Huddle

1. Introduction

Welcome to Huddle. This Privacy Policy explains how Compass Technologies Limited ("we", "us", or "Company") collects, uses, and protects your personal information when you use the Huddle mobile application ("App") and visit our website ("Website").

By using Huddle, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

In the App:

• Phone Number: Required for account creation and authentication via SMS one-time password (OTP)
• Profile Information: Name, display name, profile photo (optional)
• Event Data: Event details, dates, locations, menus, expenses, messages, photos, and other content you create or upload
• Preferences: Dietary restrictions, allergens, and other personal preferences you choose to share

On the Website:

• Email Address: Collected when you sign up for beta access or submit a contact form
• Name: Collected via contact form submissions
• Message Content: Any information you provide in contact form messages

Important: The Huddle app does not use email for authentication or notifications. Email addresses are only collected through our website forms for beta program communication and customer support purposes.

2.2 Information Collected Automatically

• Device Information: Device type, operating system, unique device identifiers
• Usage Data: How you interact with the App, features used, time spent, screens viewed
• Log Data: IP address, timestamps, crash reports, error logs

2.3 Information from Third Parties

• Apple/Google: Payment transaction data when you purchase premium features

3. How We Use Your Information

We use your information to:

• Provide the Service: Create and manage your account, enable event coordination, facilitate group communication
• Authenticate: Verify your identity via SMS OTP
• Process Payments: Handle premium feature purchases (via Apple/Google)
• Communicate with You: Send push notifications about event updates, respond to support requests, send beta program updates (via email for beta participants only)
• Improve the App: Analyze usage patterns to improve features and user experience
• Ensure Security: Detect and prevent fraud, abuse, and security issues
• Comply with Legal Obligations: Respond to legal requests and enforce our Terms of Service

4. How We Share Your Information

4.1 With Other Users

• Event Members: Your profile information, event contributions, and messages are visible to other members of events you join
• Organizers: Event organizers can see additional information such as your dietary restrictions and preferences if you choose to share them

4.2 With Third-Party Service Providers

We share information with trusted partners who help us operate the App:

• Twilio: For SMS authentication (phone number, verification codes)
• Supabase: For secure cloud data storage (all event data, profiles, messages)
• PostHog: For app usage analytics and feature usage tracking (anonymous usage data)
• Apple/Google: For in-app purchase processing

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

4.3 For Legal Reasons

We may disclose your information if required by law or in response to:

• Court orders, subpoenas, or legal processes
• Government or regulatory requests
• Protecting our rights, property, or safety, or that of our users

4.4 Business Transfers

If Compass Technologies Limited is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Retention

• Active Accounts: We retain your data as long as your account is active
• Deleted Accounts: When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law
• Event Data: When you leave or delete an event, your contributions may remain visible to other event members, but your personal profile will be anonymized
• Backups: Deleted data may persist in backups for up to 90 days
• Beta/Contact Emails: Email addresses collected through website forms are retained until you request deletion or unsubscribe

6. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal exceptions)
• Portability: Request a copy of your data in a portable format
• Objection: Object to certain types of data processing
• Withdraw Consent: Withdraw consent for data processing where consent was the legal basis

To exercise these rights, contact us at support@gethuddleapp.com.

7. Security

We take data security seriously and implement industry-standard measures to protect your information:

• Encryption: Data is encrypted in transit (TLS/SSL) and at rest
• Access Controls: Limited access to personal data on a need-to-know basis
• Infrastructure: SOC 2 Type II compliant infrastructure through Supabase
• Authentication: Secure phone-based OTP authentication

While we strive to protect your data, no method of transmission or storage is 100% secure. You use the App at your own risk.

8. Children's Privacy

Huddle is not intended for users under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

If you believe a child under 16 has provided us with personal information, please contact us at support@gethuddleapp.com.

9. International Data Transfers

Huddle is operated from New Zealand. If you are accessing the App from outside New Zealand, your information may be transferred to, stored, and processed in New Zealand or other countries where our service providers operate.

By using Huddle, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

10. Cookies and Tracking Technologies

The Huddle app does not use cookies. However, we do use:

• PostHog Analytics: To track app usage and improve features (does not use third-party advertising cookies)
• Local Storage: To store your login session and app preferences on your device

Our website may use minimal cookies for basic functionality. We do not use advertising or tracking cookies on our website.

11. Push Notifications

Huddle may send you push notifications about:

• Event updates (new messages, votes, changes)
• Expense settlements
• Event reminders
• Important account or security alerts

You can disable push notifications at any time in your device settings. Note that the app does NOT send email notifications.

12. Third-Party Links

Huddle may contain links to third-party websites or services (such as payment apps for settling expenses). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by:

• Displaying a prominent notice in the App
• Sending you a push notification
• Posting the updated policy in the App and on our website

Your continued use of Huddle after changes become effective constitutes acceptance of the updated policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or how we handle your data, please contact us:

Compass Technologies Limited
PO Box 502
Waikato Mail Centre
Hamilton 3240
New Zealand

Email: support@gethuddleapp.com
Website: gethuddleapp.com
Contact Form: Contact Us

15. Additional Information for EEA/UK Users

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under GDPR:

15.1 Legal Basis for Processing

• Contract Performance: Processing necessary to provide the App service
• Legitimate Interests: Improving the App, security, fraud prevention
• Consent: Where you have provided explicit consent (e.g., sharing dietary preferences)
• Legal Obligation: Compliance with applicable laws

15.2 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.