Privacy Policy

Who this applies to

This policy applies to visitors, registered users, and other individuals who interact with the Services, except where a separate notice states otherwise. For users in the European Economic Area, United Kingdom, and Switzerland, additional disclosures may apply as described in “Your privacy rights” and “International users” below.

Information we collect

Depending on how you use the Services, we may process:

• Account and contact information — for example, your mobile phone number used to verify your account, a profile you create, and optional contact or profile details you choose to add.
• Location and motion-related information — when you allow access, the Services may collect precise or approximate device location, route or drive-related data, and related information needed to show maps, presence, and location-based features. Some features may work only if you allow location access, including background access where the operating system and your settings permit.
• User content — for example, posts, events, media, places you save, squad or circle data, and other information you choose to share through the Services.
• Contacts and calendar where you grant access — if you use features that involve inviting others or sharing with people you know, we may process the contact information you choose to make available, consistent with your permissions and platform settings.
• Device, technical, and log information — for example, device type, operating system, app version, network connection type, IP address, diagnostic logs, and timestamps, which we use to provide, secure, and improve the Services.
• Communications — for example, messages you send to us for support, safety reports, and records we need to respond, comply with the law, and protect the Services and our users.

We do not knowingly use our Services to collect health data in categories treated as particularly sensitive in some jurisdictions, and the Services are not intended to collect information from children. See “Children’s privacy” below.

How we use information

We use information to:

• Provide, maintain, and improve the Services, including map- and community-based features;
• Authenticate accounts, keep sessions secure, and help prevent abuse and fraud;
• Communicate with you about the Services, support requests, and important service notices;
• Comply with legal obligations, enforce our terms, and protect the rights, safety, and property of our users, Driftd, and the public; and
• Analyze and understand usage in an aggregated or de-identified way where possible, consistent with this policy and applicable law.

Security and encryption

When you use the Driftd apps, information is generally transmitted over the internet using HTTPS/TLS, which encrypts data in transit between your device and our servers. Location sharing and other social features are delivered through our infrastructure and services we operate with vendors—your shared content is processed by our systems as needed to provide chat, maps, presence, and related functionality (this is not “end-to-end” encryption where only you hold encryption keys).

At rest. We use industry-standard safeguards with our hosting and database providers to protect stored data. Details vary by environment and service; contact us if you need additional information for your region or use case.

Legal bases (EEA, UK, CH)

Where the GDPR (or local equivalent) applies, we process personal data on the following bases, as appropriate:

• Performance of a contract with you;
• Our legitimate interests, such as security, product improvement, and support, balanced against your rights;
• Your consent, where we ask for it; and
• Compliance with legal obligations.

How we share information

We may share information:

• With vendors and service providers that help us run the Services (for example, hosting, message delivery, authentication, maps or mapping data, storage, and analytics in accordance with our instructions and applicable law). Depending on the features you use, this may include processors such as Mapbox (mapping and location visualization), Google Firebase including Firebase Cloud Messaging for push notifications, and cloud hosting providers that store application data.
• With other users when you choose to share, join squads or events, or use social features, consistent with your app settings and profile visibility.
• For legal, safety, and business reasons, such as responding to lawful requests, protecting the Services and our users, or in connection with a merger, acquisition, financing, or sale of assets, subject to required safeguards and notices.

We do not sell your personal information for money, and we do not share it for cross-context behavioral advertising as a “sale” in the sense of the CCPA/CPRA. We do not “sell” personal information of minors under 16, as those terms are commonly used in U.S. state laws.

User-generated content and safety

The Services may allow you and others to upload or share messages, photos, profile information, events, and similar content. If you believe someone is violating these rules or engaging in abusive behavior, contact us at legal@ottomot.to (subject line “Driftd — Report a concern”) or use in-app reporting links where available. The mobile apps may also offer controls such as blocking another user from direct messaging you, where supported. Blocking may not remove historical squad conversations or all shared contexts. We may investigate reports and take action—including removing content or restricting accounts—consistent with our Terms and applicable law.

Your choices and rights

Device permissions. You can control many permissions (especially location) through your device and operating system settings. Revoking permissions may limit certain features.

Access, correction, and deletion. Where applicable, you may be able to access, update, or request deletion of certain information through the app or by contacting us. We may need to verify your request and retain some information where allowed or required by law.

U.S. state rights. If you are a U.S. resident, you may have rights under state laws (for example, California’s CCPA/CPRA) to know, access, delete, correct, and opt out of certain types of “sale” or “sharing” and to appeal certain denials, subject to legal exceptions. To exercise these rights, use the contact method below. We will not discriminate against you for exercising privacy rights, as required by law.

EEA, UK, and Switzerland rights. You may have rights to access, rectification, erasure, restriction, objection, and portability, and the right to lodge a complaint with a supervisory authority.

Retention

We keep information for as long as your account is active, as needed to provide the Services, to comply with law, to resolve disputes, and for legitimate business needs such as security and product improvement. When retention periods end, we delete or de-identify information where practicable, subject to backup and technical limitations.

International users

We are based in the United States. If you use the Services from other regions, your information may be transferred to, stored in, and processed in the United States or other countries where we or our vendors operate, which may have different data protection rules than your country. Where required, we use appropriate safeguards such as the EU Standard Contractual Clauses, the UK’s International Data Transfer Addendum, or other lawful mechanisms.

Children’s privacy

The Services are not intended for, and we do not knowingly collect personal information from, children under 13 (or the applicable age in your region). If you believe we have collected information from a child, contact us and we will take steps to remove it, as appropriate.

Changes to this policy

We may update this policy from time to time. We will post the updated version on this page and adjust the “last updated” date. If changes are material, we will provide additional notice as required (for example, a notice in the app or on the website) before they take effect, where the law requires.

How to contact us

For privacy questions, requests, or to exercise your rights, contact Otto Motto, LLC at legal@ottomot.to. We will respond in line with applicable law, including the EEA, United Kingdom, and Switzerland where they apply to you.