privacy policy
what we collect, where it lives, who else sees it.
loop is a conference-relationship app for people who meet hundreds of new contacts and want to remember every one. The data we collect is the data we need to do that. This page is plain-English; no clauses are hidden in the defined terms. If you'd rather not have us hold your data, the delete your account path nukes everything in one tap.
1 · what we collect
profile data you give us
- Email address (required — used to sign you in via one-time code).
- Name, handle, headline, optional photo.
- Optional contact details you choose to share with people you meet: phone, LinkedIn URL, mailing address.
- "Tone" preference — whether the AI drafts follow-ups in a casual, friendly, or formal voice.
contacts you save
- The card photo, name, email, phone, company, title, LinkedIn, and any voice notes or text notes you attach.
- Follow-up actions and reminders you create for each contact.
- The conference where you met them, if you tagged it.
messages and media
- Loop messages you send and receive — text, audio voice messages, images, and short videos.
- Every message has a TTL (time-to-live) and is automatically deleted from our servers and storage when it expires. View-once messages are deleted right after they're read.
app activity
- Sign-in events (registration, login, "active in last 30 days") with approximate location derived from your IP address (city, region, country, lat/lng to ~city precision). We do not use phone GPS.
- Subscription state and any coupon codes you redeem.
- Push-notification token (if you opt in) so we can send delivery alerts.
what we do not collect
- We don't read your phone's address book unless you explicitly tap "import."
- We don't track your location continuously — only at the moments you sign in or open the app.
- We don't record audio in the background or scan your camera roll.
- We don't fingerprint your device or use third-party advertising trackers.
2 · where it lives
All persistent data is stored in a single Supabase Postgres project (database, file storage, and authentication) hosted in the United States. Each row is gated by row-level security so one user can't read another user's profile, contacts, or messages. Media (images, videos, voice messages) lives in private storage buckets and is served only to the sender and recipient via short-lived signed URLs.
Our serverless API runs on Vercel. The marketing site, app web build, and admin console run on Cloudflare Pages. None of these surfaces hold a database — they forward authenticated requests to Supabase.
3 · who else sees it (sub-processors)
We share specific pieces of your data with the following providers, only when needed for the feature you're using:
| provider | purpose | data shared |
|---|---|---|
| Supabase | database, auth, file storage | everything stored above |
| Vercel | serverless API hosting | your Supabase JWT plus the request body for the endpoint you're hitting |
| Cloudflare | web hosting, DNS, CDN | page requests, IP addresses (standard CDN logs) |
| Resend | email delivery | recipient email address + the email body when we send a contact-add invite or receipt |
| OpenAI | voice-note transcription, business-card OCR, follow-up drafting | the audio clip / card image / context strings you submit. We do not opt in to model training. |
| Apollo | optional contact-enrichment lookups (company, title, headshot) | contact email address only |
| Expo | push notification delivery + over-the-air JS updates | your push token + the notification body |
| Apple App Store / Google Play | app distribution + (future) in-app subscription billing | per their published privacy policies |
We do not sell your data. We do not share it with advertisers. We do not run analytics SDKs that profile users across sessions.
4 · how long we keep it
- Messages and media — auto-deleted at TTL expiry (default 24 hours, configurable per message). View-once media is deleted on first read. Cleanup runs every 15 minutes server-side.
- Profile, contacts, follow-ups — kept until you delete the account or remove the individual record.
- Session-log rows — kept indefinitely for the "where I've signed in from" map; deleted on account deletion.
- Subscription invoices — kept for the lifetime of your account for receipt history. Once you delete your account, they go too.
5 · your rights — accessing, deleting, exporting your data
Read your data. Everything we hold about you is visible inside the app — Profile, Contacts, Loops, Conversations.
Delete your data. Profile → Danger Zone → Delete Account. This cascades through every database table that references your user ID, drops all your uploaded files from storage, cancels your subscription, and revokes your auth session. The action is permanent and immediate; we do not retain backups for "what if you change your mind" purposes.
Export your data. Email hello@everyoneloops.com and we'll generate a JSON dump of your profile, contacts, messages, and conferences within 30 days. We do not yet ship a self-serve export button; that's on the roadmap.
Correct your data. Edit Profile → Save. Contact records are editable from each contact's detail screen.
EU / UK / California residents. You have additional rights under GDPR / UK-GDPR / CCPA: right to know what we hold, right to deletion, right to portability, right to opt out of "sale" (we don't sell data, so there's nothing to opt out of), and the right to non-discrimination for exercising any of these. Email the address below and we'll respond within 30 days.
6 · security
Auth is one-time codes, never passwords. Tokens are stored on your device's OS-protected storage (Keychain on iOS, Keystore on Android) on mobile, and in browser localStorage on the web build (gated behind a tight content-security policy). Server-side, every database table enforces row-level security; the service-role key never leaves the backend. Media in chat-media and voice-messages buckets is served only via short-lived signed URLs scoped to a single object.
We have not had a known breach. If we do, we'll notify affected users by email within 72 hours of confirming the breach, per GDPR Article 33 timing.
7 · children
loop is for working professionals. We don't knowingly collect data from anyone under 16. If you're a parent and believe your child created an account, email hello@everyoneloops.com and we'll delete it.
8 · changes to this policy
We'll post material changes here and notify active users in-app on next launch. Non-material edits (typo fixes, link updates) won't be announced. The "last updated" stamp at the top of this page is authoritative.
9 · contact
Questions about this policy, requests to access/export/delete your data, or anything else: email hello@everyoneloops.com. We typically reply within two business days.