top of page

Privacy Policy

Effective Date: June 12, 2025
Version: 1.1


Introduction
This Privacy Policy explains how Ambr ("we," "us," or "our") collects, uses, stores, protects, and shares information when you use our mobile and web application and related services (collectively, the "Service"). By using the Service, you agree to the practices described here. If you do not agree, please do not use the Service.

 


1. Information We Collect

  • We collect the minimum information necessary to run an anonymous, school-based community while keeping your identity protected.

  • Information you provide

    • School selection and optional referral codes to route you to the correct campus feed.

    • User-generated content, including posts, comments, reactions, reports/flags, and any media you attach. Content is tied to a device-based identifier, not to your real name or email.

    • Support requests, where we collect the email address and message you submit so we can respond.

  • Automatically collected information

    • Device and app information, such as a hashed device fingerprint or generated device ID, device model, operating system, app version, language, and timezone. This keeps your anonymous profile consistent and helps combat abuse.

    • Usage and interaction data, including actions such as viewing, creating, voting, flagging, or blocking posts and comments, tab selections, timestamps, and in-app navigation needed to operate features and keep feeds school-specific.

    • Push notification data, such as your Expo push token and basic delivery analytics, to send interaction and post alerts to your device.

    • Technical logs and diagnostics, including IP address, error logs, and crash/performance data, to secure the Service and troubleshoot issues.

  • Information we do not collect

    • We do not collect precise or approximate location information for current product features. If we introduce location-based functionality in the future, we will request permission and update this policy before collecting it.

 


2. How We Use Information

  • Provide and maintain the Service, including school-limited feeds, posts, comments, and games.

  • Enforce community guidelines and safety measures, including moderation, spam prevention, block/flag management, and rate limiting.

  • Send push notifications about posts and interactions, consistent with your device settings.

  • Improve performance and reliability through diagnostics, analytics, and feature testing.

  • Respond to support requests and communicate about the Service.

  • Comply with legal obligations and protect the rights and safety of users and Ambr.

 


3. When We Share Information

  • We do not sell your personal information or use it for targeted advertising.

  • Service providers that help us operate the Service, including Supabase (hosting, database, authentication), Expo (app platform and push notifications), OpenAI or similar vendors for content moderation (if enabled), and analytics/performance partners. They may only use your data to perform services for us and must protect it.

  • Legal or compliance reasons, such as responding to valid legal requests or protecting rights, safety, and security.

  • Business transfers, if we merge, sell assets, or are acquired. We will continue to protect your information and notify you of material changes where required.

 


4. Data Storage, Security, and Retention

  • Security: We use industry-standard measures such as encryption in transit, access controls, and vendor due diligence to protect information. No system is perfectly secure, and we encourage you to protect your device.

  • Retention: We keep information only as long as needed for the purposes in this policy or as required by law. Block records currently expire after 30 days. Support communications are kept as needed to resolve your request. Cached local data (e.g., votes, blocks) may be stored on your device to improve performance.

  • Anonymity: We avoid collecting direct identifiers for general use of the Service. Device fingerprints, push tokens, and school selection are used to maintain your anonymous profile and campus access.

 


5. Your Choices and Rights

  • You can delete your posts or comments where that functionality exists in the app, block or unblock other users, and control push notifications through your device settings.

  • You may request access, correction, deletion, or a copy of your information (where applicable law provides these rights) by contacting us. Because accounts are anonymous, we may ask for your device fingerprint or recent post details to locate your data.

  • If you are in the EEA/UK, Switzerland, or California, you may have additional rights (e.g., objection, restriction, portability). We will honor valid requests consistent with applicable law.

 


6. Children’s Privacy
The Service is not intended for children under 13. Users ages 13–17 may only use the Service with permission from a parent or legal guardian. If we learn we have collected data from a child under 13 without consent, we will delete it.

 


7. International Data Transfers
We may process and store information in the United States or other countries. By using the Service, you consent to transfers to countries that may have different data protection laws. We take steps to protect your information in line with this policy.

 


8. Changes to This Policy
We may update this Privacy Policy from time to time. We will update the effective date at the top and, for material changes, provide additional notice as required. Continued use of the Service after changes become effective means you accept the updated policy.

 


9. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at: www.joinambr.com/support

bottom of page