Privacy Policy

Effective date: 24 April 2026 · Last updated: 24 April 2026

1. Who we are

Arciuze ("Arciuze", "we", "us") is a social app that connects people through events and communities they actually attend. This policy explains what information the Arciuze iOS app and website (arciuze.com) collect, how we use it, and the controls you have.

If you have questions, email support@arciuze.com.

2. Information we collect

2.1 Information you give us

• Account details. Email or phone number for sign-in, and — if you choose Sign in with Apple — a relay email. We also receive a display name, username, bio, avatar, and the interests you pick during onboarding.
• Content you post. Posts, stories, comments, direct messages, voice clips, reactions, event reviews, and media you upload.
• Event participation. Which events you RSVP to and which you actually attend (we verify attendance when you scan an organizer's QR code at the door).
• Community applications. The information you submit if you apply to start a community.
• Reports. Content and context you submit when reporting another user or post.
• Support requests. Anything you send us at support@arciuze.com.

2.2 Information we collect automatically

• Device & push tokens. A Firebase Cloud Messaging (FCM) token so we can deliver push notifications. Basic device information such as iOS version and app build.
• App usage. Feature-level telemetry — e.g., the fact that you opened a screen, sent a message, or joined an event — for reliability and product improvement. We do not use IDFA and we do not track you across other companies' apps or websites.
• Logs. Error reports and diagnostic logs, which may include a user identifier and a short context string, to help us fix bugs.

2.3 Information from permissions you grant

• Camera & microphone — only when you open the camera/recorder to create a post, story, voice message, or scan an event QR code.
• Photos — only when you pick media to share.
• Contacts — if you choose to sync contacts to find friends. We hash phone numbers on-device and upload the hashes (not the raw numbers) for matching. You can revoke this at any time in iOS Settings; doing so stops future uploads.
• Location — only when you explicitly ask us to find events near you. We use coarse, foreground-only location; we never track you in the background.

2.4 Payments

Ticketed events are processed by Razorpay. When you buy a ticket, your card or UPI details go directly to Razorpay — we never see them. We store only the order identifier, the amount, the event, and whether the payment succeeded.

3. How we use it

• Run the service — authenticate you, show you the feed, deliver messages, verify event attendance, unlock DMs between attendees, issue tickets, and send notifications you've asked for.
• Rank your feed — our server-side algorithm weights posts based on shared events attended, RSVPs, friendship, and community overlap. We do not sell this signal to anyone.
• Safety & moderation — review reports, enforce our Terms, block abusive accounts, and cooperate with lawful requests.
• Improve the product — understand which features work, fix bugs, and plan improvements.
• Communicate with you — product updates, security notices, and replies to your support requests. We do not send marketing emails to people who did not opt in.

4. Who we share it with

We share data only in these limited cases:

• With other users, by your action. Your profile, posts, comments, stories, and messages are visible to the audience you choose (the event, the community, the friend, or the person you DM). Your privacy mode (Public / Private / Ghost) controls how much of your profile is visible to whom.
• Service providers we rely on:
  • Google (Firebase) — authentication, database, storage, push notifications, and hosting. Data is stored on Google Cloud infrastructure.
  • Apple — Sign in with Apple, Apple Push Notification service.
  • Razorpay — payment processing for event tickets.
  These providers act on our instructions and are bound by their own privacy commitments.
• Legal & safety. We will disclose information if we believe in good faith that doing so is required by law, necessary to prevent imminent harm, or needed to protect the rights of Arciuze or its users.
• Business transfers. If Arciuze is acquired or merged, your data may be transferred to the successor entity, which will remain bound by this policy (or notify you of changes).

We do not sell your personal information, and we do not allow advertisers to target you inside Arciuze.

5. How long we keep it

• Account data — for as long as your account is active.
• Stories — automatically deleted 24 hours after they're posted.
• Messages — kept until you or the other participant deletes them, or your account is deleted.
• Logs & diagnostics — typically kept for up to 90 days.
• Reports — kept for as long as needed to enforce our Terms and meet legal obligations.

When you delete your account (see section 6), we remove your posts, stories, friend connections, community/event memberships, and message content on a rolling basis. Some records may persist briefly in encrypted backups before being overwritten.

6. Your rights & choices

You can, at any time:

• Access & edit your profile from the Profile tab.
• Control visibility per event using our three privacy modes.
• Block or report any user from their profile.
• Turn off notifications in iOS Settings > Arciuze.
• Revoke camera, photo, microphone, contacts, or location access in iOS Settings.
• Delete your account from Profile > Settings > Delete account. This removes your profile, posts, stories, memberships, friend edges, and message content, and deletes your Firebase Authentication record.

Depending on where you live, you may have additional rights — access, correction, deletion, portability, objection to processing, or the right to lodge a complaint with a data protection authority. Email support@arciuze.com and we will respond within a reasonable period.

7. Children

Arciuze is not directed to children under 13 (or the minimum digital-consent age in your country, if higher). If you believe a child has provided us with personal information, contact us and we will delete it.

8. Security

We use TLS in transit, encrypted storage at rest, server-side security rules, and principle-of-least-privilege access controls. No system is perfectly secure, but we treat unauthorized access as a serious incident and will notify affected users if required by law.

9. International transfers

Our infrastructure is provided by Google Cloud and Apple. Your data may be stored and processed in countries other than where you live. Where required, we rely on standard contractual clauses or equivalent safeguards provided by these vendors.

10. Changes to this policy

If we make material changes we'll notify you in-app and update the "Last updated" date at the top of this page. Continued use of Arciuze after that constitutes acceptance of the updated policy.

11. Contact us

Questions, requests, or complaints: support@arciuze.com.