Privacy Policy

Last updated: May 9, 2026

PartyUp ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the PartyUp mobile application ("App"), our website, and related live streaming services (together, the "Service").

1. Information We Collect

Account Information

• Nickname (required, 2–20 characters)
• Profile photo (optional)
• Bio (optional)
• Date of birth or age confirmation, where required by law

Authentication Data

• Apple Sign-In: We receive your name and email address (or a relay email) from Apple.
• Google Sign-In: We receive your name, email address, and profile picture from Google OAuth.
• Guest Access: A temporary session identifier is created. Guest sessions have limited functionality and no personal data is retained after the session ends.

Live Streaming & Social Activity

• Stream metadata (room titles, categories, start/end timestamps, viewer counts)
• Gifts you send and receive (sender, recipient, gift type, coin value, timestamp)
• Friend graph (friend requests, friendships, blocks, reports)
• Direct messages between you and other users (stored to deliver the conversation across devices)
• Public chat sent in live rooms
• Venue listings you create or follow

Wallet & Transactions

• In-app coin balance and transaction history (purchases, gifts sent, gifts received, host earnings, withdrawals)
• For hosts: payout method details required to disburse withdrawal requests (bank account, PayPal, or other supported method as applicable)
• Payment confirmation receipts from Apple App Store or Google Play (we do not see or store your card details — those stay with Apple / Google)

Contacts

• If you choose to sync your contacts to find friends on PartyUp, we access your device's contact list. Phone numbers are hashed before being sent and used solely for friend matching. Raw contact data is not stored on our servers.

Device Information

• Device tokens for push notifications (via Firebase Cloud Messaging and Apple Push Notification Service)
• Device type, OS version, and app version (for troubleshooting and crash reporting)
• Approximate IP-based region (used for rate-limiting, fraud prevention, and content compliance)

2. Information We Do NOT Collect or Store

• Live video & audio: We do not record, store, or have access to live video or audio. Streams are transmitted in real time through Agora's infrastructure and are not retained after the broadcast ends.
• Precise location: We do not collect GPS or precise location.
• Card numbers: All payments are processed by Apple or Google. We never see your full card details.
• Microphone or camera when not broadcasting: Camera and microphone are accessed only while you are actively in a live room.

3. How We Use Your Information

• To create and manage your account
• To enable you to host live streams, join rooms, and discover venues
• To process coin top-ups, deliver virtual gifts, and credit host earnings
• To process host payout / withdrawal requests
• To deliver direct messages and friend interactions
• To send push notifications (DMs, friend requests, room invites, gift receipts)
• To match you with friends if you opt in to contact sync
• To enforce our Terms of Service, prevent fraud and abuse, and respond to user reports
• To improve the App and troubleshoot issues

4. Sharing of Information

We do not sell your personal data. We share information only with:

• Other users you interact with — your nickname, avatar, public stream activity, and gifts you send to public rooms are visible to those rooms.
• Service providers required to operate the platform (see Section 5).
• Legal authorities if required by valid legal process or to protect the safety of users.

5. Third-Party Services

We use the following third-party services:

• Agora — real-time live video and audio. Privacy Policy
• Apple App Store In-App Purchase — payment processing for coin top-ups on iOS.
• Google Play Billing — payment processing for coin top-ups on Android.
• Firebase Cloud Messaging — push notification delivery. Privacy Policy
• Apple Push Notification Service — push delivery on iOS.
• Apple Sign-In & Google Sign-In — authentication.
• Railway — application hosting infrastructure.

6. Data Retention

• Account data is retained while your account is active.
• Direct messages and chat history are retained until you or your conversation partner deletes the conversation, or until your account is removed.
• Transaction history (coin purchases, gifts, withdrawals) is retained for at least 7 years to satisfy financial-record obligations.
• Live stream metadata may be retained for up to 12 months for safety, anti-fraud, and analytics purposes.
• Guest session data is deleted when the session ends.
• If you delete your account, your data is soft-deleted and recoverable for 30 days. After 30 days, all personal data is permanently removed, except for transaction records we are legally required to retain.

7. Data Deletion

You can delete your account at any time:

• In the App: Profile › Danger Zone › Delete Account
• By email: bsnguangyi@gmail.com

8. Data Security

• Authentication tokens are stored on your device using platform-native secure storage (iOS Keychain / Android EncryptedSharedPreferences).
• All communication between the App and our servers is encrypted via HTTPS / WSS (TLS 1.2+).
• Passwords (where applicable) are hashed using bcrypt before storage; we never store plaintext passwords.
• Access to production data is limited to authorised engineers and audited.

9. Children's Privacy

PartyUp is not intended for children under 13 (or the higher minimum age set by your country's data protection law). We do not knowingly collect personal information from children. If we learn that we have collected data from a user below the applicable minimum age, we will delete it promptly. Parents or guardians who believe their child has provided us with personal information may contact us at bsnguangyi@gmail.com.

10. Your Rights

Depending on where you live, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict certain processing
• Receive a copy of your data in a portable format
• Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at bsnguangyi@gmail.com.

11. International Transfers

Our servers are operated by Railway and may store data in regions outside your country of residence. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) to protect data transferred internationally.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or via email. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at:

bsnguangyi@gmail.com