Meetapper
Home
PL EN
Meetapper

Privacy Policy

This privacy policy describes what personal data we process in connection with your use of the Meetapper mobile app and website (the "App"), for what purpose and on what basis, who we share it with, and what rights you have.

The Controller of your personal data is KRYSTIAN DZIUK (the "Service Provider" or "Controller"). For matters concerning personal data, you can contact us at support@meetapper.com.

What data we collect and why

Account and login data

  • Email address, password (stored in encrypted form by Firebase Authentication), and a unique account identifier.
  • If you sign in with Google or Facebook, we receive from the chosen provider your name, email address, and the profile picture associated with that account.

Profile data

  • Display name, username, profile picture, and language preference.

Content and activity in the App

  • Friends list, sent and received invitations, and the friend groups you create.
  • Checks (events) that you create or participate in, including the title, description, place (as text), dates, list of participants, and your responses.
  • Availability statuses (content, emoji, visibility settings).
  • Chat messages.
  • Feedback and reports you send us.

Photos

  • Profile picture, photos added to checks, and photos sent in chats (stored in Firebase Storage).

Location

  • The App may request access to your device's precise location when you use place search. We use it to determine your city, show the places available there, and your distance to them. The coordinates are sent to our servers (Firebase) solely to rank places by distance, and are not stored. Our servers retrieve the list of places from Google services at the city level, without passing on your precise coordinates. You can deny access in your system settings.

Technical and diagnostic data (collected automatically)

  • Device type, device identifiers, IP address, operating system, and information about how you use the App (analytics).
  • Error and crash reports (Crashlytics).

Push notifications

  • Notification token (Firebase Cloud Messaging) and your notification preferences, so that we can inform you about messages, invitations, and checks.
Legal bases for processing (GDPR)
  • Performance of a contract (Art. 6(1)(b) GDPR): maintaining your account and providing the App's features (profile, friends, checks, statuses, chats).
  • Consent (Art. 6(1)(a) GDPR): analytics, push notifications, and location access. You can withdraw your consent at any time.
  • Legitimate interest (Art. 6(1)(f) GDPR): ensuring security, preventing abuse, and improving the App.
  • Legal obligation (Art. 6(1)(c) GDPR): where disclosure of data is required by law.
Who we share data with

Other users. By the nature of the App, some of your data is visible to other users:

  • your profile (name, username, picture), visible to friends and in friend search results;
  • availability statuses, according to the visibility settings you have chosen;
  • responses to checks and messages, visible to the participants of a given check or chat.

Service providers who process data on our behalf or as independent controllers within the scope of their services. We currently use:

  • Google: Firebase infrastructure (including authentication, database, file storage, notifications, and security), Google Analytics and Crashlytics (analytics and diagnostics), places and maps services, from which the place data and listing photos come, as well as Tenor (GIF search). Google/Firebase Privacy Policy.
  • Meta Platforms (Facebook), only if you choose to sign in with Facebook. Meta Privacy Policy.

If we begin using other providers or services, we will update this page. We may also disclose data where required by law (e.g. at the request of authorized authorities) or where it is necessary to protect rights, the safety of users, or to prevent abuse.

Transfers of data outside the European Economic Area

Our providers (including Google and Meta) may process data outside the EEA, including in the United States. In such cases, the transfer takes place on the basis of appropriate safeguards provided for by the GDPR, such as standard contractual clauses or adequacy decisions.

How long we keep data
  • Account data and content: for the duration of your use of the App.
  • After you delete your account, we remove your account data, profile, friends, invitations, groups, statuses, photos added to checks, and notification tokens. Checks, chats, messages, and photos sent in conversations may remain available to the other participants as part of the conversation or check history, but will no longer be linked to your active account and will be displayed as "Deleted user". We describe the details on the Account deletion page.
  • Automatically collected data (diagnostics, analytics): up to 24 months.
Your rights

Under the GDPR, you have the following rights:

  • access to your data and obtaining a copy of it;
  • rectification (correction) of your data;
  • erasure of your data (the "right to be forgotten");
  • restriction of processing;
  • data portability;
  • objection to processing based on legitimate interest;
  • withdrawal of consent at any time (without affecting the lawfulness of processing carried out beforehand);
  • lodging a complaint with a supervisory authority, which in Poland is the President of the Personal Data Protection Office (UODO).

To exercise these rights, write to support@meetapper.com; we will usually respond within 30 days. You can also delete your account and the associated data yourself. See Account deletion.

Consents and their withdrawal
  • Analytics is disabled by default until you give your consent, and you can turn it on or off at any time in the App's settings.
  • Location access and push notifications work only after you grant consent; you can withdraw it in your device's system settings.
Security

We apply technical and organizational safeguards to protect the data we process. Data is transmitted over an encrypted connection (HTTPS/TLS), and access to it is controlled by Firebase Security Rules and the Firebase App Check mechanism. Administrative access is limited to authorized persons. Please remember, however, that no security system can prevent all possible breaches. Take care to keep your device and login credentials secure.

Children

The App is not directed at persons under 13 years of age, and we do not knowingly collect their data. In some EU countries (including Poland), the use of online services by persons under 16 years of age requires a guardian's consent. If you are a parent or guardian and believe that a child has provided us with data, write to support@meetapper.com, and we will take appropriate action.

Changes to this privacy policy

This policy may be updated from time to time, including in connection with the addition of new features, data, or service providers. We will notify you of changes by updating this page and the effective date. We recommend that you review its contents periodically.

This privacy policy is effective as of 2026-06-10.

Contact

For matters concerning privacy and the protection of personal data, please contact the Controller at support@meetapper.com.