Privacy Policy

Last Updated: October 4, 2025 | Version 1.0

Welcome to Soshy. This Privacy Policy applies to the Soshy mobile application ("App"), our website, and related services (collectively, the "Service"). The Service is operated by Soshy - Events & Clubs ("we," "us," or "our").

We are committed to protecting your privacy while you connect with others through real-world events. This policy details how we collect, use, store, and share your personal data. By using Soshy, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

To provide a safe and functional social experience, we collect data in the following categories:

A. Information You Provide Directly

• Account Data: Display name (alias), date of birth, gender, profile photo, and biography.
• Authentication Data: Phone number (for SMS verification), email address, and credentials provided via Google or Apple Sign-In.
• User Content: Interests, club memberships, event participation details, images you upload, ratings, and reviews.
• Communications: Messages sent via direct messages (DMs), club chats, or group chats. Note: While we prioritize security, messages are encrypted in transit and at rest but are not end-to-end encrypted to allow for trust and safety moderation.

B. Information Collected Automatically

• Location Data: We collect approximate location (IP-based) to suggest nearby events. Precise location (GPS) is collected only with your explicit consent for specific features like event creation ("Check-in").
• Device Information: Device model, operating system (Android/iOS), unique device identifiers, IP address, and app version.
• Usage Logs: Interaction data, crash reports (via Crashlytics), and performance analytics (via Firebase Analytics).

C. Trust & Safety Data (Reports, Blocks, and Moderation)

• Reports: When you report content or a user, we collect information such as the reported item/user, report category, optional description, timestamps, and identifiers needed to investigate.
• Blocks: If you block another user, we store a record of the block (user IDs and timestamp) to enforce your preferences and protect your experience.
• Moderation Actions: We may generate internal logs of actions taken (e.g., content removal, warnings, temporary suspension, or permanent bans) to prevent repeat abuse and to comply with safety obligations.
• Safety Signals: We may use technical signals (e.g., spam indicators, repeated reports, or suspicious behavior patterns) to help detect and prevent abuse.

2. Purposes of Processing

We process your data for the following specific purposes:

• Service Provision: To create your account, facilitate event discovery, manage club memberships, and enable messaging.
• Trust & Safety: To detect and prevent fraud, spam, abuse, harassment, and other harmful activities. This includes automated and manual review of reports.
• Safety Alerts: To provide contextual safety tips based on your interactions (e.g., meeting in public places).
• Analytics & Improvement: To understand user behavior, fix bugs, and improve App performance.
• Legal Compliance: To comply with legal obligations, enforce our Terms of Use, and respond to valid law enforcement requests.

3. Legal Bases (GDPR & KVKK)

We rely on the following legal grounds to process your personal data:

• Contractual Necessity: To provide the core services of the App (e.g., account creation, messaging).
• Legitimate Interests: For security monitoring, fraud prevention, and product improvement.
• Consent: For accessing precise geolocation, sending push notifications, or processing sensitive data where required by law. You may withdraw consent at any time.
• Legal Obligation: For tax/financial records and complying with regulatory authorities.

4. Sharing & International Transfers

We do not sell your personal data. We share data only in the following circumstances:

• Service Providers: We use third-party processors such as Google Firebase (Auth, Firestore, Storage, Functions) and Google Cloud for hosting, analytics, and security. Payment processing is handled by third-party vendors (e.g., Apple App Store, Google Play Store, Stripe); we do not store full credit card numbers.
• Publicly Visible Information: Your display name, photo, and club memberships are visible to other users to facilitate social interaction.
• International Transfers: Your data may be transferred to and processed in countries outside your residence (e.g., the United States) where our servers are located. We rely on Standard Contractual Clauses (SCCs) and robust security measures to protect your data during transfer.
• Law Enforcement: We may disclose data if required by law or to protect the safety of any person.

5. Data Retention

We retain your data only as long as necessary:

• Account Data: Retained while your account is active.
• Chat Logs: Retained until deleted by you or for a standard period to ensure community safety.
• Safety Records: Reports and moderation actions may be retained for up to 36 months to prevent repeat offenders.
• Inactive Accounts: Accounts inactive for a prolonged period may be archived or anonymized.

6. Your Rights

Depending on your jurisdiction (GDPR, KVKK, CCPA), you have the right to:

• Access: Request a copy of the data we hold about you.
• Rectification: Correct inaccurate or incomplete data.
• Deletion: Delete your account and associated data directly within the App via Profile > Settings > Delete Account.
• Withdraw Consent: Revoke permissions for location or notifications via device settings.

To exercise these rights, contact our Data Protection Officer at: soshy.club.app@gmail.com

7. Security Measures

We implement industry-standard security measures, including TLS encryption in transit and AES encryption at rest on Google Cloud servers. Access to personal data is strictly restricted to authorized personnel. However, no transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Children's Privacy

Soshy is strictly for users aged 13 and older. We do not knowingly collect data from children under 13. If we discover that a user is under the minimum age, we will immediately delete the account. If you believe a child has provided us with personal data, please contact us immediately.

9. Community Safety & User-Generated Content Moderation

Soshy includes user-generated content such as profiles, photos, messages, event details, ratings, reviews, and club content (collectively, “UGC”). We have a zero-tolerance policy for objectionable content and abusive behavior.

A. Prohibited Content and Behavior

We prohibit, and may remove, content or accounts involving:

• Hate or harassment: hate speech, bullying, harassment, discrimination, or targeted abuse.
• Threats or violence: threats of harm, encouragement of violence, or graphic violence.
• Sexual content: pornography, sexual exploitation, or non-consensual sexual content (including nudity where not appropriate).
• Privacy violations: sharing personal data of others without consent (e.g., phone numbers, addresses, IDs), doxxing, or blackmail.
• Spam and fraud: spam, scams, misleading content, impersonation, or attempts to defraud users.
• Stalking or persistent unwanted contact: stalking, intimidation, or repeated unwanted messages.

B. Filtering and Detection of Objectionable Content

To help keep Soshy safe, we use a combination of automated and human review processes. These may include:

• Keyword and pattern-based detection for spam, harassment, and prohibited terms.
• Signals such as repeated reports, suspicious activity patterns, or abnormal usage behavior.
• Manual review by authorized personnel when content is reported or flagged by our systems.

No automated system is perfect. If you believe content is objectionable, please report it using the in-app reporting tools.

C. Reporting (Flagging) Objectionable Content

You can report content or users directly in the App (e.g., via the content menu or user profile options). Reports are reviewed and handled as part of our trust and safety operations.

D. Blocking Abusive Users

You can block other users in the App. When you block someone:

• The blocked user’s content will be removed from your experience (e.g., feed and relevant surfaces) as soon as possible.
• The blocked user will be prevented from contacting you where applicable (e.g., messaging and interactions).
• We may record the block for enforcement and safety purposes and to help detect abusive patterns.

E. Enforcement and “24-Hour” Response Commitment

We take reports seriously. We commit to acting on valid reports of objectionable content and abusive behavior within 24 hours, which may include removing content and restricting, suspending, or banning the responsible account.

• Content removal: We may remove or limit the visibility of reported content.
• Account actions: Warnings, temporary suspension, permanent ban, or account termination for repeat violations.
• Repeat offenders: We may retain moderation records to prevent repeated abuse.

F. Contact for Safety Issues

If you cannot access in-app reporting or if there is an urgent safety concern, contact us at: soshy.club.app@gmail.com.

10. In-Person Safety & Limitation of Liability

Important: Soshy facilitates real-world meetups. While we employ digital safety filters (e.g., locking DMs until after events, verified profiles), we do not conduct criminal background checks on users.

You agree that you are solely responsible for your interactions with other users. Soshy and Green Axis Technology are not liable for any conduct or incidents that occur offline or during events. Always follow our safety guidelines: meet in public places, tell a friend where you are going, and trust your instincts.

11. Contact & Changes

We may update this policy periodically. Changes are effective immediately upon posting. We will notify you of significant changes via the App or email.