Zappnin

Privacy Policy

Last updated: March 2026

This Privacy Policy explains how Zappnin Ltd. collects, uses, stores and shares personal data when you use the Zappnin mobile app. For UK GDPR purposes, Zappnin Ltd. is the controller of the personal data described in this policy.

1. Contact Details

If you have questions about this policy or want to exercise your privacy rights, you can contact us through the app or by email at hello@zappnin.com.

2. Personal Data We Collect

2.1 Account and authentication data

When you create or use an account, we may collect:

  • your name
  • your email address
  • your authentication provider, such as email, Google or Apple
  • your profile image, where provided by your sign-in provider
  • security and session data, such as tokens and refresh timestamps

2.2 Location and discovery data

To help you discover events near you, we may collect or store:

  • your device location if you choose to grant location permission
  • a postcode, map pin, or other custom location that you choose to save
  • coordinates associated with your selected discovery location

2.3 App usage and preference data

When you use the app, we may collect or create records about:

  • events you view or RSVP to
  • venues you follow
  • search queries you submit
  • discovery preferences and filters
  • optional demographic preferences, such as age range and gender, if you choose to provide them

2.4 Notifications and device identifiers

If notifications are enabled for your device or app session, we may process:

  • push notification tokens used to deliver notifications
  • notification interaction data, such as whether a notification opened a screen in the app

2.5 Support and venue manager data

If you contact us or apply for venue-management features, we may collect:

  • the subject and content of support messages
  • your company or venue name
  • your phone number where you choose to provide it for venue-management enquiries

3. How We Use Personal Data

We use personal data to:

  • create and manage your account
  • authenticate you and keep the service secure
  • show events relevant to your chosen location and preferences
  • let you RSVP to events, follow venues, and use venue-management features
  • send operational notifications about followed venues, event updates, or event cancellations where notifications are enabled
  • respond to support requests and venue-management enquiries
  • prevent abuse, fraud, misuse, and security incidents
  • understand how the app is used and improve the service

4. Lawful Bases

Depending on the activity, we rely on one or more of the following lawful bases under UK GDPR:

  • Contract: where processing is necessary to provide the app and account features you ask us to provide.
  • Legitimate interests: where processing is necessary to run, secure, support and improve Zappnin in a proportionate way.
  • Consent: where you choose to enable optional permissions or features, such as device location access or push notifications.
  • Legal obligation: where we need to keep or disclose information to comply with applicable law.

5. Analytics

We use pseudonymised analytics data to understand how people use the app and to improve event discovery. Our current analytics dataset may include approximate location, search terms, selected categories, and optional demographic preferences. Where a user identifier is included for analytics, it is hashed before storage and location is rounded to reduce identifiability.

We treat this as pseudonymised personal data and use it to improve the service, not to target advertising to individuals.

6. Sharing and Service Providers

We share personal data only where necessary to operate the app. This may include service providers that help us deliver the service, such as:

  • Google and Apple for sign-in and identity services
  • Firebase services for push notifications, app integrity checks, and related mobile infrastructure
  • cloud hosting and storage providers, including AWS services
  • email delivery providers used for account, support, and operational emails
  • mapping and location providers used to display maps and support location-based search

We may also disclose personal data if required by law, to enforce our terms, or to protect users, the public, or Zappnin.

7. International Transfers

Some of our service providers may process personal data outside the UK. Where this happens, we aim to use appropriate safeguards, such as adequacy regulations or contractual protections, so that your personal data remains protected.

8. Retention

We keep personal data only for as long as we need it for the purposes described in this policy. In practice:

  • account data is generally kept while your account remains active
  • support and venue-enquiry records are kept for as long as needed to manage the request and any follow-up
  • security and audit information may be retained for longer where reasonably necessary to prevent misuse or meet legal obligations
  • account-linked analytics is intended to be retained for a limited period and deleted sooner where linked deletion is triggered by account deletion

We routinely review stored personal data and delete, de-identify, or stop retaining it when it is no longer needed for the purposes described in this policy. We may retain limited information for longer where required for legal, regulatory, fraud-prevention, or dispute-resolution purposes.

9. Storage and Security

We use reasonable technical and organisational measures to protect personal data. This includes:

  • encryption in transit
  • access controls and restricted internal access
  • secure storage of authentication tokens on device using the device keychain
  • local on-device storage for certain preferences and discovery settings

No method of transmission or storage is completely secure, but we work to reduce the risk of unauthorised access, loss, misuse, or alteration.

10. Your Rights

Depending on your circumstances, you may have the right to:

  • ask for access to your personal data
  • ask us to correct inaccurate data
  • ask us to erase your personal data
  • ask us to restrict processing
  • object to certain processing based on legitimate interests
  • request portability of data you provided to us, where applicable
  • withdraw consent for optional permissions or processing at any time, without affecting processing already carried out lawfully before withdrawal

You can also disable location permission or push notifications through your device settings. To exercise your rights, use the app where available, contact us through the app, or email hello@zappnin.com.

11. Account Deletion

You can delete your account from the Profile screen. When you delete your account, we will remove or de-identify personal data associated with the account unless we need to keep limited information for legal, security, fraud-prevention, or similar reasons.

Data stored locally on your device may remain until you remove the app or clear the relevant data from your device.

12. Children

Zappnin is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to us, please contact us so we can investigate and, where appropriate, delete it.

13. Complaints

If you have concerns about how we handle personal data, please contact us first so we can try to resolve the issue. You also have the right to complain to the UK Information Commissioner's Office (ICO).

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the date shown above and, where appropriate, notify you within the app.

15. Third-Party Privacy Policies

Some third-party services used in connection with the app have their own privacy notices. Useful links include: