Enso · Privacy Policy

Data we collect

Account and profile: phone number (Firebase Auth), display name, optional avatar photo, bio, app language, friend requests and connections.
Events and interactions: event text and schedule, emoji/mood/tags, paid flag, privacy mode (public/friends/link), location text or coordinates you add, auto-generated public area, participant-only details, responses/messages, invites and favorites.
Location usage: current device location when allowed to build the feed, maps, and routes; geocoding requests when you search an address. You can revoke access in system settings.
Device and diagnostics: device model, OS and app version, identifiers used for push tokens and App Check, crash/performance logs from Firebase Crashlytics/Performance.
Product analytics: aggregated Firebase Analytics events about feature usage (filters, shares, responses, navigation). We do not log SMS codes, phone numbers, or private event details in analytics.

Provide core features: sign-in by phone, profile setup, feed and maps, creating and sharing events with privacy modes, showing routes and reminders.
Send communications: push notifications (FCM) about responses, friend requests, reminders, and status updates.
Protect users: moderation of profiles/events, fraud and abuse prevention, enforcing privacy rules and App Check.
Improve product: measure usage and stability (Analytics, Performance, Crashlytics) to prioritize fixes.
Support: reply to questions and requests about your account or data.

Service providers: we use Firebase (Auth, Firestore, Storage, Cloud Functions, Messaging/FCM, Analytics, Crashlytics, Performance, App Check) on Google Cloud to run the app.
Maps and geocoding: Google Maps/Geocoding receive address queries and map tiles when you search or view the map.
Other users: event data you publish is visible per the chosen privacy mode; coarse location is shown to viewers, precise location and private details only to confirmed participants. Responses and messages are visible to organizers and involved participants.
Legal/compliance: we may disclose data if required by law or to protect rights and investigate abuse.
We do not sell personal data or use third-party advertising SDKs.

Data is stored in Firebase on Google Cloud. Profile, events, responses, and friend links stay while your account is active unless you remove them.
You can delete events or avatars in the app; push tokens are removed when you sign out or disable notifications. Analytics is stored in aggregate; system logs are kept for limited periods per Firebase defaults.
To delete your account and related data, contact us — we will erase or anonymize data unless retention is required by law or to prevent abuse.

Edit your profile and remove your avatar in the app.
Choose privacy for each event (public, friends, link) and whether to add location; only the coarse public area is shown until participation is confirmed.
Manage location permissions in device settings; turning it off may limit nearby recommendations and routing.
Manage push notifications in app and system settings; you can mute categories.
You can request access to or deletion of your data via email.

We use authentication, App Check, Firestore/Storage access rules, and transport encryption (HTTPS). No method is absolute, but we monitor abuse and respond to incidents.

Changes

We will update this policy when practices change. The latest version with the updated date is posted here.

Questions or requests about privacy? Email us: