Spott Privacy Policy

Last updated: July 8, 2025

PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING SPOTT.

Spott (“Spott,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our mobile application, website, APIs, and related services (collectively, the “Platform”). By accessing or using the Platform, you consent to the practices described in this policy. If you do not agree, please discontinue use.

1. Definitions

  • “User” means any person who accesses or uses the Platform.
  • “Event” means a real-world gathering created or attended via the Platform.
  • “Host” means a User who creates or organizes an Event.
  • “Attendee” means a User who RSVPs to or joins an Event.
  • “Content” means any text, images, photos, videos, or other materials uploaded by Users.
  • “Personal Data” means information that identifies or can reasonably identify you.
  • “GPS-Gating” means determining physical presence at an Event by location data.
  • “Exclusive Window” means the timeframe around an Event when only Attendees can post.

2. Information We Collect

We collect various types of information in connection with your use of the Platform:

  • Account Information: Name, email address, phone number, username, password.
  • Profile Data: Profile photo, biography, social links.
  • Event Data: Events you create, host, or attend, including title, time, location, banner images.
  • Location Data: Real-time GPS coordinates for map features and GPS-Gating.
  • Content You Provide: Photos, videos, comments, messages.
  • Usage Data: IP address, device type, operating system, browser type, session logs, pages visited, actions taken.
  • Cookies & Tracking: Cookies, web beacons, analytics identifiers.
  • Payment Information: Billing address, transaction history (collected via third-party payment processors).

3. How We Use Your Information

We process your information for purposes including:

PurposeLegal Basis
To provide and maintain the PlatformContractual Necessity
To manage your account and verify identityContractual Necessity
To enable event creation, discovery, and attendanceLegitimate Interests
To enforce our Terms of ServiceLegal Obligation
To personalize and improve user experienceLegitimate Interests
To communicate updates, promotions, and supportConsent / Legitimate Interests

4. Cookies & Tracking Technologies

We and our service providers use cookies, web beacons, and similar technologies to collect usage information and support functions such as session management, analytics, and advertising.

  • Essential Cookies: Required for core functionality.
  • Performance Cookies: Collect anonymous usage data to help us improve.
  • Functionality Cookies: Remember preferences (e.g., language).
  • Advertising Cookies: Deliver personalized ads via third parties.

5. Sharing of Information

We may share your information in the following circumstances:

  • Service Providers: Third parties who perform services (hosting, analytics, payments).
  • Event Attendees: Content and profile info you choose to share publicly in Event stories.
  • Legal Requirements: To comply with laws, court orders, or government requests.
  • Business Transfers: In connection with mergers, acquisitions, or asset sales.

6. Third-Party Services & SDKs

We integrate with third-party providers (e.g., Google Maps, Stripe, Mixpanel). Your use of those services is subject to their privacy policies. We do not control their practices.

7. Data Security

We implement administrative, technical, and physical safeguards to protect your information. However, no system is 100% secure. You use the Platform at your own risk.

8. Data Retention

We retain your information only as long as necessary to fulfill the purposes described in this policy or as required by law.

  • User account data: retained until account deletion + 30 days.
  • Event logs & GPS data: retained 2 years for troubleshooting and compliance.
  • Analytics data: aggregated and stored indefinitely in anonymized form.

9. Children’s Privacy

The Platform is not intended for children under 13. We do not knowingly collect Personal Data from children under 13. If you believe we have inadvertently done so, please contact us and we will delete the data.

10. International Data Transfers

Your information may be stored and processed in Australia or any country where our service providers operate. By using the Platform, you consent to the transfer of your information to countries outside your own.

11. Your Privacy Rights

Depending on your jurisdiction, you may have rights to:

  • Access, correct, or delete your Personal Data.
  • Restrict or object to our processing.
  • Withdraw consent where applicable.
  • Receive a portable copy of your data.

To exercise your rights, contact us at privacy@spott.app. We will respond within applicable legal timeframes.

12. Changes to This Policy

We may update this policy periodically. We will notify you of material changes via email or in-app notification. Continued use signifies acceptance of the revised policy.

13. Contact Us

For questions or concerns about this policy, please contact our Data Protection Officer at dpo@spott.app.

Appendix A: Glossary

  • GPS-Gating: Verifies presence at an Event via GPS.
  • Exclusive Window: 30 min before to 1 h after Event when only Attendees can post.

Appendix B: Changelog

July 8, 2025: Initial release of Spott Privacy Policy.

Future updates will be documented here.