Privacy Policy for Nebenchat
1. 我們的承諾
在 Nebenchat,你的隱私優先。我們讓你能自由且匿名地交流,而不必暴露個人身份。本政策說明我們蒐集哪些資料、為何蒐集、如何保護,以及你可選擇的權利。
2. What We Collect and Why
| Category | What we collect | Why we need it |
|---|---|---|
| Account & Login | Email address (sign-in only) and Firebase UID | To create, authenticate, and verify your account. |
| Profile Info | Display name, post content (up to 3 lines), chosen category | To show who you are to nearby users so they can connect. |
| Discovery Location | Blurred latitude / longitude (~100 m precision), coarse distance bucket, “last active” time | To help nearby users find you while hiding your exact coordinates. |
| Location Consent State | Whether you have published your profile and allowed Nebenchat to show you on radar | We only display nearby users who have opted in; this setting lets us hide radar until you consent. |
| Travel Mode | City / country you choose to appear in, optional coordinates you set manually | To place your profile in other cities when you activate Travel Mode. |
| Messages | Chat messages (text only) | To deliver conversations in real time; server copies are removed after 7 days. |
| Invite Links | Tokenized invite codes, redemption status, and the inviter’s UID | So you can share one-time invitations that expire after seven days and prevent misuse or duplicates. |
| Usage Data | Daily message/chat counts, cooldown timers, crash logs (aggregated) | To manage quotas, improve stability, detect abuse, and enforce limits. |
| Subscription & Payment | Purchase tokens from Apple / Google, RevenueCat entitlement status | To verify purchases, unlock premium tiers, and restore subscriptions. |
| Notifications | Firebase Cloud Messaging token, in-app notification preferences, and delivery receipts | To send push alerts or non-persistent in-app banners about unread chats, moderation actions, or safety tips. |
| Ads (Free Tier) | Anonymous device ID for non-personalized AdMob ads | To show basic ads that support our free service. |
We never collect photos, contacts, phone numbers, or precise GPS coordinates.
3. How We Store and Process Data
| Service provider | Purpose | Data location |
|---|---|---|
| Firebase (Google LLC) | Authentication, chat storage (Firestore), local caches, ads (AdMob) | Global (Google data centers) |
| Supabase | User profiles, discovery records, configuration settings, travel mode, subscriptions, audit logs | Germany (Frankfurt region) |
| RevenueCat | Manages subscription entitlements across iOS and Android | United States / EU (per RevenueCat infrastructure) |
| Apple / Google Stores | In-app purchase validation | Handled by their respective platforms |
All data is encrypted in transit (HTTPS) and at rest. We apply strict access controls so only authorized systems can read or write it.
4. Data Retention and Deletion
- Messages are automatically deleted from our servers after 7 days. Your device may keep a local copy until you delete the chat.
- Inactive profiles older than 24 hours are removed from public discovery.
- Unused invite links expire after 7 days; redeemed tokens are immediately invalidated.
- User accounts can be deleted instantly within the app.
- When you delete your account, we remove chats, profile data, blocks, favorites, subscriptions, and travel mode preferences.
- A minimal deletion log (user ID, hashed email, timestamp) is retained for audit and legal compliance.
We keep no backups of messages or profiles after deletion.
5. Your Rights
You can at any time:
- Access or update your profile information.
- Delete your account inside the app.
- Contact us at nebenchat@glasrocks.com to ask about your data or request an export.
European users have rights under GDPR to access, rectify, delete, and limit processing. California users have similar rights under the CCPA.
6. Children’s Privacy
Nebenchat is intended for adults 18 years or older. We do not knowingly collect data from children. If you believe a minor has used the app, please contact us so we can delete their account.
7. Advertising and Payments
- Free users see non-personalized AdMob ads based on context, not behavior.
- Paid users do not see ads.
- Purchases are handled securely through Apple and Google stores and synchronized via RevenueCat; we never see your card data.
8. Location Privacy
We store only a blurred approximation of your location (~100 m precision) for nearby discovery. Travel Mode entries you create are treated the same way and stored in Supabase (Germany). We do not share precise GPS coordinates with anyone, and you can disable discovery at any time inside the app.
9. Data Security
We use the following safeguards:
- HTTPS for all connections
- Server-side access rules (Firebase security rules and Supabase Row-Level Security)
- Invite-link rate limits, in-app notification throttling, and abuse detection to stop spam
- Regular security updates and monitoring
No online service can guarantee 100% security, but we work hard to keep your data safe.
10. International Data Transfers
Because Firebase and Supabase operate worldwide, your data may be processed outside your country. All providers we use comply with recognized data-transfer frameworks, such as the EU Standard Contractual Clauses or equivalent agreements.
11. Policy Updates
We may update this Privacy Policy to reflect changes in law or our service. If we make significant changes, we will notify you in-app or by email. The latest version is always available at nebenchat.app/privacy.
12. Contact Us
If you have questions or concerns about this policy or your data, reach us at:
Glasrocks Technology Co., Ltd.Email: nebenchat@glasrocks.com