5. Photos, videos, and safety verification (nudity / abuse detection)

When you upload media (e.g., mission or hop photos), HopMeet may run automated safety checks to detect explicit, harmful, or abusive content. This helps keep the community safe.

Important: Automated moderation is used only for safety and enforcement of community rules. We do not sell your media or use it for advertising profiling.

For example, HopMeet may use Google Cloud-based content safety verification (such as SafeSearch classification) to detect nudity or explicit content.

6. Third-party services (processors)

  • Firebase Authentication (Google) — phone number verification and sign-in security.
  • Cloud infrastructure/hosting in Germany/EU (e.g., OVH Cloud Germany) — API hosting, database, and/or media storage depending on your deployment.
Where required, we rely on appropriate data processing terms (DPA) with our processors and apply EU safeguards.

7. Retention

  • Account data is retained as long as your account exists.
  • When you delete your account, we delete or anonymize associated personal data within reasonable timeframes (typically within 30 days), unless legal obligations require longer retention.
  • Backups may persist for a limited period (e.g., up to 90 days) before being overwritten.

8. Your rights

  • Access, rectification, erasure, restriction, objection, and portability (Art. 15–22 GDPR).
  • You can request deletion via the in-app flow or via our deletion page.

9. Account deletion

Delete your account in the app (Settings → Delete Account) or use the public deletion instructions:/app/delete-account

10. Contact and complaints

Privacy contact: legal@hopmeet.app

You may also lodge a complaint with a supervisory authority in the EU (Germany: your competent state DPA).