Privacy Policy

Privacy Policy for Nomadtable Inc.
Last Updated: March 19th, 2025At Nomadtable Inc., your privacy is important to us. This Privacy Policy outlines how we collect, use, protect, and disclose your information when you use our mobile application and services, including both free and Nomadtable Plus features. By using Nomadtable, you agree to the terms of this policy.1. Information We Collect and How We Process ItWe collect both personal Information and non-personal Information to enhance your experience.a. Personal InformationContact information (e.g., name, email).Profile details (e.g., age, gender, home country, languages spoken, interests).Profile pictures and user-generated content (e.g., messages, activities created, future trips).Users may upload profile pictures and verification images.
We use AI-powered image moderation and verification to detect inappropriate content and confirm identity.
For verification, users may be required to submit a live photo (e.g., holding up a verification image) for comparison.
These images are processed by AWS Rekognition, an AI service that assists with image moderation and identity verification.Verification Data:
Users may verify their identity through facial comparison and manual verification. This data is used solely for identity verification and fraud prevention and is not stored beyond the verification process unless legally required.b. Location DataWe collect your location to suggest nearby travelers, display nearby activities, and generate AI-based recommendations.Travelers Here List: Your profile (name, profile picture, home country, age) may be visible to others in the "Travelers Here" list when you are in a given map area.Your exact location is never shown - only approximate distance away (and users can opt to hide their distance away in settings or onboarding process).If a map is zoomed in too far, this feature is automatically disabled for privacy.Privacy Controls: Users can hide their approximate distance from others in the "Travelers Here" list by adjusting their settings in the app. Users can also close their direct messages to only friends. Note that this only applies to direct messages and not group chats, but users can leave group chats whenever they want.Activity Location: When you create an activity, its general area will be public on the Nomadtable map so others can discover and join. Your personal location is never shared—only the activity’s general location. Users are expected to talk about the precise meeting point in the chat, so only members of the activity can see it.Private Activities: Users can choose to make activities private, meaning only users they approve can join. In this case, the activity will not be visible to the general public, and only approved participants will have access to its details.Future Trip Planning and Overlap Details: When you create a trip in the app, your destination city and travel dates may be visible to others who are traveling to the same location during overlapping dates. Only your travel dates and destination city will be shared.c. AI-Generated DataAI-generated activity and future trip suggestions are based on user location and interests.AI suggestions may not always be accurate, and users are encouraged to verify details independently.d. Subscription DataIf you purchase Nomadtable Plus, we store your subscription status for Plus feature access. Payments are handled through third-party providers (e.g., Apple, Google Pay).Analytics Data:
We collect engagement data to improve Nomadtable, including screen views, session duration, feature usage, and trip planning trends.We do not collect Personally Identifiable Information (PII) (as defined under U.S. law) in analytics.
Under GDPR, some analytics data (e.g., IP addresses, device identifiers) may be classified as Personal Data before anonymization.
Firebase Analytics processes and anonymizes IP addresses upon receipt, but certain analytics data may still be linked to a user account prior to deletion.
We use analytics under the legitimate interest legal basis (GDPR Article 6(1)(f)) to improve app functionality, ensure security, and monitor performance.
Users can request deletion of analytics data associated with their account by contacting [email protected].2. Legal Basis for Processing (GDPR Compliance)Under the General Data Protection Regulation (GDPR), we process your data based on:Contractual Necessity (Article 6(1)(b)) – When processing is required to provide Nomadtable services (e.g., account management, messaging, trip planning).Legitimate Interests (Article 6(1)(f)) – When processing is necessary to improve user experience, ensure security, and enhance our service. We have conducted a legitimate interest assessment to ensure that our processing does not override user rights.Legal Obligations (Article 6(1)(c)) – When required by law (e.g., fraud prevention, law enforcement requests).Consent (Article 6(1)(a)) – For optional features where explicit user consent is required, such as enabling location services or using AI-based recommendations.Right to Lodge a Complaint
If you believe that our processing of your personal data violates the General Data Protection Regulation (GDPR), you have the right to lodge a complaint with your local data protection authority.For EU/EEA residents, you can find your supervisory authority here: https://edpb.europa.eu/about-edpb/about-edpb/membersen
For UK residents, you can contact the ICO: https://ico.org.uk/make-a-complaint/We encourage you to first contact us at [email protected] so we can address your concerns directly.If we rely on consent, users have the right to withdraw it at any time by adjusting their settings in the app or contacting us at [email protected].3. How We Use Your InformationWe use collected information to:Facilitate activity creation, participation, and future trip planning.
Manage accounts, enable messaging and group chats, and display nearby activities.
Suggest nearby users and activities based on your location and interests.
Recommend venues, activities, and future trips based on AI analysis.
Allow Nomadtable Plus users to access premium features that enhance their experience.
Enhance security, prevent fraud, and monitor for inappropriate content.
Provide profile view notifications and other engagement insights to improve user connections.4. Information Sharing and DisclosureWe only share your information in the following cases:a. Third-Party Services
We use third-party providers to enable essential app functions, such as analytics and messaging. These services process data under their own privacy policies:Firebase Analytics (Google LLC) – Used for analytics and crash reporting. See their policy: https://policies.google.com/privacyStream Chat (GetStream.io, Inc.) – Used for chat functionality. See their policy: https://getstream.io/legal/privacy/OpenAI API (OpenAI, Inc.) – Used for AI-generated recommendations. See their policy: https://openai.com/enterprise-privacyAWS Rekognition (Amazon Web Services, Inc.) – Used for AI-powered image moderation and identity verification. See their policy: https://aws.amazon.com/privacy/b. Legal ComplianceWe may share your information when required by law, including in response to:Law enforcement requests, subpoenas, or court orders.
Legal obligations related to fraud prevention, financial regulations, or national security.
Compliance with applicable data protection laws, including GDPR and CCPA/CPRA..c. Security & Protection
We may also process or share your information when necessary to:Detect, investigate, and prevent fraudulent activities, unauthorized access, or security threats.
Enforce our Terms of Service and protect the rights, safety, and property of Nomadtable, our users, or the public.
Respond to reports of inappropriate content or violations of our community guidelines.d. Business TransfersIf Nomadtable undergoes a merger, acquisition, or asset sale, your data may be transferred. We do not sell, rent, or lease personal data.5. User Rights (GDPR & Global Privacy Laws)
If you are a resident of the European Economic Area (EEA), United Kingdom, California, or other jurisdictions with data protection laws, you may have certain rights regarding your personal data. These rights may include:The right to access, correct, or delete your personal data
The right to restrict or object to processing under certain conditions
The right to data portability
The right to withdraw consent (where applicable)
The right to lodge a complaint with a supervisory authority
These rights are subject to conditions and exceptions under applicable law. If you wish to exercise any of these rights, please contact us at [email protected].For more details on GDPR rights, visit the European Commission’s data protection page:
https://commission.europa.eu/law/law-topic/data-protection/information-individualsen.6. Data Retention
We retain personal data only as long as necessary to provide our services, comply with legal obligations, and support legitimate business operations.Profile Data (Name, Age, Gender, Country, Profile Picture, etc.):Retained while your account is active and deleted when your account is permanently removed.
Chat Messages & Group Interactions: Retained while your account is active and deleted upon account deletion.
Transaction Data (for Nomadtable Plus purchases): Retained for 7 years to comply with tax and financial laws.
Inactive Accounts: We may automatically delete inactive accounts after a prolonged period.
Users will be notified in advance before their account is removed.If you request account deletion, we will remove your data in accordance with our standard deletion process. Some data may be retained if required by law (e.g., tax, fraud prevention).7. Data Security
We take the security of your personal data seriously and implement industry-standard measures to protect it from unauthorized access, loss, misuse, or alteration. These include:Encryption of sensitive data during transmission and storage.
Access controls to limit who can view or process user data.
Regular security assessments to identify and mitigate potential risks.
While we take appropriate steps to protect user data, no security measure is completely foolproof.If you suspect unauthorized access to your account, please contact us immediately at [email protected].8. International Data Transfers
Your personal data may be transferred to and processed in the United States and other countries where our service providers operate. These countries may have different data protection laws than your home country.To safeguard these transfers, we rely on:Standard Contractual Clauses (SCCs) approved by the European CommissionAdditional security measures (e.g., encryption, access controls)Vendor risk assessments to ensure compliance with applicable privacy lawsIf you have questions about international data transfers, you can contact us at [email protected].9. Changes to This PolicyWe may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of the page.If we make material changes to how we collect, use, or share your data, we will provide notice through the app, by email, or other means as required by law.We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.10. California Privacy Rights (CCPA & CPRA Compliance)
Rights of California Residents
Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have specific rights regarding their personal information:Right to Know: You have the right to request details about the categories of personal information we collect, the sources from which we collect it, the business purpose for collecting it, and third parties with whom we share it.Right to Access: You can request a copy of the personal data we have collected about you in the past 12 months.Right to Delete: You may request that we delete your personal information, subject to exceptions (e.g., legal compliance, fraud prevention).Right to Correct: If any personal data we have is inaccurate, you can request corrections.Right to Opt-Out of Sale or Sharing: We do not sell personal data, but under CPRA, you may opt out of the sharing of your data for targeted advertising.Right to Limit Use of Sensitive Personal Information: If we collect sensitive personal data, you may restrict its use for specific purposes.How to Exercise These RightsIf you are a California resident, you can submit a request to exercise your rights by:Emailing us at: [email protected]
Submitting a request through the app settingsWe will verify your identity before processing any request. Requests may take up to 45 days to process, with a possible 45-day extension if necessary.11. California "Shine the Light" Law (California Civil Code § 1798.83)
California residents may request information about whether we disclose personal data to third parties for their direct marketing purposes. Nomadtable does not sell or share personal data with third parties for their direct marketing purposes.If you have questions about how we handle your data, contact us at [email protected].12. Contact UsFor privacy-related inquiries, contact:
📧 Email: [email protected]
🏢 Nomadtable Inc.© 2025 Nomadtable Inc. All rights reserved.