Privacy Policy

1. Introduction

Welcome to Fit Traveller ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our mobile application ("App"). By using the App, you agree to the collection and use of information in accordance with this policy.

We are committed to protecting your privacy and ensuring transparency about our data practices. This policy complies with applicable privacy laws and regulations, including those required by Apple App Store and Google Play Store.

2. Information We Collect

We collect information that you provide directly to us and information that is automatically collected when you use our App.

a. Personal Information You Provide

• Account Information: Email address, password (securely hashed and stored via Firebase Authentication), name, phone number, date of birth (age)
• Profile Information: Profile photo, bio, location, occupation, gender, height, hobbies, languages spoken, exercise habits, diet preferences, lifestyle choices (smoking, drinking)
• Verification Data: Selfie photos for identity verification and security purposes
• Payment Information: Payment tier, transaction records (processed securely through third-party payment processors)

b. User-Generated Content

• Groups you create or join (sports, food, travel groups)
• Requirements/companion requests you post
• Chat messages and communications within groups
• Photos you upload to your profile

c. Automatically Collected Information

• Device information (device type, operating system version)
• App usage data (features used, timestamps of actions)
• Technical data (IP address, device identifiers) for security and functionality

d. Location Information

When We Access Your Location:

• Only When You Use Distance Filter: We access your device's GPS location exclusively when you enable the distance filter feature in the companion search screen
• On-Demand Access: Location permission is requested only at the moment you activate the distance filter, not when you first open the App
• User Control: You have full control - you can use the App without ever granting location permission

What Location Data We Collect:

• Your Current GPS Location: When you enable distance filtering, we temporarily access your current latitude and longitude coordinates
• Event/Activity Locations: When you create a group or companion request, you provide the location (city and coordinates) where the activity will take place - this is stored in our database
• Profile Location: You may optionally provide your city/location in your profile (this is text-based, not GPS coordinates)

How We Use Location Data:

• Distance Calculations: We use your current GPS location to calculate the distance between you and nearby companions/activities
• Filtering Results: We filter companion search results to show only those within your specified maximum distance (in kilometers)
• Finding Nearby Activities: We help you discover sports, food, and travel companions who are geographically close to you

Location Data Storage:

• Your GPS Location: We do NOT store your current GPS location permanently. It is used only temporarily for distance calculations and is immediately discarded after use
• Event Locations: The locations where activities/events will take place (provided by users when creating groups) are stored in Firebase. These are public event locations, not personal user locations
• No Continuous Tracking: We do not track your location continuously or in the background. Location is accessed only when you actively use the distance filter

Location Permissions:

• Permission Type: We request "When In Use" location permission (not "Always" permission)
• Permission Control: You can grant or deny location permission at any time through your device settings
• No Permission Required: The App functions fully without location permission - you can search by city, activity type, and other filters without using GPS location

3. How We Use Your Information

We use the information we collect for the following purposes:

• Account Management: Create and manage your user account, authenticate your identity, and provide access to App features
• Matching & Discovery: Enable you to discover other users with shared interests in sports, food, and travel
• Group Features: Facilitate group creation, real-time chat, and group participation
• Security: Verify your identity through selfie verification, prevent fraud and unauthorized access, and maintain App security
• Communication: Enable in-app messaging and notifications
• Location-Based Features: When you enable distance filtering, we use your GPS location to calculate distances and show nearby companions/activities. Your current location is used temporarily and not stored
• Service Improvement: Analyze usage patterns to improve App functionality and user experience
• Legal Compliance: Comply with applicable laws, regulations, and legal processes

4. Location Services & Privacy

This section provides detailed information about how we handle location data, which is a sensitive type of personal information.

a. When Location is Accessed

We access your device's GPS location only in the following specific scenario:

• Distance Filter Feature: When you are browsing companions (sports, food, or travel) and you choose to enable the distance filter by setting a maximum distance (e.g., "Show companions within 5 km")
• One-Time Access: Each time you use the distance filter, we request your current location once to perform the distance calculation
• Not on App Launch: We do not access your location when you first open the App or when you browse companions without using the distance filter
• Not in Background: We never access your location when the App is running in the background or when you're not actively using the distance filter

b. How Location is Accessed

When you enable the distance filter:

1. You set a maximum distance (e.g., 5 km, 10 km, 20 km) in the companion search screen
2. The App requests "When In Use" location permission (if not already granted)
3. If you grant permission, we use the Geolocator service to get your current GPS coordinates (latitude and longitude) with high accuracy
4. We calculate the distance between your location and each companion/activity location
5. We filter the results to show only companions within your specified distance
6. Your current GPS location is immediately discarded after the calculation - it is not stored

c. What Happens If You Deny Location Permission

If you deny location permission or if location services are disabled:

• The App continues to function normally
• You can still search for companions using other filters (city, activity type, gender, age, date)
• The distance filter will simply show all results without distance-based filtering
• You can still create groups, join activities, and use all other App features

d. Location Data We Store

We DO Store:

• Event/Activity Locations: When users create a group or companion request, they provide the location (city name and GPS coordinates) where the activity will take place. These are public event locations stored in Firebase and visible to all users searching for companions
• Profile City: If you choose to add your city/location to your profile, this text-based information is stored (this is optional and not GPS-based)

We DO NOT Store:

• Your Current GPS Location: Your real-time GPS coordinates are never stored in our database
• Location History: We do not track or store your location history or movement patterns
• Background Location: We never access or store your location when the App is not actively being used

e. Third-Party Location Services

We use the following services for location functionality:

• Geolocator Package: We use the Geolocator plugin (Flutter) to access your device's GPS location. This service only accesses location when explicitly requested by our App
• No Location Sharing: We do not share your GPS location data with any third-party advertising or analytics services

f. Your Location Privacy Rights

You have complete control over location access:

• Grant or Deny Permission: You can grant or deny location permission at any time through your device settings
• Revoke Permission: You can revoke location permission at any time, and the App will continue to work (without distance filtering)
• Use Without Location: You can use all App features except distance-based filtering without granting location permission
• No Impact on Account: Denying location permission does not affect your account, profile, or ability to use the App

g. Location Data in Account Deletion

When you delete your account:

• Any event/activity locations you provided when creating groups are deleted along with those groups
• Your profile city/location (if provided) is deleted
• Since we don't store your GPS location, there is no GPS location data to delete

5. Data Sharing & Disclosure

We do not sell, trade, or rent your personal information to third parties for marketing purposes. Your data is only shared in the following limited circumstances:

• Within the App: Your name, profile photo, and messages are visible to other members of groups you join or create
• Service Providers: We use Firebase (Google) for authentication, database storage, and backend services. These providers are bound by confidentiality agreements and only process data as necessary to provide services
• Payment Processors: Payment information is processed by secure third-party payment processors (e.g., Razorpay). We do not store full payment card details
• Legal Requirements: We may disclose information when required by law, court order, or legal process, or to protect our rights, property, or safety, or that of our users
• Business Transfers: In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of that transaction

6. Data Security

We implement industry-standard security measures to protect your personal information:

• Authentication: Passwords are securely hashed using Firebase Authentication and never stored in plain text
• Encryption: Data transmitted between your device and our servers is encrypted using secure protocols (HTTPS/TLS)
• Access Controls: User-based access control and security rules prevent unauthorized access to your data
• Secure Storage: Data is stored in Firebase Realtime Database with security rules that restrict access to authorized users only
• Regular Updates: We regularly update our security practices and review access logs

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to using best practices to protect your data.

7. Your Data Rights & Account Deletion

You have the following rights regarding your personal information:

a. Access and Update

• View your profile information at any time through the App
• Edit and update your profile information, including bio, location, hobbies, and preferences
• Change your profile photo and other personal details

b. Account Deletion

Deletion Process:

• When you request account deletion, your account is scheduled for deletion with a 7-day grace period
• During this 7-day period, you can cancel the deletion request by logging back into the App
• After 7 days, your account and all associated data will be permanently deleted
• You will be immediately logged out after confirming deletion

What Data is Deleted:

Upon permanent account deletion, the following data is completely and permanently removed from our systems:

• Your user profile and all personal information (name, email, phone, bio, location, etc.)
• Your profile photos and selfie verification images
• Your account credentials (Firebase Authentication account)
• All groups you created (groups are deleted entirely)
• Your membership in groups (you are removed from all groups you joined)
• All requirements/companion requests you posted
• All chat messages you sent in groups
• All payment records and transaction history
• All local app data and cached information

Data Retention After Deletion:

We do not retain any of your personal data, user-generated content, or analytics data after account deletion. All data is permanently removed from:

• Firebase Realtime Database (user profiles, groups, requirements, chats, payments)
• Firebase Authentication (account credentials)
• Local device storage (cached data, preferences)

There is no data retention for legal, business, or analytics purposes after account deletion. The deletion is complete and permanent.

c. Other Rights

• Revoke Access: You can sign out of the App at any time to revoke access
• Data Portability: You can view and export your profile data through the App
• Opt-Out: You can disable notifications in your device settings

8. Data Retention

We retain your personal information only for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy:

• Active Accounts: We retain your data while your account is active and you are using the App
• Account Deletion: When you delete your account, all data is permanently removed after the 7-day grace period
• Legal Requirements: We do not retain any data after account deletion, even for legal purposes, unless we are legally required to do so by a court order or applicable law
• Backup Data: Any backup copies are also deleted in accordance with our deletion process

9. Third-Party Services

Our App uses the following third-party services:

• Firebase (Google): For authentication, database storage, and backend services. Firebase's privacy practices are governed by Google's Privacy Policy
• Payment Processors: For processing payments. Payment processors have their own privacy policies governing the use of your payment information

These third-party services may collect information as described in their respective privacy policies. We encourage you to review their privacy policies to understand how they handle your data.

10. Children's Privacy

Our App is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information from our systems.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our App, you consent to the transfer of your information to these countries. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other reasons. We will notify you of any material changes by:

• Posting the updated Privacy Policy in the App
• Updating the "Last Updated" date at the top of this policy
• Providing in-app notifications for significant changes

Your continued use of the App after any changes to this Privacy Policy constitutes your acceptance of the updated policy. We encourage you to review this Privacy Policy periodically.

13. Your Consent

By using our App, you consent to our Privacy Policy and agree to its terms. If you do not agree with this policy, please do not use our App.

14. Contact Us