Crople Privacy Policy

Draft status

This Privacy Policy draft is prepared for Crople's mobile app and related services. It must be reviewed before public launch.

**TO BE COMPLETED: legal entity name, business registration number, representative, address, privacy officer, privacy contact email, effective date.**

1. Scope

This Privacy Policy explains how Crople collects, uses, stores, shares, transfers, and protects personal information when you use the Crople app and related services.

2. Information we collect

We may collect account identifiers such as phone number, recovery email, Google or Apple account identifiers, authentication status, age eligibility information, profile nickname, gender selection, sports preferences, avatar/loadout information, profile photos, device and app information, language, country/region, and service usage logs.

We may also process chat messages, reports, support inquiries, inbox messages, reward activity, purchase or virtual item activity, location data, and health/activity data only where the relevant feature and permission apply.

3. Sensitive or permission-based data

Location data is used for nearby discovery, meetup planning, route/progress features, safety-related service operation, and legal logging where applicable.

Health, step, and exercise data may be used for Bonus Coin goals only after the user grants the relevant OS-level permission. Crople should not request more health data than necessary for the selected reward feature.

4. Purpose of use

We use personal information to create and authenticate accounts, operate onboarding, match users, show home feed candidates, enable chat and meetup planning, provide location features, send notifications, manage rewards and virtual items, moderate abuse, respond to support requests, improve performance, detect fraud, comply with legal obligations, and maintain service security.

5. Retention

We keep data only as long as necessary for service operation, legal compliance, dispute resolution, abuse prevention, and audit evidence. Location use/provision confirmation records may be retained for at least 6 months where legally required. Access logs and security logs may be retained for at least 1 year where legally required.

Account deletion may include a grace period, after which eligible records are deleted, anonymized, or retained only where legally necessary.

6. Sharing and processors

We may share or process data with service providers required to operate Crople, including cloud database and storage, authentication, SMS, push notifications, crash reporting, maps/places, analytics, web hosting, legal document hosting, and app store services.

We do not sell personal information. If advertising or marketing features are introduced later, the relevant notice and consent must be updated.

7. Overseas transfer

Crople may transfer or process personal information outside the user's country because some service providers operate globally. Details are provided in the Overseas Transfer Consent page.

8. User choices and rights

Users may access, update, or delete certain information in the app. Users may withdraw optional consents, change notification settings, disable permissions at the OS level, or request support. Some features may stop working if required information or permissions are withdrawn.

9. Security

We use access controls, authentication, row-level security, audit logs, secure server-side functions, encrypted transport, and provider-level security measures. No system is perfectly secure, but we work to reduce risk and respond to incidents.

10. Children and age

Crople is for users aged 18 or older. We do not knowingly provide the Service to users below the age requirement.

11. Changes

We may update this policy as the Service changes. Material changes may be notified in-app or through other appropriate channels.

12. Contact

**TO BE COMPLETED: privacy officer name/title, privacy contact email, operator address, phone number if required.**

13. Cookies, local storage, SDKs, and similar technologies

Crople may use cookies, local storage, device storage, secure storage, SDKs, device identifiers, or similar technologies in the app and related web pages for sign-in, authentication, settings, security, error analysis, notifications, maps/places, performance measurement, and service operation.

In the mobile app, app storage, secure storage, OS permissions, and SDK logs may be more relevant than browser cookies. These technologies are used to operate the Service, maintain security, remember user settings, diagnose errors, and understand service reliability.

If Crople later introduces advertising tracking, third-party ad networks, or behavior-based advertising, this Privacy Policy and the relevant in-app consent/settings flow must be updated before launch.