Privacy

Your data, in plain English.

This page describes how dscvr collects, uses, and protects your information, and it matches the policy shown inside the app. We've tried to write it like a human.

Last updated · June 2026

What we collect

• Your email, display name, username, and optional profile photo when you sign up (or just your email if you join the waitlist).
• The content you create: videos, photos, reviews, check-ins, comments, saved spots, and follows.
• Your device location while you're using the app, to show nearby places and events. We store the locations of venues you tag, not a history of your personal GPS coordinates.
• Crash reports and performance data (via Sentry) and basic device info needed to run the service (via Firebase).
• Ticket purchases are processed by Stripe. We never see or store your card number.

What we never do

• Sell, rent, or license your personal data to third parties.
• Track you across other companies' apps or websites.
• Show third-party ads.
• Read your camera roll or contacts without explicit permission.

Recommendations (our AI)

Recommendations are personalized using your own activity, like the places you save and check into. Some recommendation requests are processed by Google's Gemini API to generate suggestions. Your data isn't shared with other users or with advertisers, and we don't use it to train external models.

How your content is shared

Videos, reviews, and public check-ins are visible to other users. That is the point of dscvr. Check-ins are private by default and only shared if you mark them public. Messages are visible only to participants.

Service providers

We use Google Firebase (authentication, database, storage, notifications), Stripe (payments), Sentry (crash reporting), and Google Maps/Places (venue data). Each receives only what it needs to do its job.

Your rights

You can edit your profile in the app, control check-in visibility, and delete your account entirely in-app (Settings → Delete Account). Deletion is permanent and removes your profile, content, social graph, and stored media.

For California (CCPA), EU/UK (GDPR), and similar jurisdictions, you have the right to access, correct, delete, and port your data. Email privacy@dscvrapp.co with any request and we'll respond within 30 days.

Security

Data is encrypted in transit (TLS) and at rest. Access is controlled and logged. We disclose breaches within 72 hours of discovery, regardless of jurisdiction.

Children

dscvr is not directed at children under 13, and we do not knowingly collect data from them.

Changes to this policy

If we materially change this policy, we'll notify you in the app before the change takes effect. Minor changes (typo fixes, link updates) get a quiet update with the “Last updated” date above.

Contact

privacy@dscvrapp.co for any privacy question. A human reads it, usually within one business day.