Privacy Policy

Last updated: February 28, 2026

Theri.App ("we", "us", or "our") operates the Theri.App mobile application (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Service.

1. Information We Collect

Account Information: When you register, we collect your email address, username, display name, and a hashed version of your password. We never store plain-text passwords.

Profile Data: You may optionally provide a profile photo, theriotype selection, and display name.

Location Data: If you enable the map feature, we collect your approximate latitude and longitude to show nearby users and encounter points. Location sharing is entirely optional and can be disabled at any time in your profile settings.

User-Generated Content: We store messages you send in conversations, stories you create (including photos and text), and pack/meetup information you create or join.

Device Information: We may collect push notification tokens (Expo push tokens) and device platform information to deliver notifications.

2. How We Use Your Information

  • To create and manage your account
  • To enable real-time messaging and social features
  • To display nearby users on the map (only if you opt in)
  • To send push notifications about messages and activity
  • To moderate content and enforce our Terms of Service
  • To improve and maintain the Service

3. Data Sharing

We do not sell, rent, or trade your personal data to third parties. We may share data with:

  • Cloudinary: For secure image and media storage (profile photos, stories)
  • Expo (Expo Push Notifications): To deliver push notifications to your device
  • Hosting providers: Our servers are hosted on Railway and our database on managed PostgreSQL infrastructure
  • Law enforcement: If required by law or to protect the safety of our users

4. Data Retention

We retain your data for as long as your account is active. Stories expire automatically after 7 days. When you delete your account, all your personal data is permanently removed from our servers, including messages, stories, card collections, and profile information.

5. Your Rights

You have the right to:

  • Access your personal data through the app
  • Correct your information via the Edit Profile screen
  • Delete your account and all associated data at any time from Settings
  • Withdraw consent for location sharing at any time
  • Block other users to prevent them from contacting you
  • Report content or users that violate our Terms of Service

For users in the European Economic Area (EEA), you additionally have rights under GDPR including data portability and the right to lodge a complaint with a supervisory authority. For California residents, you have rights under the CCPA including the right to know what data is collected and the right to opt out of data sales (we do not sell data).

6. Children's Privacy

Theri.App is intended for users who are 18 years of age or older. We do not knowingly collect data from individuals under 18. If we discover that we have collected information from a user under 18, we will promptly delete that account and all associated data.

7. Security

We implement industry-standard security measures including password hashing (bcrypt), encrypted data transmission (HTTPS/TLS), and JWT-based authentication. While no system is 100% secure, we strive to protect your data to the best of our ability.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of any material changes through the app or via email. Continued use of the Service after changes constitutes acceptance of the updated policy.

9. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Email: privacy@theri.app

Política de Privacidad | Theri.App