1. Who we are

DYVE ("DYVE", "we", "us", or "our") is a mobile application that helps people discover events near them and connect with other people who are going to the same things. This Privacy Policy explains what personal information we collect when you use the DYVE app, how we use and share it, and the choices and rights you have. It is written to align with the New Zealand Privacy Act 2020 and the Information Privacy Principles.

This policy applies to the DYVE mobile app (iOS and Android) and any related services we provide. The app is operated by Karen Munyan, based in New Zealand.

2. Information we collect

We only collect information we need to make DYVE work. This falls into a few categories.

Information you give us when you sign up

• Account details — when you create an account, you can sign in with email and password, your phone number, Google Sign-In, or Sign in with Apple. Sign-in is handled by Firebase Authentication. We collect your name, email address (or the relay address Apple provides if you choose to hide your real one), and a profile photo if you provide one.
• Date of birth — used to verify you meet our minimum-age requirements and to gate access to dating mode (18+).
• Profile information — details you choose to add, including your gender, a short bio, your interests, the kinds of events you're into, what you're looking for (friends, dating, or both), and lifestyle preferences such as how often you go out, preferred event categories, preferred event time, group-size preference, languages, relationship status, drinking preference, and pets. None of these fields is mandatory — you control what appears on your profile.
• Photos — images you upload to your profile, stored in Cloud Storage.
• Matching preferences — your dating and friend-mode age range, gender preference, and travel-radius settings.

Information we collect automatically

• Precise location (GPS) — with your permission, DYVE reads your device's GPS to show you events and people near you. We also store a coarse rounded version of your last-known location (rounded to roughly 1 km precision) on your user record so we can send you the weekly "events near you this weekend" digest. The rounded value is updated whenever you open a part of the app that uses location; we don't track you in the background. You can grant or revoke location access at any time in your device settings, though some features won't work without it.
• Activity in the app — events you save, dismiss, or mark as going; profiles you swipe right, swipe left, or super-like; matches you make; messages you send and receive; users you block or hide; reports you submit about another user.
• Active-chat presence — while a chat is open on your screen, the app records that fact (which chat, with a 45-second heartbeat) so we can suppress duplicate push notifications for the conversation you're already reading. The record clears when you leave the chat.
• Device information — basic technical data such as device model, operating system version, and app version, used for compatibility and troubleshooting.
• Push notification tokens — a unique identifier per device (via Firebase Cloud Messaging on Android, and APNs on iOS) so we can send you notifications about matches, messages, event reminders, organiser broadcasts, and the weekly nearby-events digest. You can turn any notification category on or off in the app's Notifications settings, or disable notifications entirely in your device settings.

Payment information (event organisers)

If you're an event organiser and buy tokens to broadcast updates to event attendees, payments are processed by Stripe. Your card details are entered directly with Stripe and handled under Stripe's own security and privacy practices — DYVE does not collect or store your full card number. We may receive limited transaction information from Stripe, such as the last four digits of your card, the payment amount, and whether a payment succeeded, so we can keep a record of your purchases.

If you subscribe to DYVE Premium, the purchase is handled by Apple's App Store (on iOS) or Google Play Billing (on Android). Those stores share with us only that a purchase was made and the subscription status — they do not share your payment-method details with us.

We do not collect government ID numbers or other sensitive financial information.

3. How we use your information

We use the information we collect to:

• Create and manage your account and profile;
• Show you events near you and people who are going to the same events;
• Match you with relevant people based on your preferences, age range, gender filter, and travel radius;
• Power messaging and the "Go Together" event-invite flow between matched users;
• Send you notifications you've opted into — matches, messages, event reminders, organiser broadcasts, and the weekly nearby-events digest — and let you mute any category from Settings;
• Process token purchases for event organisers (via Stripe) and Premium subscriptions (via the App Store / Google Play);
• Suppress duplicate notifications when you're already reading the chat you'd otherwise be pinged about (this is what the active-chat presence record is for);
• Maintain, improve, and troubleshoot the app;
• Keep DYVE safe — detecting and preventing fraud, abuse, and behaviour that breaches our terms, including processing reports you submit about other users; and
• Comply with our legal obligations.

4. How we share your information

We don't sell your personal information. We share it only in these limited ways:

• With other DYVE users — your profile (name, photo, and the details you choose to show) is visible to other DYVE users so the app can do its job. Don't share anything in your profile or messages you wouldn't want others to see. When you match with someone, your profile and messages become visible to that match until one of you blocks or unmatches.
• With event organisers (limited) — when you save an event, the organiser sees you in their attendee count and can broadcast updates to you. The organiser does not see your full profile, your DOB, your location, or any messages you've sent.
• With service providers — trusted companies that help us run the app (see Third-party services below). They process your data only on our instructions and only as needed to deliver their service.
• For legal reasons — where we're required to by law, or to protect the rights, safety, and property of DYVE, our users, or the public.
• In a business transfer — if DYVE is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

When you choose to buy tickets to an event, DYVE redirects you to a third-party ticketing website. Those sites are operated independently and have their own privacy policies — any information you provide there is handled by them, not by DYVE.

5. Third-party services

DYVE relies on the following third-party services, which may process your data under their own privacy policies:

• Google Firebase (Authentication, Cloud Firestore, Cloud Storage, Cloud Messaging, Cloud Functions, App Check) — for sign-in, data storage, file storage, notifications, server-side logic, and abuse prevention.
• Google Sign-In — optional sign-in method on both iOS and Android.
• Sign in with Apple — optional sign-in method on iOS. If you choose Apple's "Hide My Email" option, we only ever see the relay address Apple gives us.
• Stripe — to process token purchases for event organisers. See stripe.com/privacy.
• Apple App Store and Google Play Billing — to process Premium subscriptions on their respective platforms.
• Ticketmaster Discovery API — to import publicly-listed events into the in-app feed.
• Third-party ticketing providers — when you tap "Get tickets" on an event, you're redirected to an external ticketing site with its own privacy policy.

We encourage you to review Google's Privacy Policy at policies.google.com/privacy and Apple's at apple.com/legal/privacy to understand how each handles data.

6. Data retention & deletion

We keep your personal information for as long as your account is active or as needed to provide DYVE to you.

You can delete your account at any time from inside the app: Settings → Delete account. When you do, we delete your data from our systems:

• your profile, photos, messages, matches, swipe history, saved events, notification preferences, and notification inbox are removed;
• the entries you appear in on other users' devices (the "matched with" record on someone's side, your row in another user's "liked by" list, your membership in any event invite they received) are also cleaned up;
• your push tokens are deregistered so deleted accounts don't keep getting pinged;
• profile photos in Cloud Storage are deleted;
• we keep an archived copy of your basic account record for a short period (typically 30 days) for fraud-prevention and dispute-resolution reasons, after which it is removed.

A small set of records is retained longer for safety, legal, or audit reasons:

• Moderation reports you submitted, or reports submitted about you, are kept so we can act on patterns of abuse — even after the reported or reporting account is deleted.
• Public event listings you created as an organiser remain visible to the community (events belong to the people who attend them; deleting your account doesn't retroactively shrink other users' calendars). The "created by" field on those events becomes a reference to your deleted-account archive rather than your live profile.
• Conversation history with people you matched with stays on the other party's device — they still own half of every conversation. Your half is removed from your account.

Step-by-step instructions for requesting deletion (including from the web, if you've lost access to the app) are at our data deletion page.

7. How we protect your information

We take reasonable steps to protect your information, including encryption in transit, server-side security rules that gate which user can read and write which data, abuse-prevention checks (Firebase App Check) that block tampered clients from reaching our APIs, anti-flood throttling on chat sends, and the access controls provided by our infrastructure providers. No system is completely secure, however, and we can't guarantee absolute security. If we become aware of a privacy breach that poses a risk of serious harm, we'll notify affected users and the Office of the Privacy Commissioner as required under the Privacy Act 2020.

8. Your rights and choices

Under the New Zealand Privacy Act 2020, you have the right to:

• Access the personal information we hold about you;
• Correct information that's inaccurate or out of date;
• Delete your account and associated personal information (see Data retention & deletion above);
• Mute notifications by category (matches, messages, broadcasts, event reminders, the weekly nearby-events digest) in Settings → Notifications, or turn them off entirely in your device settings;
• Block or report another user from their profile screen — blocking removes them from your matches, chats, and swipe deck, and prevents future interactions; reporting flags them for our moderation review;
• Control permissions like location, notifications, photo access, and camera access through your device settings at any time.

You can manage much of this directly in the app. For anything else, contact us using the details below and we'll respond as soon as we reasonably can.

9. Age requirements and younger users

DYVE has a minimum age of 13. We use the date of birth you provide at sign-up to determine which features are available to you:

• Friends mode is available to users aged 13 and over.
• Dating features are restricted to users aged 18 and over. Users under 18 cannot access dating mode and are not shown to, or matched with, other users for dating. The age gate is enforced both in the app's UI and in our server-side rules — the dating swipe deck rejects requests from any account whose stored date of birth puts them under 18.

We do not knowingly allow anyone under 13 to create an account or collect their personal information. If we learn that a user is under 13, we will remove the account and associated data. If you believe a child under 13 is using DYVE, please contact us using the details below.

For users aged 13 to 17, we limit data collection to what's needed for friends mode and apply the protections described in this policy. We encourage parents and guardians to be involved in their teen's use of the app.

10. International users

DYVE is operated from New Zealand, and the third-party services we use (such as Google Firebase) may store and process data on servers located in other countries. By using DYVE, you understand that your information may be transferred to and processed in countries outside your own, which may have different data protection laws.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we'll change the "Last updated" date at the top, and for significant changes we'll provide a more prominent notice in the app. We encourage you to review this page periodically.

12. Contact us

If you have questions about this Privacy Policy or how we handle your information, get in touch:

• Email: dyveevents@gmail.com
• Operated by: Karen Munyan, New Zealand

If you're not satisfied with our response, you can contact the New Zealand Office of the Privacy Commissioner at privacy.org.nz.