Privacy Policy

1. Who we are and scope

WeeveSocial operates the Services for adults eighteen (18)+ only. Our Terms of Use state that the Services are offered to users located in the United States; this Privacy Policy applies to personal information we process in connection with the Services regardless of where you access them from. Sections below that reference the GDPR, UK GDPR, Swiss law, or other non-U.S. frameworks apply only where those laws govern our processing of your personal information (for example, if you contact us from abroad, if we process information that is subject to those laws, or where otherwise required).

This policy is designed to align with common expectations for mobile apps on the Apple App Store and Google Play (including transparency for their privacy and data-safety disclosures), and with applicable privacy laws such as the EU/UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), and similar frameworks where they apply.

2. Our privacy promise: no sale and no unrelated sharing

We do not sell your personal information. We do not rent it, license it for money, or trade it for advertising or data-brokerage purposes.

We do not share your personal information with third parties for their own marketing, advertising, or independent commercial use. We do not share personal information with data brokers.

The only disclosures of personal information are the limited cases described in Section 7 (for example, technical service providers that process data strictly on our instructions to operate the Services, or when the law requires a response). Those providers are contractually bound to protect your information and may not use it for their own purposes unrelated to the services they provide to us.

3. Information we collect

The categories of information we may collect include:

We do not intentionally collect categories that qualify as "sensitive personal information" under the CCPA/CPRA (as defined in Cal. Civ. Code § 1798.140(ae) and related regulations) as a standalone data collection program, except where you voluntarily include such information in content you choose to post and we process it only as needed to provide the Services and as permitted by law.

We collect personal information that you provide directly, that is generated when you use the Services, and, where permitted, from service providers and tools that help us operate the Services (for example, hosting or authentication infrastructure), always subject to this policy and applicable law.

4. How we use information

Phone number — limited use only

If we process your phone number, we use it only to send you communications that are directly related to your account and security: specifically, account-related notifications (for example, important alerts about your account or the Services as needed to operate your account) and one-time codes for two-factor authentication (2FA) when you or we have enabled that feature. We do not use your phone number for third-party marketing, and we do not sell or share phone numbers for advertising.

Other personal information

Where the GDPR or similar laws apply, we rely on appropriate legal bases such as performance of a contract with you, legitimate interests that are not overridden by your rights (for example, securing the Services), compliance with legal obligations, and consent where required (for example, for certain optional communications or cookies where applicable).

5. Cookies and similar technologies (web)

If you use our website, we may use cookies or similar technologies that are necessary for the site to function or that we use in line with any choices presented to you where consent is required by law.

6. Retention

We retain personal information only for as long as needed for the purposes described in this policy, unless a longer period is required or permitted by law (for example, tax, litigation hold, or safety records). When retention is no longer necessary, we delete or de-identify information in line with our practices and technical capabilities.

If you delete your account, we generally purge associated personal data within approximately thirty (30) days, with limited retention in backups for up to ninety (90) days where technically necessary, consistent with our Terms of Use (Section 18). Actual timing can vary based on legal holds, safety investigations, or technical constraints.

7. Service providers and legal disclosures

We may engage trusted companies to process personal information on our behalf (for example, cloud hosting, delivery of SMS messages for the phone-number uses described above, security monitoring, or customer support tools). They may access information only as needed to perform services for us under written agreements that require appropriate confidentiality and security. They may not sell your personal information or use it for purposes unrelated to their services to us.

We may disclose information if we believe in good faith that disclosure is required by law, regulation, legal process, or governmental request, or to protect the vital interests of a person, or to investigate violations of our Terms.

8. International transfers

We may process and store information in countries other than where you live. Where we transfer personal information from the European Economic Area, the United Kingdom, or Switzerland to other countries, we use appropriate safeguards as required by applicable law (such as standard contractual clauses approved by regulators or other lawful transfer mechanisms).

9. Security

We implement technical and organizational measures appropriate to the nature of the processing, including measures designed to protect against unauthorized access, loss, or alteration. No method of transmission or storage is completely secure; we encourage you to use strong passwords and enable 2FA where offered.

10. Your rights and choices

Depending on where you live, you may have rights to access, correct, update, or delete your personal information; to obtain a copy in a portable format (where applicable); to object to or restrict certain processing; to withdraw consent where processing is based on consent; and to lodge a complaint with a data protection authority.

Data removal, access, and privacy requests

To submit a request to delete your account or personal data, to access or correct your information, or to exercise other privacy rights, email us at [email protected]. Please include enough detail for us to verify and process your request. We will respond within the time frames required by applicable law (often within approximately 30–45 days, depending on jurisdiction and complexity; we will inform you if an extension is permitted).

California residents: we do not sell or share personal information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA in the selling/sharing sense described in our promise above. You still have rights to know, delete, and correct personal information we hold, subject to legal exceptions. You may designate an authorized agent where the law allows; we may need to verify your identity before fulfilling requests.

Nevada residents: Nevada law (NRS 603A) may allow you to submit a verified request directing us not to sell certain personal information we have collected or will collect. We do not sell personal information as described in this policy; you may still contact us at [email protected] with questions or requests.

If our mobile apps offer account deletion within the app (for example, in settings), you may also use that flow where available; we will process those requests consistently with this policy and platform rules.

11. Age requirement: eighteen (18)+ only

The Services are not directed to anyone under eighteen (18) years of age, or under the age of legal majority where you live if that age is higher. We do not knowingly collect, sell, or solicit personal information from anyone under eighteen (18). If you are not at least eighteen (18) (or the applicable age of majority), do not use the Services, create an account, or provide any information to us.

If we learn that we have collected personal information from someone under eighteen (18) in violation of this policy, we will delete that information and may terminate the related account, except where the law requires us to retain certain records. If you believe someone under eighteen (18) has provided us personal information, contact us at [email protected] and we will take appropriate steps.

The Services are not directed to children under thirteen (13). If you are a parent or guardian and believe we have collected personal information from a child under thirteen (13) in a manner inconsistent with the U.S. Children's Online Privacy Protection Act (COPPA), contact us using the email above and we will take steps to delete such information where required.

12. App Store and Google Play

When you download our app from Apple or Google, those companies may collect information according to their own privacy policies. Our practices are described in this policy. We complete the privacy and data-safety disclosures required in App Store Connect and Google Play Console to reflect, to the best of our knowledge, what the apps collect and how data is used; you should review Apple's and Google's own privacy materials for how those platforms process information when you use their stores and operating systems.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the "Last updated" date. If changes are material, we will provide additional notice as required by law (for example, through the Services or by email where appropriate).