Privacy Policy

Section 01

Introduction

Welcome to dscvr ("dscvr," "we," "our," or "us"). dscvr is a location-based video discovery platform that helps you find, explore, and share real places in your city through short-form video content. We believe the best way to discover somewhere new is through the eyes of someone who's actually been there.

This Privacy Policy describes how we collect, use, store, and share information when you use the dscvr mobile application and any related services (collectively, the "Service"). It also explains your rights and choices regarding your personal information.

By using dscvr, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

This policy is designed to comply with applicable privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the General Data Protection Regulation (GDPR) for users in the European Economic Area and United Kingdom, and Apple App Store privacy guidelines.

Section 02

Information We Collect

We only collect the information necessary to operate the Service. The table below reflects our Apple App Store privacy nutrition label and describes all categories of data we collect, whether that data is linked to your identity, and why.

Data Linked to Your Identity

The following categories of data are collected and associated with your dscvr account:

Category	Data Type	Purpose
Contact Info	Name	Your display name on your profile
Contact Info	Email Address	Account creation, authentication, and communication
Identifiers	User ID	Uniquely identifies your account within our systems
User Content	Photos & Videos	Videos and images you upload to the platform
User Content	Reviews, Captions, Text	Written content you create and post
Usage Data	Product Interaction	Video views, taps, searches, and engagement signals used to personalize your feed

Data Collected but Not Linked to Your Identity

The following categories of data may be collected but are not associated with your personal account or identity:

Category	Data Type	Purpose
Location	Precise Location	Showing nearby venues and powering map features (only when permission granted)
Diagnostics	Crash Data	Identifying and fixing technical issues in the app
Diagnostics	Performance Data	Monitoring app speed and stability

✅

What we do NOT collect

We do not collect phone numbers, contacts, financial or payment data, health or fitness data, browsing history, search history, or any advertising identifiers (such as Apple's IDFA). We do not use device fingerprinting or any cross-app tracking technology.

Information You Provide Directly

When you create an account, we collect your name and email address. When you use the app, you may also voluntarily provide content such as videos, captions, and reviews. We only collect this information when you actively provide it.

Information Collected Automatically

When you use the Service, we automatically collect certain usage data — such as which videos you watch, locations you search, and features you interact with. This data helps us personalize your experience. Diagnostic data such as crash reports is collected automatically and is used solely to improve the stability of the app.

Section 03

How We Use Information

We use the information we collect solely to operate, improve, and personalize the dscvr Service. Below are the specific purposes for which we process your data:

App Functionality

Creating and managing your dscvr account and user profile
Authenticating your identity when you sign in
Enabling you to post videos, write reviews, and add captions
Saving your interactions within the app (e.g., saved places)
Providing location-based discovery features, including the map and nearby venue feed
Displaying your content to other users of the platform

Product Personalization

Recommending locations, venues, and videos relevant to your interests and location
Learning from your in-app behavior (views, searches, engagement) to improve the relevance of your feed over time

Analytics and Product Improvement

Understanding how users navigate and use features across the app
Identifying which features are most useful and which need improvement
Diagnosing crashes and technical issues to improve stability

Communications

Sending transactional emails related to your account (e.g., password resets, account verification)
Notifying you of important updates to this Privacy Policy or our Terms of Service

🔒

We never use your data for advertising

Your data is never used to serve you targeted advertisements, build advertising profiles, or shared with any advertising network or data broker.

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases:

Contract performance: Processing necessary to provide the Service you have signed up for
Legitimate interests: Analytics, product improvement, and security operations where these interests are not overridden by your rights
Consent: Access to precise location data, which requires your explicit permission at the operating system level
Legal obligation: Where we are required to process or retain data by applicable law

Section 04

Information Sharing

We do not sell, rent, or trade your personal information. We share information only in the limited circumstances described below.

Service Providers (Data Processors)

We work with a small number of trusted third-party service providers to operate the Service. These providers process data strictly on our behalf, under our instructions, and are bound by contractual data protection obligations. They may not use your data for their own purposes.

Service Provider	Purpose	Data Processed
Firebase Authentication (Google)	Secure user authentication and account management	Email address, User ID
Firebase Analytics (Google)	Understanding app usage and feature engagement	Usage data, anonymized product interaction
Firebase / Google Cloud Services	Cloud hosting, storage, and backend infrastructure	User content, account data
Google Places API	Venue data and location search functionality	Location queries (not linked to your identity)
Cloud Infrastructure Providers	Secure hosting and delivery of the app and its content	Application data generally

Public Content

Videos, reviews, captions, and other content you post on dscvr are visible to other users of the platform by design. Your username and profile name will be displayed alongside your content. Please be mindful of what personal information you choose to include in your posts.

Legal Requirements

We may disclose your information if we believe in good faith that such disclosure is necessary to: (a) comply with a legal obligation, court order, or valid legal process; (b) protect the rights, property, or safety of dscvr, our users, or the public; or (c) detect, prevent, or address fraud, security, or technical issues.

Business Transfers

If dscvr is involved in a merger, acquisition, financing, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice in the app before your information is transferred and becomes subject to a different privacy policy.

🚫

What we never do

We do not sell personal data, share it with advertising networks, use data brokers, or enable cross-app tracking. California residents: this means we do not engage in a "sale" or "sharing" of personal information as defined under the CCPA/CPRA.

Section 05

Data Storage and Security

We take the security of your information seriously and implement industry-standard technical and organizational measures designed to protect your personal data from unauthorized access, alteration, disclosure, or destruction.

Security Measures We Employ

Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security)
Encryption at rest: Sensitive data stored in our cloud infrastructure is encrypted at rest
Secure cloud infrastructure: We use Google Cloud / Firebase infrastructure, which maintains SOC 2, ISO 27001, and other industry certifications
Access controls: Access to personal data is restricted to authorized personnel on a need-to-know basis
Authentication security: Account access is protected via Firebase Authentication, which supports secure token-based authentication
Regular monitoring: We monitor for suspicious activity and technical vulnerabilities

ℹ️

No system is 100% secure

While we work hard to protect your information, no security system is impenetrable. If you believe your account has been compromised, please contact us immediately at privacy@dscvr.app.

Where Your Data Is Stored

Your data is stored on servers located in the United States, operated by Google Cloud infrastructure. If you are located outside the United States, your information will be transferred to and processed in the United States. See Section 12 (International Users) for more details.

Section 06

Location Information

Location is central to what dscvr does — helping you discover great places nearby. We handle location data carefully and only for the direct benefit of your in-app experience.

How We Use Location

Showing you a map and feed of venues and experiences near your current location
Powering location-based search and discovery features
Personalizing content recommendations based on where you are or places you've explored

Your Control Over Location

Precise location access requires your explicit permission through your device's operating system. You can grant or revoke this permission at any time through your iOS or Android device settings. If you deny location access, certain features (such as the nearby map and local discovery feed) will not function, but you can still use other parts of the app.

📍

Location is never sold or used for advertising

Your precise location data is used only to provide the core features of the Service. It is not stored long-term against your profile, shared with advertisers, sold to data brokers, or used for any tracking purpose outside the app.

Location and Apple App Tracking Transparency

dscvr does not use Apple's Advertising Identifier (IDFA) and does not request App Tracking Transparency (ATT) permission. We do not track users across third-party apps or websites.

Section 07

User Generated Content

dscvr is a platform built around content created by real people about real places. When you use the Service, you may post videos, photos, captions, reviews, and other content.

Public Visibility

Content you upload to dscvr — including videos, captions, and reviews — is visible to other users of the platform. Your display name will appear alongside your content. By posting content, you understand and accept that it may be viewed by any user of the Service.

You Control What You Share

You decide what content to post on dscvr. We encourage you to be thoughtful about what personal information you include in your videos, captions, and reviews. Avoid posting content that reveals sensitive personal details about yourself or others without their consent.

⚠️

Think before you post

Once content is visible on the platform, other users may have seen or saved it. While you can delete your content at any time, we cannot guarantee that copies have not been made by others.

Content Deletion

You can delete your own videos, reviews, and captions at any time through the app. Upon deletion, your content will be removed from the platform. Residual copies may remain in our backup systems for a limited period, consistent with our data retention practices described in Section 10.

Content Moderation

We reserve the right to remove content that violates our Terms of Service, including content that is illegal, harmful, or infringes the rights of others. We may retain copies of removed content for a limited period for safety and legal compliance purposes.

Section 08

Analytics and Diagnostics

Firebase Analytics

We use Firebase Analytics, provided by Google, to understand how users interact with the app. This helps us identify which features are working well, where users encounter friction, and how to prioritize improvements. Firebase Analytics collects anonymized product interaction data (such as screen views, feature usage, and session duration). This data is not linked to your identity for analytics purposes.

Firebase Analytics does not use advertising identifiers on dscvr. You can learn more about Google's data practices at policies.google.com/privacy.

Crash Reporting and Performance Monitoring

We use Firebase Crashlytics and Firebase Performance Monitoring to automatically detect crashes, exceptions, and performance issues within the app. This data includes information about your device model, operating system version, and the state of the app at the time of the crash. This data is used exclusively to identify and fix bugs and is not linked to your account identity.

📊

Analytics is for product improvement only

We do not use analytics data to build advertising profiles, share insights with advertisers, or sell usage data to any third party. Analytics data is used solely to make dscvr a better product.

Section 09

User Rights and Choices

Depending on where you live, you may have specific legal rights regarding your personal data. We honor these rights for all users, regardless of location.

👁️ Right to Access You can request a copy of the personal information we hold about you.

✏️ Right to Correction You can update your name and email directly in your account settings, or request a correction.

🗑️ Right to Deletion You can request deletion of your account and all associated personal data. We will action this within 30 days.

📦 Right to Data Portability You can request a copy of your data in a portable, machine-readable format.

🛑 Right to Restrict Processing In certain circumstances, you can ask us to stop processing your data while a dispute is resolved.

🏳️ Right to Object You may object to processing based on legitimate interests, including personalization.

How to Exercise Your Rights

To exercise any of the rights above, contact us at privacy@dscvr.app. We will respond to your request within 30 days (or within the timeframe required by applicable law). We may need to verify your identity before processing your request.

California Residents — CCPA / CPRA

California residents have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

Right to Know: You have the right to know what personal information we collect, use, disclose, and sell (we do not sell)
Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions
Right to Correct: You have the right to request correction of inaccurate personal information
Right to Opt-Out of Sale/Sharing: We do not sell or share personal information as defined under CCPA/CPRA, so no opt-out is required. We will never sell your personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
Right to Limit Sensitive Data Use: We do not collect sensitive personal information beyond what is necessary to provide the Service

To submit a California rights request, contact us at privacy@dscvr.app with the subject line "California Privacy Rights Request."

EEA and UK Residents — GDPR

If you are located in the European Economic Area or United Kingdom, you have rights under the General Data Protection Regulation (GDPR) or UK GDPR, including the rights listed above. You also have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not handled your data in accordance with applicable law.

Location and Notifications

You can manage location access and push notification permissions at any time through your device's system settings (Settings → dscvr on iOS, or App Settings on Android).

Section 10

Data Retention

We retain your personal information only for as long as necessary to provide the Service, fulfill the purposes described in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements.

Account Data

Your account data (name, email, User ID, profile information) is retained for as long as your account is active. When you delete your account, we will delete or anonymize this data within 30 days, except where we are required to retain it for legal, regulatory, or fraud-prevention purposes.

User Content

Videos, reviews, and captions you post are deleted from the platform when you remove them or when your account is deleted. Residual copies in backup systems are purged within 90 days of deletion.

Diagnostic Data

Crash and performance data is retained for up to 90 days and is then automatically purged or anonymized. This data is not linked to your personal identity and is used solely to improve the stability of the app.

Analytics Data

Anonymized usage analytics are retained for up to 14 months per Google / Firebase's default retention settings, after which they are aggregated or deleted.

Account Deletion

You may request deletion of your account and personal data at any time by contacting us at privacy@dscvr.app or using the account deletion option in the app settings. Upon verification of your request, we will process the deletion within 30 days.

Section 11

Children's Privacy

dscvr is not directed to, and is not intended for use by, children under the age of 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and you believe your child has provided us with personal information without your consent, please contact us immediately at privacy@dscvr.app. If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to delete that information promptly.

For users in the European Economic Area, we do not knowingly collect data from users under the age of 16 without verifiable parental consent, in accordance with applicable GDPR requirements.

👶

Age requirement

By using dscvr, you represent that you are at least 13 years of age. Users between 13 and 17 should have a parent or guardian review this Privacy Policy.

Section 12

International Users

dscvr is operated from the United States. If you access the Service from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States, where privacy laws may differ from those in your country.

European Economic Area and United Kingdom

If you are located in the EEA or UK, the transfer of your personal data to the United States is made under appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission, to ensure an adequate level of protection for your personal data consistent with GDPR requirements.

Other International Transfers

For users outside the EEA and UK, by using dscvr and providing us with your information, you consent to the transfer, processing, and storage of your data in the United States as described in this Privacy Policy.

If you have questions about international data transfers, please contact us at privacy@dscvr.app.

Section 13

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will notify you in one or more of the following ways:

Posting a prominent notice within the dscvr app
Sending an email to the address associated with your account
Updating the "Last Updated" date at the bottom of this page

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of the Service after we post changes constitutes your acceptance of the updated policy.

If we make changes that materially reduce your privacy rights, we will provide at least 30 days' notice before the changes take effect, to give you the opportunity to review the updated policy and make an informed decision about continuing to use the Service.

Section 14

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, we want to hear from you. Privacy is important to us and we are committed to responding promptly and transparently.

✉️

Privacy Team — dscvr

We aim to respond to all privacy inquiries within 5 business days, and will resolve all requests within 30 days as required by law.

privacy@dscvr.app

When contacting us, please include your name, the email address associated with your account, and a clear description of your request or concern. For account deletion or data access requests, we may ask you to verify your identity before we process the request.

EEA / UK Representative

If you are located in the European Economic Area or United Kingdom and have a privacy concern that we have not resolved to your satisfaction, you have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO). In the EU, please contact your country's supervisory authority.