Privacy Policy

Information We Collect

Information you provide

• Account information — name, email address, password, and profile details (such as your bio and profile photo) when you create an account.
• Issue positions — your self-identified stances on social and political issues, which you select during onboarding and can update at any time.
• Messages — the content of conversations you have with other users through the app.
• Community content — posts, comments, and votes you contribute to community discussions.
• Civility ratings — ratings you give and receive after conversations.
• Contact information — if you email us directly (e.g., for support or partnerships).

Information collected automatically

• Device information — device type, operating system, and app version.
• Push notification tokens — to deliver notifications about matches, messages, and community activity.
• Analytics data — we use Google Analytics to understand how the Service is used. This may include pages visited, features used, and general usage patterns. We do not use analytics to track individual behavior.

Information you choose to share for civic features

If you use our civic information features (such as looking up your elected representatives or ballot information), you may provide your address. This information is sent to third-party government data services (see "Third-Party Services" below) to return relevant civic information. We do not store your address on our servers.

How We Use Your Information

• Matching — to connect you with users who have different perspectives on the issues you care about.
• Messaging and communities — to deliver your messages and community contributions to other users.
• Civility system — to maintain a respectful environment by factoring civility ratings into the matching process.
• Notifications — to alert you about new matches, messages, and community activity.
• Improving the Service — to understand usage patterns and improve the app experience. We may use aggregate, non-identifying data (for example, which issues users care most about) for this purpose.
• Communications — to respond to your inquiries and send you updates about the Service.

What We Do Not Do

• We do not sell, rent, or trade your personal information to third parties.
• We do not share your individual issue positions with other users or third parties. No one except you will ever know how you self-identify on any issue.
• We do not read or monitor the content of your private conversations. Messages are encrypted (see "Security" below).
• We do not serve targeted advertising based on your data.

Third-Party Services

We use the following third-party services to operate the Service. These providers process data on our behalf and are bound by their own privacy policies:

• Google Firebase — authentication, database (Firestore), cloud functions, hosting, and push notifications.
• Google Analytics — anonymous, aggregate usage analytics.
• Amazon Web Services (AWS) — backend API hosting for community features.
• Google Civic Information API and Congress.gov API — to provide information about elected representatives and elections when you use civic features. Your address may be sent to these services to retrieve relevant results but is not stored by us.

We do not share your personal information with any third party for their own marketing or advertising purposes.

Security

We take the security of your data seriously and implement industry-standard measures to protect it:

• Encryption at rest — private messages as well as sensitive profile fields (including your name, email address, bio, location, and profile photo URL) are encrypted using AES-256-GCM encryption. This means your personal information and conversations are protected both in transit and at rest.
• Secure connections — all data transmitted between your device and our servers uses HTTPS/TLS encryption.
• Access controls — only authorized personnel with a legitimate need have access to user data, and only for the purposes of operating and improving the Service.

While no system is 100% secure, we are committed to protecting your information and promptly addressing any security concerns.

Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within a reasonable timeframe, except where we are required to retain it for legal obligations (such as child safety reporting).

Your Rights and Choices

You may exercise the following rights at any time by contacting us at contact@gocivi.com:

• Access — request a copy of the personal data we hold about you.
• Correction — request that we correct any inaccurate data.
• Deletion — request deletion of your account and associated personal data.
• Opt out — opt out of non-essential communications from us at any time.
• Data portability — request your data in a portable format where technically feasible.

We will respond to all requests within 30 days.

Children's Privacy

Civi is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will delete it promptly. Please see our Child Safety & CSAE Standards page for more information.

Changes to This Policy

We may update this privacy policy from time to time. If we make significant changes, we will notify you through the app or by email. The "Last updated" date at the top of this page indicates when the policy was most recently revised.