Effective Date: April 4, 2026
Last Updated: April 4, 2026

1. Introduction & Controller (Verantwortlicher)

This Privacy Policy explains how CliqOut ("we," "our," or "us") collects, uses, and safeguards your information. Under the General Data Protection Regulation (GDPR), the responsible controller for your data is:

Wodajo Tayie
Hartmannstrasse 88
91052 Erlangen, Germany
Email: hallocliqout@gmail.com

2. Information We Collect and Legal Basis

We process your data only if there is a legal basis under Art. 6 GDPR.

2.1 Information You Provide Directly

• Account & Profile: Name, email, password, photo, bio, city, interests.

Legal Basis: Art. 6(1)(b) GDPR (Performance of a contract).

• Event & Interaction Data: Event details, join requests, chat messages, bookmarks.

Legal Basis: Art. 6(1)(b) GDPR.

• Phone Number: For verification purposes.

Legal Basis: Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR (Security).

2.2 Third-Party Sign-In (Google/Apple)

We receive your name, email, and profile photo.

Legal Basis: Art. 6(1)(b) GDPR (Provision of login service).

2.3 Automated Data Collection & Analytics

• Device Info & Usage Data: Via Firebase Analytics (App opens, interactions).
• Push Tokens: For notifications via Firebase Cloud Messaging.

Legal Basis: Art. 6(1)(f) GDPR (Legitimate interest in app stability and improvement) or Art. 6(1)(a) GDPR (Consent for marketing-related push).

2.4 Location Information

• City Selection / Event Locations: Used to show relevant events.

Legal Basis: Art. 6(1)(b) GDPR.

• Precise GPS Location: Accessed only with your explicit permission via the OS. You can revoke this anytime in settings.

Legal Basis: Art. 6(1)(a) GDPR (Consent).

3. How We Share Your Information

With Other Users

Your profile (name, photo, bio) and event-related data are visible to other users to facilitate the social nature of the App.

Service Providers (Processors)

• Firebase (Google Ireland Ltd.): Hosting, Authentication, Database, Analytics.
• Google Maps (Google Ireland Ltd.): For map features.

We have entered into Data Processing Agreements (DPA) with these providers. Where data is transferred to the USA, it is based on Standard Contractual Clauses (SCCs).

Legal Obligations

Disclosure if required by Art. 6(1)(c) GDPR.

We do not sell your personal data.

4. Data Storage and Security

• Storage: Data is stored on Google Cloud (Firebase) servers, primarily within the EU.
• Security: We use HTTPS/TLS encryption and strict Firebase Security Rules.
• Retention: Data is kept as long as your account is active. If you delete your account, data is deleted or anonymized within 30 days, unless legal retention periods (e.g., tax law) apply.

5. Your Rights (GDPR)

As a user in the EU, you have the following rights:

• Art. 15 GDPR (Access): Right to know what data we store.
• Art. 16 GDPR (Rectification): Right to correct wrong data.
• Art. 17 GDPR (Erasure): Right to be forgotten / account deletion.
• Art. 18 GDPR (Restriction): Right to limit processing.
• Art. 20 GDPR (Data Portability): Right to receive your data in a machine-readable format.
• Art. 21 GDPR (Objection): Right to object to processing based on legitimate interests.
• Art. 7(3) GDPR (Withdraw Consent): Right to withdraw location or notification consent at any time.

To exercise these rights, email: hallocliqout@gmail.com

5.1 Right to Complain

You have the right to lodge a complaint with a data protection authority (e.g., Bayerisches Landesamt für Datenschutzaufsicht) if you believe our processing violates the GDPR.

6. Children's Privacy

The App is restricted to users aged 18 and older. We do not knowingly collect data from minors.

7. Changes

We will notify you of updates via the App or the "Last Updated" date. Continued use implies acceptance of the new terms.