Privacy Policy
Last updated: 16 June 2026
This Privacy Policy explains how Zickr (“we”, “us”, “our”) collects, uses, stores, and protects information when you use the Zickr mobile app and related services (the “App”), including zickr.app.
1. Who we are
Zickr is an event discovery and participation platform with features such as event maps, event hosting, join approvals, vibe video submissions, QR ticketing, chat, and paid ticket checkout. For privacy questions, contact support@zickr.app.
2. Information we collect
We collect information you provide, information generated through your use of the App, and limited technical data needed to operate and secure the service.
- Account and profile: display name, username, email address, date of birth (to confirm you are 18+), gender, profile photo, and related profile settings.
- Authentication: sign-in data when you use email/password, Google, or Facebook. We do not receive or store your Google or Facebook password.
- Event data: events you create or join, public/private visibility, access codes for private events, custom join questions and your answers, follow requests, bookmarks, approvals, and participation history.
- Content you upload: approval vibe videos (which may include audio), event posts/media, profile photos, and chat messages.
- Location data: addresses, city, pincode, and map coordinates you enter for events; and precise device location only if you grant permission (for nearby discovery, map centering, and related features).
- Ticketing and entry: ticket/payment records, QR codes, and scan/check-in logs.
- Device and security data: device type, platform, brand/model (where available), push notification token (FCM), a hashed device identifier used for login-security alerts, IP address, timestamps, and server-side security or delivery logs.
- Payments and settlements: order/payment status, amounts, platform fee, refund status, payment method metadata, and host payout/bank verification data. Card numbers, UPI PINs, and full payment credentials are entered in Razorpay’s checkout and are not stored by us.
What we do not collect
- We do not collect your phone number in the App today.
- We do not use advertising SDKs or sell your personal data.
- We do not use dedicated crash-analytics or behavioral advertising trackers.
- Face detection during vibe video recording uses on-device Google ML Kit processing to help frame your video; we do not upload camera frames to Google for that feature.
3. How we use your information
- Provide core app features (map discovery, event hosting, join workflows, chat, QR entry, and notifications).
- Process purchases, refunds, settlement calculations, and host payout operations.
- Send service notifications (approval requests, event updates, chats, ticket/payment status, and account/security alerts, including new-device sign-in alerts).
- Detect abuse, enforce policies, prevent fraud, and protect user safety.
- Improve product performance, reliability, and user experience.
- Meet legal, tax, audit, and regulatory obligations.
4. Legal basis (where applicable)
Depending on your region, we process data based on consent, contract performance, legitimate interests (security and product operations), and legal obligations.
5. Sharing and disclosure
We do not sell personal data. We may share data with service providers and partners that help us run the App, including:
- Supabase — authentication, database, file storage, and backend functions.
- Razorpay / RazorpayX — payment processing, refunds, bank verification, and host payouts.
- Google — Google Sign-In, Firebase Cloud Messaging (push notifications), optional Google Fonts delivery, and on-device ML Kit (face framing during recording; processed on your device).
- Meta (Facebook) — Facebook Login when you choose that sign-in option.
- Mapbox — map display and tiles.
- LocationIQ, OpenStreetMap Nominatim, MapTiler, and postalpincode.in — geocoding, place search, area boundaries, and pincode lookup (often via our secure backend proxy).
- Dicebear — optional default avatar image URL if you skip uploading a profile photo.
- Law enforcement, regulators, or authorities when legally required or to protect rights and safety.
- Corporate successors in merger or acquisition scenarios, with appropriate safeguards.
Other Zickr users may see information you choose to share according to the feature — for example, your username, profile photo, gender, and age may be visible to hosts reviewing join requests. Hosts can view information submitted for event participation (such as join answers and vibe videos) as needed to run events.
6. Data retention
We retain data while your account is active and as needed for support, security, disputes, finance records, and legal compliance. If you delete your account, we delete or anonymize most personal data, but some payment, payout, and audit records may be retained where required by law or for fraud prevention.
7. Security
We use technical and organizational controls, including encrypted transport (HTTPS/TLS), access controls, row-level database policies, and encrypted storage for sensitive host payout account numbers. No system is completely secure.
8. Your rights
Subject to applicable law, you may request access, correction, deletion, restriction, portability, or withdrawal of consent. Contact support@zickr.app with subject Privacy Request.
9. Account / data deletion
You can delete your account from in-app Settings (where available) or by emailing support@zickr.app with subject Data Deletion Request. Deletion may be blocked while you are actively hosting or co-hosting non-cancelled events. We may retain limited records where legally required.
10. Children
The App is intended for users 18+ and is not directed to children.
11. International transfers
Data may be processed on systems located outside your state or country (including outside India), with reasonable safeguards where required by law.
12. Changes to this policy
We may update this policy from time to time. We will update the “Last updated” date and may provide additional notice for material changes.
13. Contact
Email: support@zickr.app
Subject: Privacy Request / Privacy Grievance