Privacy Policy

1. Who We Are

ApexWander is a product of bigSIMPLE Development, operated as a sole proprietorship. Our contact email is bigsimpledevelopment@protonmail.com. When this policy says "we," "us," or "our," it means bigSIMPLE Development.

2. What Data We Collect

We collect only what is necessary to provide the service:

• Account information — email address and password (hashed) when you create an account; optional display name
• Mode and pairing data — whether your account is in solo, couple, or group mode, and the couple code or group ID linking you to a partner or group
• Swipe events — the place ID, name, category, tags, price tier, distance, and direction (left/right/super) of each swipe, plus the approximate location at swipe time used to derive distance and refine recommendations
• Preference profile — a learned profile (categories, tags, price affinity, distance tolerance) derived from your swipe history, used to rank suggestions
• Saved activities — places you explicitly save, including the place ID, name, and cached place metadata
• Wander Requests — natural-language prompts you submit (e.g., "quiet dinner near downtown") used to generate suggestions
• Location at session time — your device's coordinates, used in-session to find nearby places. See Section 5 for retention.
• Feedback you send us — content of any feedback or support messages you submit
• Usage data — features used, session timestamps, and error logs, collected via server logs
• Device information — iOS or Android OS version and app version, for crash reporting and compatibility
• Payment information — billing details processed by Stripe; we never store raw card numbers

We do not collect: your contacts, microphone or camera access, photo library, calendar, call logs, browsing history outside the app, or any data unrelated to activity discovery.

3. How We Use Your Data

• Find nearby activities by querying the Google Places API with your current coordinates
• Rank and personalize suggestions using your preference profile derived from past swipes
• Generate suggestions from your natural-language Wander Requests via Anthropic's Claude API
• Match suggestions across both partners' preferences when you're in couple or group mode
• Sync your saved activities and preference profile across your devices
• Diagnose crashes and improve app performance
• Send transactional emails (e.g., password reset, couple-pairing confirmations) — we do not send marketing email without your opt-in

We do not use your activity preferences for advertising, sell them to data brokers, or share them with third parties except as described in Section 4.

4. Third-Party Services

ApexWander relies on the following third-party services:

• Google Places API (Google) — we send your current latitude, longitude, search radius, and any active filters (category, price tier) to retrieve nearby places. We do not send your account email, swipe history, or any persistent identifier. Your use of Google Places content through ApexWander is also subject to Google's Terms and Privacy Policy.
• Anthropic (Claude API) — we use Anthropic's Claude models to (a) rank candidate places against your preference profile and (b) interpret natural-language Wander Requests. We send only the place metadata, your preference profile, and your prompt text. We do not send your account email, password, or location coordinates. Anthropic does not retain this data for model training.
• Stripe — payment processing for paid subscription tiers and one-time upgrades
• Resend — transactional email delivery (account confirmation, password reset, couple-pairing notifications)
• Render / Railway / Neon — cloud hosting and PostgreSQL database; data at rest is encrypted by the provider

We do not use advertising SDKs, social-login providers, or analytics pixels from Facebook, Google, or similar ad networks.

5. Location Data

ApexWander needs your location to find nearby places. We treat location with extra care:

• In-session use only. Your precise coordinates are used in real time to query Google Places and rank results, then discarded.
• Approximate coordinates with swipes. When you swipe on a place, we record an approximate coordinate alongside the swipe so distance-based preference learning works. These are used solely to refine recommendations for you.
• No background tracking. ApexWander does not access your location while the app is closed or in the background.
• No location-based advertising. We do not use your location to target ads; we do not run ads.
• Revocable at any time. You can revoke location permission in your device settings; the app remains usable with manually entered locations.

6. Couple and Group Mode

If you connect with a partner via couple code, or join a group, the people you connect with can see:

• Your display name (or email if you have not set one)
• Activities you save to a shared list while in that mode
• Match results — i.e., places both/all of you swiped right on

They cannot see your individual swipe history, your preference profile, or any swipes outside of the shared session. You can disconnect a couple pairing or leave a group at any time from the app.

7. Mobile App Permissions

The iOS and Android apps request only the permissions required for core features:

• Location (when in use) — required to find nearby activities; you can deny it and enter a location manually
• Internet access — required to load place suggestions and sync your account
• Notifications — optional, used for couple-match alerts and pairing confirmations

No other device permissions are requested. You can review and revoke permissions at any time in your device settings.

8. Data Retention

• Real-time location queries: not stored; held only for the duration of the API request
• Swipe events (with approximate location): retained until you delete them or close your account; you can clear swipe history from account settings
• Preference profile: retained until you reset it or close your account
• Saved activities: retained until you delete them or close your account
• Wander Requests: retained for 30 days for debugging and quality, then deleted
• Account data: retained for the life of your account, then deleted within 30 days of account closure
• Couple pairing / group membership: deleted when you disconnect, leave, or close your account
• Payment records: retained as required by law (typically 7 years)
• Server logs: retained for 90 days for security and debugging
• Crash reports: retained for 90 days

9. Your Rights

You have the right to:

• Access — request a copy of the personal data we hold about you
• Delete — request deletion of your account and all associated data, including swipe history, preference profile, saved activities, and any couple/group memberships. You can initiate this from Settings → Delete Account in the app, or by emailing us.
• Reset preferences — clear your swipe history and preference profile from account settings without closing your account
• Disconnect — leave a couple pairing or group at any time from the app
• Export — download your saved activities and preference profile as a JSON file from account settings
• Correct — update inaccurate account information at any time

To exercise any of these rights, email bigsimpledevelopment@protonmail.com with "ApexWander Privacy Request" in the subject. We will respond within 30 days.

10. Security

All data in transit is encrypted with HTTPS/TLS. Data at rest is encrypted by our hosting infrastructure. Passwords are stored as salted hashes and never in plaintext. We apply principle-of-least-privilege for internal access and parameterize all database queries.

If you believe a security vulnerability exists, please disclose it responsibly to bigsimpledevelopment@protonmail.com.

11. Children

ApexWander is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has created an account, contact us and we will delete it promptly.

12. Changes to This Policy

If we make material changes, we will post the updated policy here and update the "Last updated" date above. For significant changes, we will notify account holders by email at least 14 days in advance.

13. Contact

Questions about this policy? Reach us at bigsimpledevelopment@protonmail.com.