Privacy Policy
Last Updated: February 9, 2025
Effective Date: February 9, 2025
Broma Holdings ("we," "our," or "us") operates the Broma mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.
1. Information We Collect
1.1 Account Information
- Email address (required for account creation)
- Password (encrypted and stored securely)
- Display name (optional)
- Profile avatar (optional, if you upload an image)
1.2 Location Data
- Device location (when you grant permission) to show nearby restaurants, cafes, and events
- Location permissions are requested only when needed and can be revoked in your device settings
1.3 Activity Data
- Check-ins at restaurants and venues (including location name, image, and optional notes)
- Favorites (saved restaurants and venues)
- Search history (stored locally on your device)
- Dietary preferences (allergies, dietary lifestyles, health conditions) to personalize recommendations
1.4 Social Features
- Friend connections (users you connect with)
- Friend activity (check-ins shared with friends, based on your privacy settings)
- Blocked users (users you have blocked)
1.5 Usage Data
- App usage analytics (to improve the App)
- Error logs (to fix bugs and improve stability)
- Device information (device type, operating system version)
1.6 Business Information (if applicable)
- Restaurant claim requests (if you claim a business listing: contact name, email, phone)
2. How We Use Your Information
We use the information we collect to:
- Provide and improve the App (show nearby places, personalized recommendations)
- Enable social features (friend connections, shared check-ins)
- Personalize your experience (dietary preferences, favorite cuisines, location-based suggestions)
- Process business claims (if you submit a claim for a restaurant)
- Communicate with you (account-related notifications, support responses)
- Ensure security (prevent fraud, unauthorized access)
- Comply with legal obligations
3. Third-Party Services
We use the following third-party services that may collect or process your data:
3.1 Supabase
- Purpose: Authentication, database storage, backend services
- Data: Account information, profiles, check-ins, favorites, friend connections
- Privacy Policy: https://supabase.com/privacy
3.2 Google Services
3.3 Sentry
- Purpose: Error tracking and crash reporting
- Data: Error logs, device information (anonymized)
- Privacy Policy: https://sentry.io/privacy/
3.4 Stripe (if applicable)
- Purpose: Payment processing for business subscriptions
- Data: Payment information (handled securely by Stripe)
- Privacy Policy: https://stripe.com/privacy
4. Data Storage and Security
- Encryption: Data is encrypted in transit (HTTPS/TLS) and at rest
- Storage: Data is stored on secure servers managed by Supabase
- Access: Only authorized personnel have access to your data
- Local storage: Some preferences (search history, settings) are stored locally on your device
5. Data Retention
- Account data: Retained while your account is active
- Check-ins and favorites: Retained until you delete them or your account
- Location data: Used in real-time and not stored long-term unless tied to a check-in
- Analytics: Aggregated and anonymized data may be retained for analysis
6. Your Rights and Choices
6.1 Access and Correction
- View and update your profile information in the App
- Export your data (available in Settings → Privacy & Security)
6.2 Deletion
- Delete individual check-ins, favorites, or friend connections
- Delete your account: Available in Settings → Privacy & Security → Delete Account
- Account deletion permanently removes your profile, check-ins, favorites, and friend connections
6.3 Privacy Controls
- Control profile visibility (Settings → Privacy & Security)
- Control whether friends can see your check-ins and favorites
- Block users (Settings → Privacy & Security)
6.4 Location Permissions
- Grant or revoke location permissions in your device settings
- The App works without location, but nearby features require permission
6.5 Opt-Out
- You can opt out of non-essential data collection by adjusting your device settings
- You can disable personalized recommendations in Settings
7. Children's Privacy
The App is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.
8. International Data Transfers
Your data may be processed and stored outside your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.
9. GDPR and CCPA Rights
If you are located in the European Economic Area (EEA) or California:
- Right to access: Request a copy of your personal data
- Right to rectification: Correct inaccurate data
- Right to erasure: Request deletion of your data
- Right to restrict processing: Limit how we use your data
- Right to data portability: Receive your data in a portable format
- Right to object: Object to certain processing activities
To exercise these rights, contact us at privacy@bromaholdings.com or use the in-app account deletion feature.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of changes by:
- Updating the "Last Updated" date
- Posting a notice in the App (for material changes)
- Sending an email (for significant changes)
Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.
11. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
Broma Holdings
Email: privacy@bromaholdings.com
Support: support@bromaholdings.com
---
This Privacy Policy is effective as of February 9, 2025 and applies to all users of the Broma mobile application.