Last updated: April 28, 2026 Effective date: April 28, 2026
Social Friends is a personal-relationship manager (“friendship CRM”) that helps you stay intentional about the people in your life. This policy explains what data the app collects, why, who we share it with, how long we keep it, and what choices you have.
If you have questions about this policy or want to exercise any of the rights described below, email designskand@gmail.com and we will respond within 30 days.
| Data | Source | Why we need it | Legal basis (GDPR) |
|---|---|---|---|
| Name, optional profile photo, optional birth year | You, during onboarding | Display in the app, age gate (18+) | Contract (Art. 6(1)(b)) |
| Google user ID (if you sign in via Google) | Authentication | Contract | |
| Apple user ID (if you sign in via Apple) | Apple | Authentication | Contract |
| Phone number (your own) | You, during onboarding/auth | Lets friends who have your number find you on Kindrd; stored on your profiles row |
Contract |
discoverable flag (default ON) |
You | If OFF, your profile is excluded from any other user’s contact-match query | Consent (Art. 6(1)(a)) |
We store account data in our backend (Supabase — see “Third parties” below). It is protected by Row-Level Security so only your own authenticated session can read or modify it.
This is the category most apps don’t have to talk about, and it is the most important one for us to be transparent about.
When you add a friend, we store:
CNContactBirthdayKey
(no separate permission — covered by the Contacts permission you
already granted). The same birthday is also auto-filled from your
Kindrd friend’s profile if they have set their own birthday and you are
accepted-friends with them.We store this data on our servers so the app can work across devices and restore your data if you lose your phone. No other Social Friends user can see the friends on your list — it is protected by Row-Level Security in the database.
Important: legal basis for non-user data. We rely on legitimate interest (GDPR Art. 6(1)(f)) as our basis for storing data about people who have not themselves consented to Social Friends. We have weighed the risks and believe the interest is proportionate, because:
If you are not comfortable storing information about a particular person, don’t add them to the app.
When you open the contact picker, the app sends the phone numbers from
your device contacts to our server-side function
(find_kindrd_users_by_phones). The server checks which of those numbers
belong to existing Kindrd accounts and returns only the matching profiles
(name and avatar) so you can add them as friends.
discoverable = true are returned. You can
turn discoverable off at any time in Settings → Privacy, in
which case your profile is never returned in any other user’s
contact-match query.discoverable is ON for new accounts.When you log a hang or plan one, we store:
When you add a note to a friend, we store the note text and any follow-up date you set. Notes can be up to 5 000 characters.
When you broadcast that you are free to hang, we store the slot in the
free_slots table (start time, end time, optional location and note,
audience scope) and any responses your friends make in slot_responses
(‘in’, ‘maybe’, ‘pass’).
end_at has passed (or you cancel it), it becomes
invisible in the app. The row is retained but is not shown to anyone.When you create a poll, we store the poll question, options, and
audience (a list of friend IDs) in the polls table, and votes in the
poll_votes table.
When you add a place to “want to visit” or “visited”, we store:
places table — a shared catalogue, so multiple
users referencing the same restaurant deduplicate to the same row.place_associations.place_interests. Visible only to the friends in
your chosen audience tier (RLS-enforced).place_pair_comparisons. These
derive a calibrated rating score that is stored on your association
rows.Friends connected to you on Kindrd can see your visited and want-to-visit places (Row-Level Security ties this to a confirmed friendship). They cannot see your private notes — only the place reference + status.
When you search for a place, we send the search text and (if you have
granted location) your approximate coordinates to Google Places API
to fetch matching venues. We do not store the search query itself. When
you tap a venue, we fetch its details (address, photo reference, types)
and store the result in our places table.
When you open the Map sub-view, the Google Maps SDK loads map tiles from Google’s servers. Google may receive your IP address and the coordinates of the area you are viewing. Map tile rendering is client-side; we do not log or store your map interactions.
You can clear your places by deleting your account (which deletes all associations and interests) or by individually removing them from the Places tab.
If you upload a profile photo or a photo of a hang, we store it in encrypted-at-rest storage (Supabase Storage). Only your authenticated account can access these photos.
To prevent abuse and enforce rate limits on certain APIs, we keep a small operational log:
rpc_call_log — records the timestamps and names of certain rate-limited
API calls you make (e.g. contact-discovery lookups). Used for abuse
prevention and rate-limit enforcement. Retained for 30 days; pruned
automatically by a daily cleanup job.The app asks for the following OS permissions. Each is explained in the permission prompt at the moment it is requested.
| Permission | When we ask | What we do with it |
|---|---|---|
| Contacts | When you tap “Add from contacts” | Read your contact list to show a picker; only the friends you select are saved. |
| Calendar (Google) | When you enable hang auto-detection | Read recent events on-device to suggest hangs to log. Never uploaded. |
| Calendar (Apple, iOS only) | When you enable Apple Calendar import on iOS | Read events from your local and iCloud calendars via Apple’s EventKit framework, on-device only, to suggest hangs to log. Never uploaded. |
| Notifications | When you enable reminders | Send gentle reminders to check in with friends. |
| Photos | When you add a profile or hang photo | Let you pick a photo from your library. |
| Camera | When you take a new photo in the app | Let you snap a photo to attach to your profile or a hang. |
We use PostHog (an analytics product) to understand how people use Social Friends so we can make it better. Analytics is off by default and only turns on if you choose to opt in during onboarding or in Settings → Privacy.
When analytics is on, we collect:
We do not collect:
You can turn analytics off at any time in Settings → Privacy → “Share anonymous usage data”. Turning it off stops all future collection.
Server-side scheduled jobs (Supabase pg_cron) run on your existing
data to compute monthly and yearly Wrapped summaries (e.g. top friends,
hang counts, streaks). The Wrapped data itself stays in our existing
tables — no new categories of data are collected to produce it.
When configured, we send a push notification via Apple Push Notification service (APNs) to let you know your Wrapped is ready. The notification payload contains only a short message and the Wrapped period, never your friends or hang content.
We queue your monthly Wrapped in a wrapped_pushes table on the 1st of
each month — a small row containing your user ID, the Wrapped period,
and a “ready” timestamp. The row is deleted when you open the Wrapped
or 30 days later, whichever comes first.
If you enable a home screen widget, the widget displays a snapshot of your next suggested friend on your device. This snapshot is stored locally on your device only and is not uploaded anywhere.
We only share data with providers who help us run the app, under written data-processing agreements.
| Provider | What they process | Where | Purpose |
|---|---|---|---|
| Supabase | Account, friends, hangs, notes, photos, preferences | Northeast Asia (Tokyo) | Database + auth + storage |
| Google (OAuth) | Google user ID if you sign in with Google | Global | Authentication |
| Apple (OAuth) | Apple user ID if you sign in with Apple | Global | Authentication |
| PostHog | Anonymous usage events (only if you opt in) | United States | Product analytics |
| Sentry | Crash + error reports (stack traces, OS/device, app version — never your friends, notes, or messages) | United States | Diagnose bugs and crashes |
| Apple / Google | Push notification tokens | Global | Delivering reminder notifications |
| Google Maps + Places API | Search queries you type into the place finder, your IP address (when the SDK loads tiles), and the place IDs you tap on | Global | Render map tiles, find venues by name, fetch place details |
We do not share data with:
Google Calendar and Apple Calendar (EventKit) data is never sent to any of these providers. It stays on your device.
Your data is stored on servers located in Northeast Asia (Tokyo), operated by Supabase. If you are located in the European Economic Area, the UK, or Switzerland, transfers outside your region are covered by Standard Contractual Clauses (SCCs) as published by the European Commission.
When you delete your account, we hard-delete all your data from our live database immediately. Backup copies containing your data age out within 30 days.
Depending on where you live, you have some or all of the following rights over your personal data:
To exercise any of these rights, email designskand@gmail.com. You can also delete your account and all associated data directly from Settings → Account → Delete my account.
You have the right to know what personal information we collect, to delete it, to correct it, and to opt out of any “sale” or “sharing” of personal information. We do not sell or share personal information as those terms are defined in the CCPA/CPRA. To exercise your rights, email designskand@gmail.com.
You have rights of access, correction, erasure, and grievance redressal. Our Grievance Officer is Skand Shekatkar, reachable at designskand@gmail.com, and responds within 30 days.
Social Friends is not intended for anyone under 18 years old. During onboarding we ask for your birth year and block accounts below that age. We store only the year, not the full date of birth.
We do not knowingly collect personal information from anyone under 18. If you believe a child under 18 has created an account, email designskand@gmail.com and we will delete the account promptly.
No system is 100 % secure. If you discover a vulnerability, please email designskand@gmail.com.
We may update this policy from time to time. When we do, we will update the “Last updated” date at the top and, for material changes, notify you inside the app before the changes take effect.