Privacy Policy

Last updated: February 2026

Information We Collect

  • Email address
  • Display name
  • City
  • Phone number (optional)
  • Activity preferences
  • Event participation history
  • Feedback you provide

How We Use Your Information

  • To run matching and create events
  • To send event notifications, reminders, and account emails
  • To review feedback, moderation, and safety reports
  • To operate, debug, and improve the service

Data Sharing

We do not sell your personal data. We share data with the following service providers to operate the platform:

Authentication

  • Google OAuth (optional): If you sign up with Google, we receive your email address and basic profile from Google to create your account.

Email

  • Resend: We send transactional emails (verification, event invitations, reminders) through Resend. Your email address and email content are processed by Resend.

Location services

  • Google Maps JavaScript: Used as a visual map layer when maps are enabled.
  • Google Geocoding & Google Places API: Disabled by default for normal user location selection. If legacy discovery is explicitly enabled, city or place queries may be sent to Google.
  • Nominatim (OpenStreetMap): Disabled by default for normal user location selection. If legacy geocoding is explicitly enabled, city or address queries may be sent to the public Nominatim service.
  • Geoapify: Disabled by default for normal user location selection. If legacy geocoding or city-boundary lookup is explicitly enabled, city or address queries may be sent to Geoapify.

Weather

  • Open-Meteo: Event location coordinates and dates are sent to Open-Meteo to retrieve weather forecasts for event advisories.

Error monitoring

  • Sentry (optional): If enabled, application errors and performance data are sent to Sentry for debugging. Personal data collection is disabled in our configuration.

Fonts in emails

  • Google Fonts: Our emails load fonts from Google's CDN. When you open an email, your email client may send your IP address to Google.

Data Retention

Account data is retained while your account is active. If you delete your account from Settings, SymTribe removes your profile data, preferences, memberships, uploaded media, and related participation history. Some safety or audit records may be retained with user references removed.

Cookies & Local Storage

  • Essential cookies for authentication (session token, CSRF protection)
  • Local storage for cookie consent preference
  • No tracking or advertising cookies

Your Rights

  • Access and update the profile data shown in Settings
  • Correct your information at any time
  • Delete your account. Some safety or audit records may remain with user references removed.
  • Opt out of invitation, reminder, and feedback request emails through email preferences or unsubscribe links
  • Data export is not yet available. Contact privacy@symtribe.com if you need a copy of your data

Security

  • Data is sent over HTTPS in deployed environments
  • Passwords are hashed before storage
  • The app uses CSRF protection, rate limiting, and security headers

Israeli Privacy Law

SymTribe operates under Israeli privacy regulations (Protection of Privacy Law, 5741-1981). You have rights to access, correct, and delete your personal information.

Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email.

Contact

For privacy inquiries, contact us at privacy@symtribe.com.