Privacy Policy

1. Information we collect

Information you provide directly:

• Your name and profile photo
• Your professional role, industry, and years of experience
• A short bio and the types of conversations you are open to
• Your availability — the dates and times you are free for coffee
• Your monthly coffee meeting limit preference

Information from LinkedIn (when you sign in with LinkedIn):

• Name, profile photo, headline, and email address from your LinkedIn public profile
• Your LinkedIn profile URL
• A temporary OAuth access token used to fetch your profile and kept on file for the LinkedIn re-sync feature

We do not access your LinkedIn connections, messages, activity feed, or any data beyond your basic profile. We request only the openid profile email scope.

Information from Apple (when you sign in with Apple):

• A stable, opaque user identifier issued by Apple — this never changes and is unique to you and SyncUp
• Your email address — only if you choose to share it (you may use Apple's Hide My Email relay)
• Your name — only on your very first sign-in via Apple; Apple does not send it again on subsequent logins

Location information:

• Your approximate location (latitude and longitude) — collected once when you set up your profile, and again only if you change your discovery radius in settings
• A human-readable city label derived from your coordinates via reverse geocoding (e.g. "Seattle, WA")
• Your preferred discovery radius in miles

Usage information:

• Coffee meeting requests you send and receive, and their status
• Matches confirmed between you and other users
• Your device's push notification token (to send match and request alerts)

2. How we use your information

We use your information solely to operate SyncUp:

• Matching. We show your profile to other professionals within your chosen radius who share compatible conversation interests. Your name, photo, role, and bio are visible to other users in the feed.
• Scheduling. We use your availability slots to let others invite you for coffee at times that work for you.
• Contact sharing. Your email address and LinkedIn URL are shared with another user only after both of you accept a meeting request. They are never shown to users who have not mutually matched with you.
• Notifications. We use your push token to notify you of new requests and confirmed matches.
• Location-based discovery. Your coordinates are used to calculate distance between you and other users. We do not track your location in real time or in the background.

3. Location data

We request access to your device location once — during onboarding or when you update your discovery settings. We do not track your location in the background or while the app is closed.

Your coordinates are stored on your profile record in our database and are used exclusively to calculate whether you fall within another user's discovery radius. Your exact coordinates are never displayed to other users — only your city label (e.g. "Seattle, WA") is shown publicly.

4. Third-party sign-in providers

We support two sign-in methods. Each is governed by its provider's own privacy policy in addition to ours.

LinkedIn's privacy policy is available at linkedin.com/legal/privacy-policy.
Apple's privacy policy is available at apple.com/legal/privacy.

5. Data storage and security

Your data is stored in a managed PostgreSQL database hosted by Supabase (supabase.com), with servers located in the United States. We use JWT-based authentication with 30-day token expiry. Passwords are never stored — authentication is handled entirely by LinkedIn or Apple.

We take reasonable technical measures to protect your data, including encrypted connections (TLS) for all data in transit. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Data retention

We retain your profile and meeting history for as long as your account is active. If you delete your account, all of your personal data — including your profile, availability slots, meeting requests, and matches — is permanently deleted from our database.

Anonymised, non-identifiable aggregate statistics (such as total meetings facilitated) may be retained for product analytics after deletion.

7. Your rights and choices

• Access. You can view all information on your profile at any time within the app.
• Correction. You can edit your name, bio, role, and preferences from your profile settings.
• Deletion. You can request deletion of your account and all associated data by emailing us. We will process the request within 14 days.
• Location. You can revoke location permission at any time in your device's Settings app. You can also switch to manual city entry within SyncUp.
• Notifications. You can disable push notifications at any time in your device's Settings app.

8. Children's privacy

SyncUp is intended for professional use and is not directed at anyone under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has created an account, please contact us and we will delete it promptly.

9. Changes to this policy

We may update this policy as the app evolves. When we make material changes, we will update the effective date at the top of this page. Continued use of SyncUp after changes are posted constitutes acceptance of the updated policy. For significant changes we will notify you via the app or by email.

10. Contact us

Questions, requests, or concerns about this privacy policy or your data: