Privacy Policy

Last updated: March 29, 2026

Nativ Social (“we”, “us”, or “our”) operates the Nativ Social mobile application (the “App”). This Privacy Policy explains how we collect, use, and protect your information when you use our App.

Information We Collect

Personal Information

When you create an account, we collect:

Email address — provided by your sign-in provider (Apple or Google) for authentication and account recovery
Display name — chosen by you during onboarding, visible to other users
Profile photo — optional, uploaded by you
Date of birth — provided during onboarding
Gender — optionally provided during onboarding
Country — optionally provided during onboarding
Authentication provider — the method you used to sign in (Apple or Google)

Location Data

Device location — collected while the App is in use to show nearby Pulses, display your presence to nearby users, attach location to content you share, and track which cities you visit
Location is not tracked in the background — we only access your location while the App is active in the foreground

User-Generated Content

Pulses — short text posts (up to 20 words) with optional photos, pinned to your location with a 48-hour expiry
Replies — text responses to Pulses
Direct messages — text and photo messages between you and other users
Photos — images you attach to Pulses, messages, or your profile

Presence Data

Online status — whether you are currently active in the App
Nearby visibility — your approximate location is shared with other users within proximity while you are online

Usage Data

Analytics events — screen views, feature usage, and interactions within the App
Device information — device model, OS version, and app version for diagnostics
Session data — authentication session maintained locally by our backend provider

How We Use Your Information

Provide the service — display nearby Pulses, enable messaging, show your presence to nearby users, track your travel history
Authentication — verify your identity and maintain your session
Content moderation — filter objectionable content, screen uploaded images for safety, and review user reports
Improve the App — analyze usage patterns to enhance features and fix issues
Safety — enforce our Terms of Use and Community Guidelines, block abusive users, and act on content reports

Third-Party Services

We use the following third-party services:

Service	Purpose	Data Shared
Supabase	Authentication, database, file storage, real-time messaging	Email, display name, profile photo, location, user-generated content
Mapbox	Interactive map display	Device location (for map rendering)
Google Cloud Vision API	Automated image safety screening	Uploaded photos (analyzed for objectionable content)
Apple Sign-In	Authentication	Email, name (from Apple account)
Google Sign-In	Authentication	Email, name (from Google account)

Device Permissions

The App requests the following device permissions:

Location (When In Use) — to show nearby Pulses and users on the map, enable proximity-based chat, and track which cities you visit. Requested during onboarding.
Camera — to capture photos for Pulses you share, your profile picture, and photos in direct messages. Requested when you first use the camera.
Photo Library — to select existing photos for Pulses, your profile picture, or direct messages. Uses the modern iOS photo picker with limited, per-selection access.

All permissions are optional and requested only when you use the relevant feature.

Content Moderation and Safety

Text filtering — content is screened on-device against prohibited words and phrases before submission
Image screening — uploaded photos are analyzed using automated safety detection for adult content, violence, and other objectionable material
User reporting — users can flag Pulses, replies, and users for review
User blocking — users can block other users, which removes content from their feed and deletes shared conversations
Developer notification — reports and blocks are forwarded to our moderation team for review and action within 24 hours

Data Storage

Cloud storage — your account data, content, and messages are stored securely on Supabase servers
File storage — profile photos, Pulse photos, and chat media are stored in Supabase Storage
Local storage — minimal data on your device including unread message indicators and queued analytics events
Session tokens — your authentication session is stored locally to keep you signed in

Data Retention

Your data is retained as long as your account is active
Pulses automatically expire and are removed after 48 hours
You can delete your account at any time from the App settings
Chat messages and replies may persist after account deletion for continuity of other users' conversations

Data Sharing

We do not sell, trade, or rent your personal information to third parties. Your data is only shared with the third-party services listed above, solely to provide the App's functionality.

Data Security

Row Level Security (RLS) policies on all database tables
Authenticated API access with scoped permissions
On-device content filtering
HTTPS encryption for all data in transit
Signed URLs for private media access with time-limited expiry

Children's Privacy

The App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us.

Your Rights

Access your personal data through your profile in the App
Update your display name and profile photo at any time
Delete your account and associated data from the App settings
Revoke device permissions at any time through your device settings
Block other users to prevent contact
Report content that violates our Terms of Use

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the “Last updated” date at the top of this policy.

Contact Us

If you have any questions about this Privacy Policy, please contact us at admin@nativ.social.