Legal

Privacy Policy

Effective date: [on publication]  ·  Last updated: [on publication]

01Who we are

RevvMeet ("RevvMeet", "we", "us", "our") operates the RevvMeet mobile application and the website at https://revvmeet.com. RevvMeet is a product of Belaffee Pty Ltd (ABN 18 698 604 214), an Australian proprietary company. We can be contacted at support@revvmeet.com.

If you're a resident of the European Economic Area (EEA) or United Kingdom, the data controller is Belaffee Pty Ltd, [registered address — provided after launch].

02What this policy covers

This Privacy Policy explains what personal data RevvMeet collects when you use our app or website, why we collect it, how we use it, who we share it with, and the rights you have over it.

03Information we collect

We collect the following categories of data:

Account data — email address (or third-party auth identifier such as Apple ID), username, display name, password (stored as a salted hash by our auth provider), date of registration.

Profile data — profile picture, bio, city / region, automotive identity ("clan"), car make/model/generation, build photos and notes, badges you earn.

Content you create — posts, comments, event RSVPs, build records, route history, garage photos, AI-generated analyses you choose to save.

Device & technical data — device model, operating system version, app version, language, time zone, IP address, anonymous device identifier (for crash reporting and to prevent abuse).

Usage data — feature interactions, search queries, view history, the recommendations our algorithms make and how you respond to them (for the "For You" personalised feed).

Location data (only with your permission) — approximate or precise location, used to suggest nearby car meets, generate scenic routes around you, and tag events to your city. You can revoke location access at any time in your device settings.

Camera & photo library access (only with your permission) — accessed only to capture or pick photos you choose to share, analyse, or set as covers.

Order & shipping data — if you purchase physical merchandise (such as car decals): shipping address, order history, tracking number, and limited payment metadata (we do not store full payment card details — these are handled by our payment processor).

Communications — messages you send via in-app chat are stored to deliver them and remain visible to thread participants.

04How we use your data

We use your data to:

• Provide the core service: deliver content, run searches, suggest routes, match you with relevant events and other drivers.
• Personalise: the "For You" feed ranks content using signals including your identity, region, follow graph, and engagement.
• Improve and develop the product: aggregate analytics tell us which features are used.
• Communicate: send notifications you opted into (event reminders, follow alerts, comment replies).
• Keep the platform safe: detect spam, harassment, illegal content; enforce our Community Guidelines.
• Fulfil orders: process payments and ship physical goods.
• Comply with legal obligations.

We do not sell your personal data.

05Legal bases (EEA/UK)

Where GDPR applies we rely on these legal bases:

• Contract — to provide the service you signed up for.
• Legitimate interest — to keep the platform secure, improve the product, and prevent fraud.
• Consent — for optional things like location, push notifications, marketing emails. You can withdraw consent at any time.
• Legal obligation — to respond to lawful requests from authorities.

06Who we share data with

We share limited data with:

• Service providers: cloud hosting (Supabase / AWS), authentication (Supabase Auth), AI inference (Anthropic), embedding generation (OpenAI), payment processing (Stripe), push notifications (Apple APNs / Google Firebase), crash reporting, and analytics. Each provider acts as a data processor under contract and is bound to confidentiality.
• Other users, on the parts of your profile you choose to make public.
• Law enforcement, when legally required.
• A successor entity if RevvMeet is acquired or merged.

We do not sell your personal data and do not share it with third-party advertisers for cross-context behavioural advertising.

07International transfers

Your data may be processed in countries other than the one you live in (including the United States). When we transfer EEA/UK data internationally we rely on the European Commission's Standard Contractual Clauses or equivalent safeguards.

08How long we keep data

• Account & profile data: while your account is active, then deleted within 30 days of your deletion request (see Section 10).
• Posts and comments: until you delete them or your account.
• Order data: as long as legally required for tax / accounting purposes (typically 7 years).
• Crash logs and analytics: typically 90 days.
• AI usage logs (for safety and product improvement): typically 365 days.

09Security

We protect your data with encryption in transit (HTTPS / TLS 1.2+) and at rest, row-level-security database policies, regular security review, and access controls limiting who on our team can see what.

No system is perfectly secure. If we ever experience a personal-data breach affecting you, we will notify you as required by law.

10Your rights

Depending on where you live, you have some or all of these rights:

• Access: ask us what personal data we hold about you. The app provides a one-tap export under Settings → Privacy → Export my data.
• Correction: update or correct your profile data at any time in the app.
• Deletion: delete your account in the app under Settings → Privacy → Delete account. Your data enters a 30-day grace period, after which it is permanently erased. Sign back in any time during the 30 days to cancel.
• Portability: receive your data in machine-readable JSON via the export tool.
• Object / restrict / withdraw consent: contact us at privacy@revvmeet.com.
• Lodge a complaint with your local data-protection authority.

We will respond to requests within 30 days.

11Children

RevvMeet is not directed at children under 13 (or under 16 in jurisdictions where that is the GDPR-K threshold). We do not knowingly collect personal data from anyone under that age. If we learn that we have, we will delete the account and data. Parents who believe their child has signed up can contact privacy@revvmeet.com.

12Third-party links

Some content in RevvMeet links to external websites (e.g., vendor product pages). RevvMeet is not responsible for the privacy practices of those sites.

13Changes to this policy

We may update this Privacy Policy. Material changes will be announced in-app and the Last updated date above will change. If the change affects your rights, we will ask for re-consent where required.

14Contact

• General: support@revvmeet.com
• Privacy specifically: privacy@revvmeet.com
• EEA Representative (if appointed): [to be appointed after launch]
• Postal: Belaffee Pty Ltd, [registered address — provided after launch]