Privacy Policy
Effective date: 2026-06-29 Last updated: 2026-06-29
This Privacy Policy describes how MeetGrove (“MeetGrove”, “we”, “us”) collects, uses, and shares information when you use our mobile application (the “App”).
If you do not agree with this policy, do not use the App.
1. Who we are
MeetGrove is operated by Kkpo LLC (“we”). You can reach us at [email protected].
We are the data controller for the personal information described in this policy.
2. Eligibility
The App is for adults only. You must be 18 years or older to create an account. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected information from someone under 18, we will delete it.
3. Information we collect
3.1 Information you provide
| Category | Examples | Why we collect it |
|---|---|---|
| Account identifiers | Google account email, Google account ID | To authenticate you via Google Sign-In |
| Profile data | Display name, age, gender, date of birth, profile photos (up to 6), short bio, interests | To create the profile other users see when you join a group |
| Location data | A place name and approximate coordinates you select (e.g., “Brooklyn, NY”) | To match you with groups near you. You choose the location explicitly via a search picker; we do not read your device GPS. You can update it at most once every 24 hours. |
| Group content | Topics you create, messages you send in group chats | To deliver messages to other group members |
| Reports & blocks | User IDs you block, reasons you report another user | To enforce safety policies |
3.2 Information collected automatically
| Category | Examples | Why we collect it |
|---|---|---|
| Device identifiers | App install ID, OS version, app version, device model | To diagnose crashes and target compatibility fixes |
| Push notification token | An Expo push token tied to your device | To send you notifications (group ready, new message). You can disable in OS settings. |
| Usage / diagnostic data | Screen views, error stack traces, performance traces, mobile session replays (limited to interactions in our App) | To detect bugs, understand which features are used, improve performance |
| IP address | Logged transiently by our backend for rate limiting and abuse prevention | Discarded after request processing |
3.3 Information we do not collect
- We do not read your contacts, calendar, microphone, or background location.
- We do not access your photo library beyond images you explicitly pick to upload.
- We do not run advertising SDKs or share data with ad networks.
- We do not sell personal information.
4. How we use information
We use the information described above to:
- Authenticate you and keep you signed in
- Show your profile to other members of groups you join
- Match you with topics and groups based on your location radius, age range, and gender preferences
- Deliver chat messages between group members
- Enforce community standards (including automated moderation of profile names, bios, and topic text via Azure Content Safety)
- Send push notifications about your groups
- Detect, investigate, and address abuse, fraud, security issues, or violations of our Terms
- Comply with legal obligations
We do not use your information for advertising or profiling.
5. Legal basis for processing (EU/EEA users)
If you are in the European Economic Area or the United Kingdom, our legal bases are:
- Performance of a contract — to provide the App’s core functionality (account, groups, chat)
- Legitimate interests — fraud prevention, security, product analytics
- Consent — for push notifications and any optional features that ask
- Legal obligation — to respond to lawful requests
You can withdraw consent for push notifications at any time in your device settings.
6. Who we share information with
We share information only as described below. We do not sell personal information.
| Recipient | What | Why |
|---|---|---|
| Other users | Your profile (name, age, gender, photos, bio, interests) and messages you send | This is the core function — visible to other members of groups you join |
| Google LLC | OAuth identifier exchange | To verify your Google account during sign-in |
| Microsoft Azure (data centers in the United States, East US 2 region) | Hosting of our backend (Cosmos DB, Blob Storage, Container Apps) | Infrastructure |
| Sentry | Error stack traces, performance traces, session replays from the mobile app | Crash and bug diagnostics |
| Expo (push notifications) | Push notification token, message payloads | Delivery of notifications |
| Google Maps Platform | Search queries you type into the location picker | Place autocomplete |
| Azure AI Content Safety | Text you submit as your name, bio, or topic | Automated content moderation |
| Law enforcement | Information necessary to respond to a valid legal request | Compliance |
When we transfer data to recipients in the United States or other countries outside your home jurisdiction, we rely on appropriate safeguards (e.g., Standard Contractual Clauses where applicable).
7. Data retention
We keep your information for as long as your account exists, plus a short grace period.
- Account, profile, photos: retained while your account is active. Deleted within 30 days after you delete your account.
- Chat messages: retained on our servers only until every recipient’s device has received them; after that the message is removed from our backend and lives only on members’ devices.
- Diagnostic data (Sentry): retained per Sentry’s default retention (currently 90 days).
- Backup snapshots: retained for up to 30 days after deletion for disaster recovery, then purged.
- Audit logs related to safety actions (reports, blocks, suspensions): retained up to 3 years for abuse prevention.
8. Your rights
Depending on where you live, you may have the right to:
- Access — request a copy of the personal information we hold about you
- Correct — update inaccurate or incomplete information
- Delete — request deletion of your account and associated data
- Restrict — ask us to limit processing for certain purposes
- Portability — receive your information in a portable format
- Object — object to processing based on legitimate interests
- Withdraw consent — for processing based on consent
To exercise any of these rights, delete your account in-app (Settings → Delete account) or email [email protected]. We will respond within 30 days.
If you are in the EU/EEA, you also have the right to lodge a complaint with your local data protection authority.
If you are in California, you have rights under the CCPA/CPRA, including the rights above and the right not to be discriminated against for exercising them. We do not sell or “share” personal information as those terms are defined under the CCPA.
9. Security
We use industry-standard practices to protect your information:
- Authentication tokens stored on your device in the OS secure enclave (iOS Keychain / Android EncryptedSharedPreferences)
- HTTPS in transit; managed identity for backend service authentication
- Server-side JWT validation, rate limiting, IP allowlisting on admin endpoints
- Suspended-user middleware that revokes access immediately
No system is perfectly secure. If we become aware of a breach affecting your information, we will notify you in accordance with applicable law.
10. Children
The App is not directed to children under 18 and we do not knowingly collect their information. If you believe a minor has provided information to us, contact [email protected] and we will delete it.
11. Changes to this policy
We may update this policy from time to time. If we make material changes, we will notify you in-app or by other reasonable means before the changes take effect. The “Last updated” date at the top reflects the current version.
12. Contact
Questions, requests, or complaints: [email protected]
Postal: PO Box [number] · Sterling, VA · USA (physical PO Box pending — fill before publish)