Mapfrens Privacy Policy
Last updated: 8 December 2025
Overview
Mapfrens is a location-based social and chat app. This policy explains what we collect, how we use it, and your rights. It is intended to comply with Google Play and Apple App Store requirements.
Data We Collect
- Account & Profile: Google account ID, email, display name, avatar/photo, optional bio/interests.
- Location (user-controlled): Current and background location when enabled for map/nearby features.
- Social Graph: Friends, friend requests, blocks, waves, hide-from-strangers/ghost mode settings.
- Chats & Activity: Direct messages, typing indicators, unread status, message status (sent/delivered/seen), timestamps; chat partner lists.
- Device & App Info: Device identifiers used for push tokens, app version, basic diagnostics/logging for security and service quality.
- Usage Events: Presence/online state (connected/background), proximity calculations for nearby users.
- Local Storage: Session tokens and user data cached in AsyncStorage for sign-in persistence.
- Deletion State: Soft-delete flags (deleted, deletedAt) and restoration state.
How We Use Data
- Provide and improve location-based discovery (friends/nearby), chats, notifications, waves, and blocking features.
- Show presence/nearby info according to your settings (ghost mode/hide-from-strangers).
- Maintain security, prevent abuse, and enforce policies (e.g., block lists, hide-from-strangers).
- Deliver push notifications for messages, friend requests, proximity alerts, and important account updates.
- Perform soft delete/restoration workflows and lifecycle management.
Data Storage & Services
- Firebase/Firestore: Primary storage for users, friendships, requests, chats, push tokens, presence/location states.
- Server (Node/Express + Socket.IO): Real-time updates, proximity calculations.
- Device storage (AsyncStorage): Session persistence.
- Google Maps: Map tiles and geocoding; their terms apply to map usage.
Location Permissions & Disclaimers
- Location sharing is optional and controlled via OS permissions and in-app settings.
- Background location may be requested to keep live location active when enabled.
- Accuracy may vary; do not rely on Mapfrens for navigation, emergency, or safety-critical purposes.
Third-Party Services
- Firebase/Firestore/Firebase Admin: Authentication support, data storage.
- Socket.IO: Real-time messaging/location updates.
- Expo/Push Notifications: Delivering notifications.
- Google Sign-In: Account authentication.
- Google Maps: Map tiles and geocoding. Their terms apply.
Data Sharing
- Shared with other users according to your settings: name/avatar, presence, location (when enabled), and chat content within conversations.
- Service providers listed above receive data needed to operate the app.
- We do not sell personal data.
Data Retention
- Chat messages and related metadata are retained to provide history until you delete your account or we decide otherwise in accordance with this policy.
- Soft-deleted accounts: deleted + deletedAt stored; accounts can be restored within the published window.
- After 30 days, we may permanently delete soft-deleted accounts; chat history may persist with the sender shown as "Mapfrens User."
- Logs and technical data are retained as needed for security and operations.
User Controls & Rights
- Location Controls: Enable/disable in device settings and in-app controls (ghost mode, hide-from-strangers).
- Access/Correction: Request a copy or correction of your data.
- Deletion: Use the in-app delete account flow (soft delete). You may request permanent deletion; message history may be retained with generic attribution.
- Push Notifications: Manage permissions in device settings.
Children's Data
Not directed to children under 13. Users 13–17 should only use the app with guardian permission. If we learn we collected data from a child under 13 without proper consent, we will delete it.
Security Measures
Uses HTTPS, token-based access, Firebase/Firestore security rules, and server-side checks. No system is 100% secure; protect your device and credentials.
International Transfers
Data is primarily processed on servers in India and may be processed in other regions where our service providers operate.
Changes to this Policy
We may update this policy. Material changes will be communicated where practical; continued use constitutes acceptance.
Contact
If you have questions about this Privacy Policy, please contact us at: mapfrens@gmail.com.com