Privacy Policy

Last Updated: October 21, 2025

Effective Date: October 21, 2025

IMPORTANT NOTICE: This Privacy Policy describes how we collect, use, disclose, and protect information in connection with the Ping&Wink mobile application. By accessing or using the Service, you consent to the data practices described in this policy. If you do not agree with this Privacy Policy, you must immediately discontinue use of the Service.

1. Introduction and Scope

This Privacy Policy ("Policy") governs the collection, use, storage, and disclosure of information by the operator of Ping&Wink ("we," "us," "our," "Service," "Application") in connection with your use of the mobile application and related services.

This Policy should be read in conjunction with our Terms of Service, available at https://pingandwink.com/terms.html, which is incorporated herein by reference.

Jurisdictional Note: This Service is operated from France and subject to French and European Union data protection laws, including the General Data Protection Regulation (GDPR). For users outside the European Economic Area, different data protection standards may apply in your jurisdiction.

1.1 Apple App Store Compliance Statement

App Store Privacy Requirements: This Privacy Policy has been prepared in compliance with Apple App Store Review Guidelines, including but not limited to:

Guideline 5.1.1 (Data Collection and Storage) - Minimum necessary data collection
Guideline 5.1.2 (Data Use and Sharing) - Transparent data practices
Guideline 2.5.14 (Apps must request explicit user consent for data collection)

This Service collects only data strictly necessary for core functionality: device identifiers for session management, approximate location for proximity-based features, and birth year for age verification. We do not engage in data sale, do not serve third-party advertisements, and implement automatic data deletion to minimize retention.

2. Age Requirement and Eligibility

ADULT-ONLY SERVICE (18+ STRICT REQUIREMENT): This Service is exclusively for individuals who are at least 18 years of age or the age of majority in their jurisdiction, whichever is higher. Users under 18 are strictly prohibited under any circumstances. By accessing this Service, you represent, warrant, and covenant that you meet this age requirement.

Age Verification: During initial setup, the Service requires users to provide their birth year. While we implement this verification mechanism as a technical measure, we make no representations or warranties regarding:

The accuracy of user-provided age information
Our ability to detect false or misleading age declarations
The effectiveness of age verification in preventing underage access

Underage Use Discovery: If we discover or have reason to believe that a user is under 18 years of age, we reserve the right to immediately terminate access and delete associated data. However, we assume no liability for underage users who circumvent age verification or provide false information.

3. Information We Collect

3.1 Information You Provide Directly

The Service is designed to minimize personal information collection. Information you provide includes:

Data Type	Purpose	Retention Period
Birth Year	Age verification and compliance	Until account deletion
Emotional State Selection	Display on map, enable connections	24 hours (automatic deletion)
Chat Messages	Enable communication during Spark sessions	9 minutes maximum (automatic deletion)

3.2 Information Collected Automatically

The Service automatically collects certain technical information necessary for functionality:

Data Type	Purpose	Retention Period
Device Identifier (UUID)	Anonymous user identification, session management	Until account deletion
Location Data	Map display, proximity-based matching	24 hours (overwritten with new data or deleted)
Usage Analytics	Service improvement, feature development	Anonymized aggregated data: indefinite
Push Notification Token	Delivery of connection notifications	Until notification opt-out or account deletion

3.3 Information We Do NOT Collect

The following information is not collected or stored by the Service:

Real names or legal names
Email addresses (except when voluntarily provided for support inquiries)
Phone numbers
Photographs, images, or videos
Social media profiles or identifiers
Payment or financial information
Device contacts or address book
Precise GPS coordinates (location is intentionally imprecise)

4. How We Use Your Information

We process collected information for the following purposes, based on necessity for service provision and legitimate business interests:

4.1 Core Service Functionality

Display anonymized emotional states on the interactive map interface
Enable proximity-based user connections and interactions
Facilitate time-limited anonymous chat sessions
Implement location-based features and geographic filtering

4.2 Safety and Compliance

Enforce age requirements and service eligibility
Process user reports and implement temporary restrictions
Detect and prevent abuse, fraud, or violations of Terms of Service
Comply with legal obligations and respond to law enforcement requests

4.3 Service Improvement and Analytics

Analyze anonymized usage patterns to improve service functionality
Monitor service performance and identify technical issues
Develop new features based on user behavior analytics
Generate anonymized statistical reports

4.4 Communications

Deliver push notifications regarding incoming connection requests (if enabled)
Send service-related announcements and updates
Respond to support inquiries (when you contact us directly)

Processing Limitation Disclaimer: While we describe intended uses above, we make no warranty that information will be used exclusively for these purposes or that unauthorized access, use, or disclosure will not occur. Data security is inherently subject to limitations described in Section 9.

5. Data Retention and Automatic Deletion

The Service is designed with privacy-by-default through automatic data expiration:

5.1 Automatic Expiration Schedule

Data Category	Retention Period	Deletion Method
Emotional state posts ("vibes")	24 hours	Automatic permanent deletion
Chat messages	9 minutes maximum	Automatic permanent deletion
Connection requests ("pings")	60 seconds	Automatic expiration if not accepted
Active location data	24 hours	Overwritten by new data or deleted

5.2 User-Initiated Deletion

Users may request complete account deletion through:

In-Application: Settings menu → Account Management → Delete Account
Email Request: Send deletion request to hello@pingandwink.com with device identifier

Upon deletion request, the following data is permanently removed:

Device identifier and associated profile
Birth year information
Any active emotional state posts
Pending connection requests
Push notification tokens

Deletion Exceptions: The following data may be retained after account deletion:

Anonymized aggregated analytics data (non-identifiable)
Data required for legal compliance or pending legal matters
Backup copies (deleted within 90 days)
Information in law enforcement custody or subject to legal hold

Deletion Disclaimer: While we make commercially reasonable efforts to delete data as described, we cannot guarantee complete or immediate deletion from all systems, backups, or third-party services. Deleted data may persist in backups for up to 90 days or longer if required by law.

5.3 Data Retention Justification (GDPR Article 5 Compliance)

The Service implements the following retention periods based on legitimate operational requirements and user experience necessities:

24-Hour Vibe Retention - Business Justification:

Global Time Zone Coverage: 24-hour retention ensures users across all time zones have equal opportunity to discover and connect with emotional states posted throughout a complete daily cycle
Network Effect Threshold: Longer retention period maintains minimum viable user density on the map necessary for service functionality, particularly in lower-population areas or during off-peak hours
User Experience Continuity: Full daily retention allows users to observe emotional patterns and rhythms within their geographic community, which is core to the service value proposition
Technical Infrastructure: 24-hour cycle aligns with standard database cleanup operations and backup schedules, enabling efficient automated data management

9-Minute Chat Retention - Rationale:

Sufficient time for meaningful anonymous conversation while maintaining ephemeral nature
Minimizes data exposure window while allowing natural conversation flow
Balances user experience with privacy-by-design principles

Storage Limitation Principle (GDPR Article 5(1)(e)): We affirm that personal data is retained only for the minimum period necessary to fulfill the stated purposes. The retention periods above represent the maximum necessary duration and are not extended beyond these limits.

6. Data Sharing and Disclosure

6.1 Information Visible to Other Users

By design, the following information is visible to other Service users:

Your selected emotional state (emoji/icon)
Your approximate location (intentionally imprecise, randomized)
Your chosen chat alias during active Spark sessions
Messages sent during chat sessions (visible only to chat partner)

Visibility Limitation: We implement technical measures to limit information visibility, but we make no warranty that determined users cannot infer additional information through patterns, timing, or other means.

6.2 Third-Party Service Providers

We engage third-party service providers to support Service operations. These providers have limited access to user information as necessary for their functions:

Service Provider	Purpose	Data Access
Supabase	Database and backend infrastructure	Device IDs, location data, messages, birth year
Mapbox	Map display and geolocation services	Location coordinates (anonymized usage)
OneSignal	Push notification delivery	Device tokens, notification preferences
Amplitude	Analytics and service improvement	Anonymized usage statistics

These third-party providers maintain their own privacy policies. We encourage you to review their policies, though we make no representations regarding their data practices or compliance.

6.3 Legal Compliance and Safety

We may disclose user information without notice or consent when we believe in good faith that disclosure is:

Required by applicable law, regulation, legal process, or governmental request
Necessary to enforce our Terms of Service or investigate potential violations
Necessary to detect, prevent, or address fraud, security, or technical issues
Required to protect the rights, property, or safety of our users or the public as required or permitted by law

Law Enforcement Cooperation: We cooperate with law enforcement authorities when presented with valid legal process. We may disclose user information, including location data, chat logs (if not yet expired), and device identifiers in response to lawful requests. We provide no advance notice to users when legally prohibited from doing so.

6.4 Business Transfers

In the event of a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding involving the Service, user information may be transferred or sold as part of business assets. You acknowledge and consent to such transfers.

6.5 What We Do NOT Do

We do not engage in the following practices:

Sell personal information to third parties for monetary consideration
Share personal information with advertisers or marketing companies
Use personal information for direct marketing purposes
Create user profiles for third-party targeting or advertising

7. Location Information

7.1 Location Data Collection

Location data is essential for core Service functionality. The Service collects location information:

Collection Timing: Only when the Application is open and actively in use (foreground access only)
Precision Level: Approximate location with intentional imprecision and randomization
Soft Location Mode: Optional feature adding ±80-120 meter randomization for additional privacy
Storage Duration: Location data is temporary, overwritten with new data, and automatically deleted after 24 hours

7.2 Location Privacy Controls

Users may control location access through:

Device-level location permissions (can be revoked at any time)
In-app soft location mode (reduces precision to ±80-120 meters)
Account deletion (removes all location data)

Location Privacy Disclaimer: While we implement technical measures to protect location privacy, no system is perfect. Determined users or sophisticated attackers may be able to infer location information through patterns, timing analysis, or other means. Location randomization is a privacy enhancement, not a security guarantee. You assume all risks associated with location disclosure.

8. International Data Transfers

The Service is operated from France. User information may be transferred to, stored in, and processed in France, other European Union member states, or other countries where our service providers maintain facilities.

Cross-Border Transfer Implications:

Countries outside your residence may have different data protection standards
Your information may be subject to access by law enforcement in those jurisdictions
Data protection rights may differ based on jurisdiction

For European Economic Area users, we ensure that third-party service providers located outside the EEA maintain adequate data protection safeguards through standard contractual clauses or other approved mechanisms.

9. Data Security

SECURITY DISCLAIMER: While we implement commercially reasonable security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your information.

9.1 Security Measures Implemented

We employ the following technical and organizational security measures:

Encryption in Transit: Data transmitted between your device and our servers is encrypted using TLS/SSL protocols
Anonymous Identifiers: Use of device-generated UUIDs rather than personal identifiers
Access Controls: Limited personnel access to backend systems, enforced through authentication
Automatic Expiration: Minimal data retention through automatic deletion of most content
Infrastructure Security: Use of enterprise-grade cloud service providers with security certifications

9.2 Security Limitations

You acknowledge and accept the following security limitations:

We do not control security of data in transit over networks we do not control
We cannot prevent unauthorized access to user devices or accounts due to user security failures
Third-party service providers maintain their own security practices outside our control
Data breaches may occur despite reasonable security measures
We may be unable to detect or prevent all unauthorized access attempts

9.3 User Security Responsibilities

You are responsible for:

Maintaining the security of your device and preventing unauthorized access
Using secure networks when accessing the Service
Not sharing your device with unauthorized individuals
Promptly reporting suspected security incidents to hello@pingandwink.com

9.4 Data Breach Notification

In the event of a data breach affecting personal information, we will:

Assess the nature and scope of the breach
Notify affected users via in-app notification or other available means
Comply with applicable data breach notification laws
Take reasonable steps to mitigate harm and prevent recurrence

However, we make no guarantee regarding the timing or content of breach notifications, which are subject to legal requirements and operational constraints.

10. Your Privacy Rights

10.1 Rights for All Users

Regardless of location, you have the following rights:

Right to Access: Request information about what data we hold
Right to Delete: Request deletion of your account and associated data
Right to Opt-Out: Disable location services or push notifications
Right to Withdraw Consent: Stop using the Service at any time

10.2 European Economic Area User Rights (GDPR)

If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation:

Right to Rectification: Correct inaccurate personal data (limited applicability due to minimal data collection)
Right to Restriction of Processing: Request limitation on how we process your data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests
Right to Lodge a Complaint: File complaints with your local data protection authority
Right to Withdraw Consent: Withdraw consent at any time without affecting lawfulness of prior processing

10.3 California Privacy Rights (CCPA/CPRA)

California residents have the following rights under the California Consumer Privacy Act:

Right to know what personal information is collected, used, shared, or sold
Right to request deletion of personal information
Right to opt-out of the sale of personal information (note: we do not sell personal information)
Right to non-discrimination for exercising CCPA rights

10.4 Exercising Your Rights

To exercise any privacy rights, contact us at:

Email: hello@pingandwink.com or pingandwink@gmail.com
Subject Line: "Privacy Rights Request"
Required Information: Device identifier (found in app settings), description of request

We will respond to verified requests within:

30 days for GDPR requests (extendable to 60 days for complex requests)
45 days for CCPA requests (extendable to 90 days for complex requests)
Reasonable timeframes for other requests based on legal requirements and operational capacity

Rights Exercise Disclaimer: While we will make commercially reasonable efforts to honor privacy rights requests, we make no warranty regarding response times or outcomes. Requests may be denied if legally permissible, technically infeasible, or if they would compromise others' privacy or security.

11. Push Notifications

If you enable push notifications:

We will send notifications regarding incoming connection requests
Notifications contain minimal information (no personal data disclosed)
You may disable notifications at any time through device settings or in-app preferences
Push notification tokens are stored by OneSignal and deleted upon opt-out or account deletion
We are not responsible for notification delivery failures or delays

12. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time, at our sole discretion. Changes become effective upon:

Posting the updated Policy at https://pingandwink.com/privacy.html
Updating the "Last Updated" date at the beginning of this Policy
Providing in-app notification of material changes (at our discretion)

Your Responsibility: It is your responsibility to review this Policy periodically. Continued use of the Service following changes constitutes acceptance of the modified Policy.

For material changes that significantly affect your rights, we will make reasonable efforts to provide advance notice through in-app notifications or other available means.

13. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process personal data based on the following legal grounds:

Processing Activity	Legal Basis
Core service functionality (map, chat, connections)	Performance of contract / Consent
Age verification and eligibility enforcement	Legal obligation / Legitimate interests
Safety features and content moderation	Legitimate interests (user safety)
Service improvement and analytics	Legitimate interests (service optimization)
Legal compliance and law enforcement requests	Legal obligation
Push notifications	Consent (can be withdrawn anytime)

14. Contact Information and Data Controller

Data Controller: Ping&Wink, operated as an independent service under French law

Primary Contact: hello@pingandwink.com

Alternative Contact: pingandwink@gmail.com

Website: https://pingandwink.com

Privacy Inquiries: privacy@pingandwink.com (monitored periodically)

Response Times: We aim to respond to privacy inquiries within 48-72 business hours. However, response times are not guaranteed and may be longer during periods of high volume, technical issues, or operational constraints. For urgent matters, clearly mark your communication as "URGENT" in the subject line.

EU Representative: As we are established in the EU (France), no separate EU representative is required under GDPR Article 27.

14.1 EU Representation and Data Protection Officer

Establishment in EU: As this Service is operated from France, we are established within the European Economic Area and directly subject to GDPR without need for Article 27 representation.

Data Protection Contact: For GDPR-specific inquiries, data subject rights requests, or data protection concerns, contact:

Email: privacy@pingandwink.com
Subject Line: "GDPR Data Subject Request" or "Data Protection Inquiry"
Response Timeline: Within 30 days as required by GDPR Article 12(3), extendable to 60 days for complex requests

Supervisory Authority: French data protection authority (CNIL - Commission Nationale de l'Informatique et des Libertés). Users may lodge complaints at: www.cnil.fr

15. Dispute Resolution

Privacy-related disputes are subject to the dispute resolution provisions in our Terms of Service, including binding arbitration and class action waiver clauses. You agree that privacy disputes shall be resolved through individual arbitration rather than court proceedings or class actions.

EEA Users: This arbitration clause does not affect your right to lodge a complaint with a data protection authority in your jurisdiction.

16. Final Disclaimers and Acknowledgments

BY USING THIS SERVICE, YOU ACKNOWLEDGE AND AGREE THAT:

You have read and understood this Privacy Policy in its entirety
You consent to the collection, use, and disclosure of information as described herein
You understand that no data transmission or storage method is completely secure
You accept that we cannot guarantee the privacy or security of your information
You assume all risks associated with disclosure of information through the Service
You understand that our liability for privacy breaches is limited as described in our Terms of Service
You acknowledge that this is a small, independently operated service with limited resources for data protection compliance

Honesty Disclaimer: This Service is operated by a single individual, not a large corporation with dedicated privacy teams. While we make reasonable efforts to protect privacy and comply with applicable laws, our resources are limited. We provide this Service "as is" with respect to privacy and security. Users who require enterprise-grade data protection should not use this Service.