Gettit ("we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Gettit mobile application and website (collectively, the "Service").

We recognize that as a dating and social networking platform, we handle particularly sensitive personal information, including data related to sexual orientation, gender identity, and precise location. We take this responsibility seriously.

1. Information We Collect

1.1 Information You Provide

Account Information: Phone number, email address, date of birth (for age verification)
Profile Information: Photos, video intros, headline, bio, and optional attributes including height, weight, sexuality, gender identity, pronouns, relationship status, ethnicity, and physical attributes
Preferences: Your stated preferences for who you'd like to meet, including gender and sexuality filters
Communications: Messages sent through the Service, feedback, and support requests
Payment Information: Processed through Apple App Store or Google Play (we do not directly collect or store payment card data)

1.2 Information Collected Automatically

Location Data: Precise GPS coordinates when the app is in use, used for proximity-based discovery. You may enable location fuzzing to prevent exact distance display to other users
Device Information: Device type, operating system, unique device identifiers
Usage Data: App interactions, features used, time spent, and engagement patterns
Push Notification Tokens: For delivering notifications via Firebase Cloud Messaging

1.3 Information from Third Parties

Verification Data: Selfie verification results from AWS Rekognition for face-match verification (biometric data is processed but not stored by Gettit)
Subscription Data: Subscription status and entitlement information from RevenueCat

2. How We Use Your Information

Provide, maintain, and improve the Service
Match you with other users based on proximity and stated preferences
Verify your identity and age
Moderate content and enforce community guidelines
Detect and prevent fraud, fake profiles, and illegal content (including CSAM detection via PhotoDNA)
Process subscriptions and in-app purchases
Send you notifications about matches, messages, and Service updates
Respond to support requests and communicate with you about the Service
Analyze usage patterns to improve the product (aggregated, non-identifiable data only)

3. Sensitive Data Protection

We understand that information about sexual orientation, gender identity, and dating preferences is highly sensitive. We implement the following protections:

Sexual orientation and gender identity data is never sold to third parties
This data is only shared with other users as controlled by your privacy settings
In regions where LGBTQ+ identity may pose safety risks, we offer enhanced privacy features including location fuzzing and profile visibility controls
Staff access to sensitive user data is strictly limited and audited
All sensitive data fields are encrypted at rest

4. Location Data

Gettit uses your precise location to show you nearby users. We implement the following safeguards:

Location Fuzzing: You may enable location fuzzing in Settings, which shows other users "Nearby" instead of your precise distance
Region Feature Flags: In certain regions, enhanced privacy protections are enabled by default
Location data is updated only when the app is in use and is cached with a 30-second TTL to reduce data transmission
Exact coordinates are never exposed to other users — only calculated distances or "Nearby" status

5. Photo and Media Processing

Photos are uploaded to Firebase Storage and served via Cloudflare CDN
All uploaded photos are scanned using PhotoDNA for CSAM (child sexual abuse material) detection. This is a legal requirement and is non-optional
Content moderation may use automated scanning to detect policy violations
Video intros are processed and served via Cloudflare Stream
Selfie verification uses AWS Rekognition for face-match analysis. Biometric data is processed transiently and is not retained after verification

6. Data Sharing

We share your data only with:

Other Users: Profile information as controlled by your privacy settings
Service Providers: Firebase (infrastructure), CometChat (messaging), Cloudflare (CDN/media), RevenueCat (subscriptions), AWS (verification) — each bound by data processing agreements
Law Enforcement: When required by law, including mandatory reporting of CSAM to NCMEC (National Center for Missing & Exploited Children)
Safety: When we believe disclosure is necessary to protect user safety or prevent illegal activity

We do not sell your personal information to advertisers or data brokers.

7. Data Retention and Deletion

Active account data is retained as long as your account is active
If your subscription lapses, account access is locked after a 1-day grace period. Account data is deleted after 365 days of no renewal
You may request deletion of your account at any time through Settings or by contacting us
Upon deletion request, a 30-day recovery window is provided, after which all personal data is permanently deleted
Some data may be retained as required by law (e.g., CSAM reports, financial records)

8. Your Rights

8.1 All Users

Access your personal data
Correct inaccurate data
Delete your account and associated data
Control your privacy settings and visibility

8.2 California Residents (CCPA)

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of the sale of personal information (we do not sell your data)
Right to non-discrimination for exercising your rights

8.3 European Residents (GDPR)

Right of access (Article 15)
Right to rectification (Article 16)
Right to erasure (Article 17)
Right to data portability (Article 20)
Right to withdraw consent at any time (Article 7)
Right to lodge a complaint with a supervisory authority

9. Children's Privacy

Gettit is strictly for users aged 18 and over. We implement age verification during signup, including date of birth entry and legal attestation. We do not knowingly collect information from anyone under 18. If we discover that a user is under 18, their account will be immediately terminated.

10. Security

We implement industry-standard security measures including:

TLS encryption for all data in transit
Encryption at rest for sensitive data fields
Firebase App Check for API integrity
Rate limiting and abuse prevention
Regular security audits

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the app or via email. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at:

Gettit
Email: privacy@gettit.app
Website: gettit.app