Privacy Policy

This policy explains what information SeaWingman collects, why we collect it, and the choices you have. We try to keep it short and concrete — no vague legalese where a plain sentence will do. If something is unclear, email us at support@seawingman.com.

1. What we collect

Information you give us directly

• •Account: email address (or Apple/Google sign-in identifier), password (hashed), phone number if you enable SMS 2FA, first and last name, birthday.
• •Profile: photos, bio, status message, interests/hobbies, age preferences, social handles you choose to add (X, Facebook, Snapchat, Instagram).
• •Connections: who you like or pass, who likes you back, your matches, your group memberships, your event RSVPs.
• •Communications: text messages, photo messages, location messages, notes you write about other users (private to you), reports you submit.

Information we collect automatically

• •Location: with your permission, your current GPS coordinates and a separately stored "search location" (so you can browse a different area without moving). You can disable automatic updates in Settings, in which case you set location manually.
• •Device + app: device model, OS version, app version, language, time zone, crash logs, basic event timing (login, message send, photo upload). We use this to keep the app working and to fix bugs.
• •Network: IP address (used for rate-limiting, abuse prevention, and rough geolocation when GPS isn't available).
• •Cookies / tokens: a long-lived bearer token on mobile (stored in iOS Keychain / Android EncryptedSharedPreferences) and a session cookie on web. These are how we keep you signed in.

Information from third parties

• •Apple Sign In and Google Sign In tell us your email and a stable user identifier when you use those flows. We don't get your Apple/Google password.
• •Twilio handles 2FA SMS codes; they tell us whether the code you entered matches the one they sent.
• •Google AdMob serves ads and shares aggregated performance data with us. See "Advertising" below.

2. How we use your information

• •Run the Service: show you potential matches, deliver messages, enforce age and distance preferences, render the people-near-you map.
• •Keep accounts secure: detect suspicious sign-ins, send 2FA codes, manage trusted-device exceptions for 7 days.
• •Moderate the community: review reports, suspend abusive accounts, identify spam and fake-profile networks.
• •Improve the product: fix bugs, understand which features are used, prioritize work.
• •Communicate with you: account notifications, security alerts, occasional product updates. We will not send you marketing emails about unrelated products.
• •Comply with the law: respond to lawful requests, enforce our Terms, defend ourselves in disputes.

We do not sell your personal information.

3. What other users see

Your profile photos, name, age, location (city-level by default), interests, status, and bio are visible to other signed-in SeaWingman users who match your visibility preferences (Settings → Privacy & Safety → Privacy Control). Your exact GPS coordinates are never shared with other users — distance is calculated server-side and shown rounded ("19.2 km").

Your email, phone number, last login time, and the notes you write about other users are private to you (and to admins/moderators with the relevant permission). Direct messages are visible to the people in the conversation.

4. Who we share information with

Service providers, on a need-to-do-the-job basis

• •Hostinger / our VPS provider — hosts the database and application servers.
• •Amazon Web Services (S3) — stores profile photos and event cover images.
• •Twilio — sends the SMS used for 2FA.
• •Apple and Google — power sign-in, handle App Store / Play Store payments, deliver push notifications.
• •Google AdMob — shows ads on devices that haven't paid to remove them.
• •OpenStreetMap (Nominatim) — turns coordinates into city names. We send latitude/longitude only; no user identifier.

Other people

• •Other users see what your privacy preferences allow (see Section 3).
• •Admins and trusted moderators see profile and account details to handle reports and abuse.

Legal and safety

• •We may disclose information when required by valid legal process, when necessary to protect someone's life or safety, or to investigate fraud or violations of our Terms. Where the law allows, we'll tell you about a request before responding.

Business changes

• •If SeaWingman is acquired or merged, your information may be transferred to the new entity. We'll let you know in-app and you'll have the chance to delete your account before the transfer takes effect.

5. How long we keep things

• •Your profile, photos, and messages are kept until you delete them or your account.
• •When you delete your account, we remove the profile and associated content within 30 days. Backups containing already-deleted content roll off within 90 days.
• •Anonymized abuse logs (e.g. "this device fingerprint was banned for harassment") may be kept longer to prevent repeat offenders from coming back.
• •Some information (e.g. transaction records, tax-relevant data) is kept for as long as the law requires.

6. How we keep things safe

We use industry-standard encryption in transit (HTTPS/TLS) and at rest for our database and S3 buckets. Bearer tokens on mobile are stored in the iOS Keychain or Android EncryptedSharedPreferences. Passwords are stored only as bcrypt hashes — we cannot see your actual password and neither can our staff. Access to production systems is limited to authorized personnel and protected by SSH keys + 2FA.

No system is perfect. If we ever discover a breach that affects you, we'll tell you about it within 72 hours and give you concrete steps to protect yourself.

7. Your rights and choices

Depending on where you live, you may have the right to access, correct, or delete the information we hold about you, to object to certain uses, to withdraw consent, and to ask for a copy in a portable format. You can exercise most of these rights directly in the app:

• •Access / correct: Profile → Edit Profile.
• •Adjust visibility: Settings → Privacy & Safety.
• •Block someone: their profile → Block User.
• •Delete your account: Settings → Remove Account (this is final).
• •Manage trusted devices for 2FA: Settings → Trusted Devices.

For anything you can't do in-app — including a copy of your data — email support@seawingman.com. We'll respond within 30 days.

8. Location data

We ask for location permission so we can show you people and events nearby. You can decline the OS prompt; the app will still work, but distance and "near me" features won't. You can change this anytime in iOS Settings → SeaWingman → Location, or Android Settings → Apps → SeaWingman → Permissions → Location.

We store two location values: your current GPS (used for distance calculations and updated when you allow it) and your search location (a place you set manually so you can browse a different area). Both are stored as decimals on our database. We never publish your exact coordinates to other users.

9. Advertising

Ads are delivered by Google AdMob. AdMob may use a device advertising identifier to personalize ads. We do not pass them your name, email, or precise location.

• •iOS: tap the App Tracking Transparency prompt on first launch, or change it later in iOS Settings → Privacy & Security → Tracking → SeaWingman.
• •Android: Google Settings → Ads → Opt out of Ads Personalization, or reset your advertising ID.
• •See policies.google.com/technologies/ads for full details.

10. Children

SeaWingman is for adults — strictly 18 and older. We do not knowingly collect information from anyone under 18. If we find out an account belongs to a minor, we close it and delete the data. If you are a parent or guardian and believe a minor has signed up, contact support@seawingman.com.

11. International users

SeaWingman is operated from Southeast Asia and our servers live in the same region. By using the Service from another country, you understand your information will be transferred to and processed in Southeast Asia. We protect that transfer with HTTPS/TLS in transit and the same access controls described above.

12. Changes to this policy

When we make material changes we'll bump the "Last updated" date and notify you in-app. Continued use after the change means you accept the new policy. If you don't, please delete your account.

13. Contact

Privacy questions, data requests, or complaints: support@seawingman.com.