Privacy Policy

Introduction

BuddyLunch ("we", "us", or "our") operates the BuddyLunch mobile application and the buddylunch.com website. This Privacy Policy explains how we collect, use, and protect your information when you use our services.

Information We Collect

Account Information

When you create an account, we collect your name, email address, and a hashed version of your password. We never store plaintext passwords.

Usage Data

We collect information about how you use the app, including groups you create or join, events you schedule, RSVP responses, and restaurant ratings. This data is used to provide core app functionality like payer rotation and restaurant suggestions.

Device Information

If you enable push notifications, we store a device token provided by Apple Push Notification service (APNs) to send you notifications. You can disable notifications at any time through your device settings.

Messages

Group chat messages are stored on our servers to provide message history to group members. Messages are only accessible to members of the group in which they were sent.

How We Use Your Information

• To provide and maintain the BuddyLunch service
• To manage your account and group memberships
• To facilitate lunch scheduling, payer rotation, and bill splitting
• To generate restaurant suggestions based on group history
• To send push notifications about events, RSVPs, and group activity
• To send inactivity reminders when your group hasn't met in a while

Payment Information

BuddyLunch does not process payments directly. When you use the bill splitting feature, we generate deep links to third-party payment services (Venmo, PayPal). We do not collect, store, or have access to your payment credentials or transaction details on those platforms.

Data Sharing

We do not sell, rent, or trade your personal information to third parties. Your information is shared only in the following circumstances:

• Within your groups: Group members can see your name, email, event participation, and messages you send to that group.
• Service providers: We may use third-party services for hosting and infrastructure that process data on our behalf.
• Legal requirements: We may disclose information if required by law or to protect our rights and safety.

Data Security

We use industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords (bcrypt), and token-based authentication (JWT) to protect your data. However, no method of transmission over the internet is 100% secure.

Data Retention

Your account data is retained as long as your account is active. If you delete your account, we will remove your personal information from our servers within 30 days. Some data may be retained in anonymized form for analytics purposes.

Your Rights

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate information in your profile
• Request deletion of your account and associated data
• Opt out of push notifications via your device settings

Children's Privacy

BuddyLunch is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or by email. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy, please contact us at [email protected] or through our support page.