Privacy Policy

Last updated: 18 March 2026

This Privacy Policy explains how SocialGryd collects, uses, stores, shares, and protects personal data when you use the SocialGryd website, mobile applications, club card, QR features, event listings, reviews, messaging features, community posts, and partner tools.

1. Who Controls Your Data

SocialGryd is operated by SocialGryd Limited, Narva mnt 5, Kesklinna linnaosa, Tallinn, Harju maakond 10117, Estonia.

Privacy contact: privacy@socialgryd.com. Safety and abuse reports: report@socialgryd.com. Legal notices and IP matters: legal@socialgryd.com.

2. The Data We Collect

Depending on how you use SocialGryd, we may collect the following categories of personal data:

• Account and profile data: your name, username, contact details you provide, profile image, profile bio, profession, city, social links, and membership status.
• Membership and payment data: subscription plan, billing status, transaction references, payment processor or app store records, club card identifiers, and perk eligibility.
• QR and redemption data: member name or display name, partner location, perk or day pass redeemed, timestamp, scan history, redemption status, fraud or misuse signals, and location-linked visit activity.
• Community content: ratings, reviews, comments, public posts, profile content, direct messages, group chats, event chats, media uploads, and other content you submit.
• Event data: event listings, RSVPs, attendance signals, ticket links, host interactions, and event-related communications.
• Partner and ambassador data: business details, venue information, event information, operational contacts, analytics, and account permissions.
• Device and usage data: IP address, approximate location, device identifiers, operating system, app version, log data, push notification tokens, crash reports, performance diagnostics, and feature usage data.
• Website and cookie data: browser data, consent preferences, and similar technologies used to operate or measure our web experiences.
• Support, report, and safety data: reports you submit, correspondence with us, moderation actions, evidence we preserve, and information related to abuse, fraud, or legal issues.

3. Where the Data Comes From

We collect data directly from you, automatically from your use of the platform, from app stores and payment providers, from partners and ambassadors, from other users who interact with you, and from reports or complaints submitted through the platform.

4. How We Use Personal Data

We use personal data to operate and improve SocialGryd, including to:

• create and manage accounts and memberships;
• display profiles, community content, reviews, ratings, posts, and event participation;
• power messaging, chats, comments, and event group features;
• verify club card status, process QR scans, redeem benefits, prevent repeat use, and investigate fraud or misuse;
• operate partner dashboards and provide partner analytics;
• process payments and subscriptions through app stores, Stripe, or other authorised providers;
• send service messages, push notifications, and safety notices;
• troubleshoot performance issues and review crash reporting;
• investigate reports, moderate content, protect users, enforce our Terms, and comply with legal obligations;
• analyse trends, measure usage, improve the service, and support internal reporting and planning.

Our legal bases generally include performance of a contract, legitimate interests, consent where required, and compliance with legal obligations.

5. Cookies, Messages, Reviews, Comments, and Reports

We may use cookies, local storage, and similar technologies on the website for security, session continuity, remembering cookie preferences, and other core functionality. These necessary technologies may be used without additional consent where permitted by law.

If we use non-essential analytics cookies, advertising pixels, marketing tags, or other optional tracking technologies, we will provide clear information about what they do and, where required by law, ask for consent before setting them.

When you choose an option in our cookie banner, we may store that choice in a cookie or similar preference mechanism so we can remember it. We may show the banner again after material updates or when needed for compliance.

• Messages, event chats, group chats, comments, public posts, reviews, and ratings are visible to recipients, participants, or other users depending on the feature.
• Other users may copy, forward, screenshot, record, or reshare content you send or publish. SocialGryd cannot control what recipients or viewers do with content once they can access it.
• If content or conduct is reported, we may review the reported content, surrounding context, metadata, and related account activity to investigate and take action.
• Partners may reply to reviews. SocialGryd may remove or restrict reviews, ratings, comments, posts, chats, or accounts where necessary for safety, legal compliance, fraud prevention, or platform integrity.

6. QR Scans, Club Card Data, and Partner Analytics

When a member uses a club card or QR-based perk, we may record the redemption and make relevant operational data available to the applicable partner location. This can include member display name, membership status, scan and redemption history linked to that location, unique and repeat visit patterns, review and event performance signals, and other partner analytics.

Standard partner flows do not provide members' precise device location or email addresses unless the member separately shares them or a separate lawful booking or event workflow requires it.

7. Who We Share Data With

We may share personal data with:

• service providers that help us host, secure, support, analyse, process payments, send notifications, or operate the platform;
• Apple, Google, Stripe, and other authorised processors or marketplaces involved in subscriptions, app distribution, crash reporting, or transaction handling;
• partners, ambassadors, or event hosts where needed to operate listings, validate memberships, process redemptions, handle events, answer disputes, or manage reviews and safety issues;
• other users where the feature by design shares your profile, content, messages, event participation, or reviews with them;
• law enforcement, regulators, courts, advisers, or other third parties where required by law or reasonably necessary to protect rights, safety, property, or the platform;
• buyers, investors, affiliates, or successor entities in connection with a merger, acquisition, financing, reorganisation, or corporate migration.

8. International Transfers

Our providers and service infrastructure may be located in countries outside Estonia, the EEA, or the UK. Where required, we use appropriate safeguards such as contractual protections, transfer assessments, or adequacy mechanisms.

9. Retention

We keep data only for as long as reasonably necessary for the purposes described above, subject to legal, accounting, fraud-prevention, and dispute-resolution needs. As a working retention framework:

• Account and profile data: for the life of the account and typically up to 24 months after deletion or closure unless longer retention is required.
• Reviews, comments, posts, listings, and event content: until deleted, moderated, or no longer needed for service operation, with backup copies that may remain for up to 90 days.
• Messages and chat content: for as long as needed to operate the feature and the relevant account relationship, with backup copies that may remain for up to 90 days.
• QR scans, redemption logs, fraud markers, and partner analytics: typically up to 36 months from collection.
• Crash reports, device diagnostics, and performance logs: typically up to 12 months.
• Support and report files: typically up to 24 months after the matter is closed.
• Payment, tax, and accounting records: for as long as required by applicable law and financial recordkeeping obligations.

10. Security and Storage

SocialGryd primarily stores platform data on hosted infrastructure rather than intentionally storing core account records on local devices. Depending on your device and settings, the app or browser may still keep limited local caches, tokens, or operating-system level data needed for functionality.

We use reasonable technical and organisational measures designed to protect personal data, which may include access controls, logging, hosted infrastructure safeguards, and multi-factor authentication for administrative access where appropriate. No system is completely secure, and we cannot guarantee absolute security.

11. Your Rights

Where applicable law gives you rights, you may ask to access, correct, delete, restrict, or port your personal data, object to certain processing, or withdraw consent where processing depends on consent. You may also complain to the relevant supervisory authority, including the Estonian Data Protection Inspectorate or the competent authority where you live.

12. Age Requirement

SocialGryd is for users aged 16 and over. If we become aware that data has been collected from someone below the permitted age threshold in breach of these rules, we may remove the account and related content.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we may notify you through the app, website, email, or another reasonable channel.

14. Contact

• Privacy requests: privacy@socialgryd.com
• Safety reports: report@socialgryd.com
• Legal notices and IP matters: legal@socialgryd.com