Privacy Policy

This Privacy Policy applies to:

• App: Jog Together
• Public URL: https://docs.google.com/document/d/1S7xujnRDHoN5WGFIHXBiiW9SmSkSZlau2bMIS1bZbfY/edit?usp=sharing

If you have questions or wish to exercise your rights, contact us at: jog.app.team@gmail.com

1. Personal data we collect

We process the following categories of personal data:

1.1 Account and profile information

• Username and/or name
• Age or year of birth (if provided)
• Profile photo and profile text
• Preferences and settings you choose to provide

1.2 Contact information

Email address and, where provided by authentication providers (such as Vipps), phone number.

1.3 Authentication data

Information provided through third-party login providers such as Apple, Google, and Vipps (e.g., user identifiers and basic profile information).

1.4 User-generated content

• Messages and communication within runs or groups
• Content you publish in the app (e.g., runs, descriptions)
• Content submitted when reporting users or incidents

1.5 Location data

• We use your device's location, which may include precise location, to show nearby runs and match you with other users
• Location is only processed while the app is in use
• Location is not collected in the background
• We do not store your precise location as part of your profile
• Location may be temporarily processed and transmitted to our backend to provide nearby results
• You can disable location access at any time in your device settings

1.6 Public and shared information

Certain information you provide may be visible to other users, including:

• Username
• Profile photo
• Profile information
• Runs you create

Messages are visible only to users who have joined the relevant run or group.

1.7 Technical and usage data

• IP address
• Device type, operating system, and app version
• Basic usage data (such as interactions and app performance)
• Error and crash logs

2. How we use personal data (purposes and legal bases)

2.1 Providing the service

We use personal data to operate the app, including account creation, matching users with nearby runs, and enabling communication within groups.

Legal basis: Contract (performance of an agreement)

2.2 Administration and support

We use data to respond to inquiries and provide technical support.

Legal basis: Contract

2.3 Service improvement

We use limited technical and usage data to improve stability and functionality.

Legal basis: Legitimate interests

2.4 Safety and moderation

We process personal data to handle reports, prevent misuse, and maintain a safe environment.

Legal basis: Legitimate interests

2.5 Advertising

We may display advertisements provided by third parties (such as Google AdMob). Third-party advertising providers (such as Google AdMob) may collect and process device identifiers and usage data to display ads in accordance with their own privacy policies.

Legal basis: Legitimate interests

2.6 Legal obligations

We may process personal data to comply with applicable laws.

Legal basis: Legal obligation

3. Sharing of personal data

We do not sell personal data or share personal data with third parties for their own independent marketing purposes.

We may share personal data with service providers that process data on our behalf, including:

• Supabase (backend, database, and authentication - EU region)
• Apple (Sign in with Apple)
• Google (Google Sign-In and advertising services)
• Vipps (authentication)
• Infrastructure providers (hosting and storage)

These providers process personal data only on our behalf and under appropriate data protection agreements, unless acting as independent controllers (e.g., authentication or advertising providers).

4. Information security

We implement appropriate technical and organizational measures to protect personal data, including:

• Access controls
• Encrypted data transmission (TLS/HTTPS)
• Logging and monitoring
• Security incident handling procedures

5. Data retention

• Account and profile data are stored as long as your account is active
• Messages and group content are stored until the account is deleted
• Runs and related content created by users may remain visible even after completion
• Technical logs and error data are typically stored for up to 90 days
• Safety-related data may be retained for a limited period to prevent misuse

When you delete your account, your personal data is deleted or anonymized within a reasonable time, unless retention is required by law or necessary for legitimate purposes such as maintaining the integrity of shared content.

6. Account deletion

You can delete your account directly within the app settings.

When you delete your account:

• Your personal profile data is deleted or anonymized
• Messages and contributions may remain in a limited form where necessary to preserve group conversations or shared content
• Data may be retained where required by law

7. Age requirements

The service is intended for users who are 18 years or older.

We do not knowingly target or collect personal data from individuals under 18. If we become aware that a user is under 18, we may delete the account and associated data.

8. Your rights

Subject to applicable law, you have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your personal data
• Restrict processing
• Object to processing
• Data portability (where applicable)

To exercise your rights, contact: jog.app.team@gmail.com

9. Complaints

If you believe our processing of personal data violates applicable law, you may lodge a complaint with your local data protection authority.

If you are located in the EEA, you may contact your local data protection authority.

If you are in Norway, this is Datatilsynet (Norwegian Data Protection Authority).

If you are located outside the EEA, you may contact your local data protection or consumer protection authority where applicable.

We encourage you to contact us first so we can try to resolve the issue.

10. International data transfers

Personal data may be processed in countries outside your country of residence.

Where this occurs, we ensure appropriate safeguards are in place in accordance with applicable data protection laws.