Privacy Policy

01

Data Controller

Meday ("we," "us," or "our") is the data controller responsible for the personal data processed through the Meday mobile application and website (collectively, the "Service").

If you have any questions about how your personal data is handled, please contact us at:

Email: service.meday@gmail.com

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what rights you have regarding your data. By using the Service, you agree to the practices described in this policy.

02

Data We Collect

We collect the following categories of personal data:

Account & Profile Data

When you register, you provide us with:

Full name or display name
Email address (via direct registration, Google, or Apple sign-in)
Profile photo
City of residence
Interests (by category)
"About me" text
Gender
Account type (individual or organization)
Date of registration

Event Data

When you create events, we collect:

Event name, description, photos, and category
Event date, time, location (address and/or map coordinates)
Participant limit, gender restrictions, and pricing
Event status history

Activity Data

Events you joined, saved to favourites, or created
Ratings and reviews you submitted
Subscriptions (followers/following)
Achievements and profile statistics

Communication Data

Messages sent through in-app chats between organizers and participants

Payment Data

Transaction history for paid events and Premium subscriptions
Payment processing is handled by Google Play or Apple App Store — we do not store full card details.

Device & Technical Data

Device type, operating system, and app version
IP address
App usage logs and crash reports
Push notification tokens

Location Data

With your permission, we collect your device's geographic location to display nearby events and show events on a map. See Section 7 for details.

03

How We Collect Data

We collect personal data in the following ways:

Directly from you — when you register, fill in your profile, create events, send messages, submit reviews, or contact support.
Automatically — when you use the app, we collect technical and usage data through logs, analytics tools, and device sensors (including location if permitted).
From third-party authentication providers — when you sign in with Google or Apple, we receive your name and email address from those services, subject to their privacy policies.
From payment processors — we receive transaction confirmations and basic billing information from Google Play and Apple App Store when you make purchases.

04

Purposes of Processing & Legal Basis

We process your personal data for the following purposes, each supported by a legal basis under applicable data protection law (including GDPR where applicable):

Purpose	Legal Basis
Creating and managing your account	Performance of a contract
Displaying your profile to other users	Performance of a contract
Publishing and managing events	Performance of a contract
Enabling chat between organizers and participants	Performance of a contract
Processing payments for paid events and Premium	Performance of a contract
Content moderation via AI and manual review	Legitimate interest (platform safety)
Showing events near your location	Consent (location permission)
Sending push notifications about events	Consent (notification permission)
Personalized event recommendations	Legitimate interest / Consent
Analytics and Service improvement	Legitimate interest
Preventing fraud and abuse	Legitimate interest / Legal obligation
Compliance with legal obligations	Legal obligation

05

Data Retention

We retain your personal data for as long as necessary to provide the Service and fulfil the purposes described in this policy:

Account and profile data — retained for the duration of your account. Upon account deletion, personal profile data is removed within 30 days, subject to the exceptions below.
Event data — event listings and associated data may be retained in anonymized or aggregated form after deletion for statistical purposes.
Chat messages — retained while the event is active and for a reasonable period thereafter; deleted upon account deletion.
Payment and transaction records — retained for up to 7 years as required by financial and tax regulations.
Technical logs — retained for up to 90 days for security and debugging purposes.
Content moderation records — retained as needed to enforce our policies and comply with legal obligations.

After the applicable retention period, data is securely deleted or anonymized.

06

Sharing & Third Parties

We do not sell your personal data. We may share your data with the following categories of third parties, only as necessary to operate the Service:

Authentication Providers

When you use Google Sign-In or Sign in with Apple, your authentication is processed by Google LLC and Apple Inc. respectively, under their own privacy policies. We receive only your name and email address from these providers.

Payment Processors

In-app purchases and subscriptions are processed through Google Play (Google LLC) and Apple App Store (Apple Inc.). We receive transaction confirmation data; we do not have access to your full payment card details.

Cloud Infrastructure & Hosting

We use third-party cloud hosting providers to store data and run the Service. These providers are contractually obligated to process data only on our instructions and to maintain appropriate security standards.

AI Content Moderation

Event content submitted for review is processed by an AI system. Event text and images may be analyzed to detect prohibited content. This processing is performed under strict confidentiality terms.

Analytics

We may use analytics services to understand how users interact with the Service. Analytics data is collected in aggregated or pseudonymized form.

Push Notifications

We use Google Firebase Cloud Messaging (FCM) and Apple Push Notification Service (APNs) to deliver push notifications to your device.

Legal Disclosures

We may disclose your data to law enforcement or other authorities if required by law, court order, or to protect the rights, safety, or property of Meday, our users, or the public.

Business Transfers

In the event of a merger, acquisition, or sale of all or part of our business, your data may be transferred to the new owner, subject to equivalent privacy protections.

Your public profile information (name, photo, city, interests, event history) is visible to other registered users of the Service as part of normal platform operation.

07

Location Data

The Service uses your device's location for the following purposes:

Displaying events near your current location on the map view.
Filtering events by distance from your location.
Suggesting a default city based on your current location.

Location access requires your explicit permission. You may grant or revoke this permission at any time through your device settings. If you deny location access, you can still use the Service by entering your city manually, but map-based and distance-based features will not be available.

We do not continuously track your location in the background. Location is accessed only when you are actively using the app and have granted the relevant permission.

08

Security

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, disclosure, alteration, or destruction. These measures include:

Encrypted data transmission (HTTPS/TLS).
Secure storage of credentials and sensitive data.
Access controls limiting data access to authorized personnel only.
Regular security reviews and monitoring.

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for maintaining the security of your account credentials.

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay in accordance with applicable law.

09

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data. To exercise any of these rights, contact us at service.meday@gmail.com. We will respond within 30 days.

Access Request a copy of the personal data we hold about you.

Rectification Request correction of inaccurate or incomplete personal data.

Erasure Request deletion of your personal data ("right to be forgotten"), subject to legal retention obligations.

Portability Receive your data in a structured, commonly used, machine-readable format.

Restriction Request that we restrict processing of your data in certain circumstances.

Objection Object to processing based on legitimate interests, including for direct marketing.

Withdraw Consent Withdraw consent at any time where processing is based on consent (e.g., location, notifications).

Lodge a Complaint File a complaint with your local data protection supervisory authority.

Many of these rights can be exercised directly within the app (e.g., editing your profile, withdrawing location permission, or deleting your account). For requests that cannot be fulfilled in-app, please contact us by email.

10

Cookies & Analytics

The Meday mobile application does not use browser cookies. However, we may use similar technologies such as:

Device identifiers — used to identify your device for push notifications and app analytics.
Firebase Analytics (Google) — used to analyze app usage patterns, user flows, and feature performance. Data is collected in aggregated form and subject to Google's privacy policy.
Crash reporting tools — used to identify and fix technical errors. Crash reports may include device information and the state of the app at the time of the crash.

Our website may use standard web cookies for session management and basic analytics. You can control cookie settings through your browser. Disabling cookies may affect the functionality of the website.

11

Minors

The Service is intended exclusively for users aged 18 and over. We do not knowingly collect personal data from individuals under the age of 18.

If we become aware that we have inadvertently collected personal data from a minor, we will take prompt steps to delete that data and terminate the associated account.

If you believe that a minor has registered on our platform, please contact us at service.meday@gmail.com.

12

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, the Service, or applicable law. When we make material changes, we will notify you via a push notification or in-app message, and update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically. Your continued use of the Service after any updates constitutes your acceptance of the revised policy. If you do not agree to the updated policy, you must stop using the Service and delete your account.