Privacy Policy
Effective 19 May 2026
I'm In! ("the app") is operated by Lamberto Tarin (tarinlamberto@gmail.com). This policy explains what data the app collects, how it is used, and your choices.
1. Data we collect
Phone number. Used to send a one-time SMS code at sign-in. Stored only as a SHA-256 hash; the original number is not retained.
Display name and (optional) avatar. You provide these during profile setup. Visible only to your accepted friends inside the app.
Approximate location. Collected only while you have an active "I'm in" availability, so accepted friends can see your pin on the map. The location row is deleted the moment your availability expires or you tap End. We do not retain a historical location log.
Push notification token. Used to deliver notifications when a friend goes "I'm in" or someone joins your activity. Delivered via Expo Push Service and Firebase Cloud Messaging.
Diagnostic data. If the app crashes we collect anonymous error reports (no personal content) via Sentry to fix bugs.
2. How we use it
Solely to operate the app: authenticate you, show your live availability to your friends, deliver notifications, and diagnose crashes. We do not sell your data and we do not use it for advertising.
3. Who we share it with
We rely on the following sub-processors to run the service:
- Supabase (database, auth, storage)
- Twilio (SMS delivery for sign-in codes)
- Expo and Firebase Cloud Messaging (push notifications)
- Google Maps Platform (map tiles and place data)
- Vercel (web hosting)
- Sentry (crash diagnostics)
We do not share your data with anyone else.
4. Visibility inside the app
Your availability, location and profile are visible only to users you have accepted as friends. There is no public discovery feed.
5. Retention and deletion
Profile data is retained while your account exists. Availability and location rows are deleted on expiry. To delete your account and all associated data, email tarinlamberto@gmail.com from your account's phone number or a verifiable address. We will action the request within 30 days.
6. Children
I'm In! is intended for users 18 and over. We do not knowingly collect data from anyone under 18.
7. Your rights
You may request access to, correction of, or deletion of your personal data at any time by emailing tarinlamberto@gmail.com. Residents of the EEA, UK, and other jurisdictions with comparable laws have the same rights under GDPR or equivalent regulation.
8. Changes
If this policy changes materially we will update the effective date above and notify active users in-app.