# Privacy Policy for Runaway **Last Updated: 25/May/2025** ## 1. Introduction Runaway ("we," "our," or "us") is committed to protecting your privacy while providing you with a personalized travel connection experience. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App"). Please read this Privacy Policy carefully. By using the App, you acknowledge that you have read and understood this policy and agree to our collection, use, and disclosure practices, as well as any other activities described in this policy. If you do not agree with our policies and practices, please do not use our App. ## 2. Information We Collect ### 2.1. Information You Provide to Us We may collect information that you provide directly to us, including: - **Account Information**: When you register, we collect your phone number, name, date of birth, gender, and sexual orientation. This information is necessary to create and maintain your account and provide our core services. - **Profile Information**: Information you add to your profile, such as photos, biography, interests, education, work, hometown, and other personal details. This information helps us match you with other travelers and personalize your experience. - **Boarding Pass Information**: When you upload a boarding pass, we extract information such as flight number, departure and arrival airports, and travel dates. This information is essential for our service to connect you with other travelers at airports. - **Communications**: Messages you exchange with other users through the App. We store these to provide and improve our messaging service. - **Subscription Information**: When you purchase trip tokens or premium features, we collect payment information through our third-party payment processors. We do not store complete payment card details on our servers. - **Customer Support**: Information you provide when you contact our customer support, including your correspondence and any information you share to help resolve your issue. ### 2.2. Information We Collect Automatically When you use our App, we automatically collect: - **Location Data**: With your permission, we collect precise location data to verify your presence at airports and provide location-based services. This is essential for our core functionality of connecting travelers in the same location. - **Device Information**: Information about your mobile device, including device model, operating system, unique device identifiers, mobile network information, and mobile advertising identifiers. This helps us optimize the App for your device and troubleshoot issues. - **Usage Information**: Information about how you use the App, including the features you use, the time, frequency, and duration of your activities. This helps us understand user behavior and improve our services. - **Log Information**: Information that your device sends when you use our App, such as IP address, app crashes, system activity, and the date, time, and referrer URL of your request. This helps us ensure the security and proper functioning of our App. ### 2.3. Information from Third Parties We may receive information about you from third parties, including: - **Authentication Services**: Information from third-party services when you link your account with them or use them to log in to our App. - **Analytics Providers**: Information from third-party analytics providers about how you interact with our App, which helps us improve user experience. - **Payment Processors**: Information from payment processors regarding your purchases, which helps us manage your subscription and purchases. ## 3. How We Use Your Information We use the information we collect for various purposes, including to: - Provide, maintain, and improve our services - Create and update your account and profile - Process boarding pass information to verify travel status - Match you with other users based on your location and preferences - Process transactions and send related information - Send you technical notices, updates, security alerts, and support messages - Respond to your comments, questions, and customer service requests - Monitor and analyze trends, usage, and activities in connection with our App - Detect, investigate, and prevent fraudulent transactions, abuse, and other illegal activities - Personalize your experience and deliver content relevant to your interests - Comply with legal obligations - For any other purpose with your consent ## 4. Legal Basis for Processing (GDPR) If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds: - **Performance of a Contract**: Processing necessary to provide you with the services outlined in our Terms and Conditions. This includes creating your account, maintaining your profile, processing boarding pass information, and enabling communication with other users. - **Legitimate Interests**: Processing necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. These legitimate interests include: - Improving and personalizing our services - Ensuring the security of our App and users - Preventing fraud and abuse - Marketing our services to existing users - Analyzing user behavior to enhance our App - Managing our business operations efficiently - **Consent**: Processing based on your specific consent, such as for: - Precise location tracking - Marketing communications to non-users - Processing of sensitive personal data - Use of certain cookies or similar technologies - **Legal Obligation**: Processing necessary to comply with a legal obligation, such as responding to legal requests or retaining certain records. - **Vital Interests**: In rare circumstances, we may process data to protect someone's life. You can withdraw consent at any time, but this will not affect the lawfulness of processing based on consent before its withdrawal. Withdrawing consent for essential processing may impact our ability to provide certain services. ## 5. How We Share Your Information We may share your information in the following circumstances: ### 5.1. With Other Users - Your profile information and content you post are visible to other users of the App according to your privacy settings. - When you communicate with other users, your messages and interactions are shared with those users. - Your location information may be shared with nearby users to facilitate connections, but only while you are actively using the App and have granted location permissions. ### 5.2. With Service Providers We may share your information with third-party vendors, consultants, and other service providers who need access to such information to carry out work on our behalf, such as: - Cloud storage providers - Payment processors - Analytics providers - Customer support services - Marketing partners - Security and fraud prevention services We require these service providers to use your personal data only for providing services to us and in compliance with applicable data protection laws. ### 5.3. For Legal Reasons We may disclose your information if we believe in good faith that such disclosure is necessary to: - Comply with applicable laws, regulations, legal processes, or governmental requests - Enforce our Terms and Conditions, including investigating potential violations - Detect, prevent, or address fraud, security, or technical issues - Protect the rights, property, or safety of Runaway, our users, or others ### 5.4. Business Transfers If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of company assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our App of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information. ### 5.5. With Your Consent We may share your information with third parties when you consent to such sharing. ## 6. Data Retention We retain your information for as long as necessary to provide you with our services and for legitimate and essential business purposes, such as: - Maintaining the performance and functionality of the App - Making data-driven business decisions about new features and offerings - Complying with our legal obligations - Resolving disputes - Enforcing our agreements When determining retention periods, we consider: - The amount, nature, and sensitivity of the personal data - The potential risk of harm from unauthorized use or disclosure - Whether we can achieve the purposes of processing through other means - Applicable legal requirements If you delete your account, we will delete or anonymize your personal information within 90 days, unless: - We need to retain certain information for legitimate business or legal purposes - We need to maintain it to comply with our legal obligations - Some information remains in our backups until they are deleted Information shared with other users, such as messages, may remain visible to them even after you delete your account. ## 7. Your Rights and Choices ### 7.1. Account Information You can update your account information at any time by accessing your account settings in the App. You are responsible for keeping your personal information up-to-date. ### 7.2. Location Information You can prevent us from collecting precise location information by changing the location settings on your device, but this may limit your ability to use certain features of the App, particularly those related to connecting with nearby travelers. ### 7.3. Push Notifications You can opt out of receiving push notifications by changing the settings on your device or within the App settings. ### 7.4. Marketing Communications You can opt out of receiving promotional emails from us by following the instructions in those emails. Even if you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations. ### 7.5. GDPR Rights If you are in the EEA, United Kingdom, or Switzerland, you have the following rights under applicable data protection laws: - **Right to Access**: You have the right to request copies of your personal data. We may charge a reasonable fee when a request is manifestly unfounded, excessive, or repetitive. - **Right to Rectification**: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete. - **Right to Erasure**: You have the right to request that we erase your personal data, under certain conditions. We may retain some information if it is necessary for legitimate business or legal purposes. - **Right to Restrict Processing**: You have the right to request that we restrict the processing of your personal data, under certain conditions. - **Right to Object to Processing**: You have the right to object to our processing of your personal data, under certain conditions, particularly when the processing is based on legitimate interests or for direct marketing. - **Right to Data Portability**: You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions. - **Right to Withdraw Consent**: You have the right to withdraw your consent at any time where we relied on your consent to process your personal data. Please note that these rights are not absolute and may be subject to limitations. To exercise these rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within 30 days. We may need to verify your identity before fulfilling your request. ### 7.6. California Privacy Rights If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). Please refer to our California Privacy Notice [link] for more information about these rights. ## 8. Data Security We have implemented appropriate technical and organizational measures designed to protect the security of your personal information. These measures include encryption of sensitive data, regular security assessments, and strict access controls for our staff. However, please be aware that no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You are responsible for maintaining the secrecy of any credentials used to access your account and for taking any other precautions to protect your personal information. ## 9. International Data Transfers Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data to the United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. For users in the EEA, United Kingdom, or Switzerland, we ensure that any transfer of your personal data to countries outside these regions is done in accordance with applicable data protection laws. We implement appropriate safeguards such as: - Standard Contractual Clauses approved by the European Commission - Binding Corporate Rules for transfers to group companies - Derogations such as consent, contract fulfillment, or important reasons of public interest You can request more information about the safeguards we have implemented by contacting us using the information provided in the "Contact Us" section. ## 10. Children's Privacy The App is not intended for children under the age of 18, and we do not knowingly collect personal information from children under 18. If we learn we have collected or received personal information from a child under 18, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us using the information provided in the "Contact Us" section. ## 11. Cookies and Similar Technologies We and our third-party partners may use cookies, pixel tags, local storage, and other technologies to automatically collect information about your interactions with our App. This helps us to provide you with a better user experience, understand user activity, personalize your experience, and improve the quality of our services. You can control or opt out of the use of cookies and similar technologies that track your behavior on the sites of third parties for ad targeting. For more information about our use of cookies and your choices, please see our Cookie Policy [link]. ## 12. Do Not Track Signals Some browsers have a "Do Not Track" feature that signals to websites that you visit that you do not want to have your online activity tracked. Due to the lack of a common understanding of how to interpret the DNT signal, our App does not currently respond to DNT signals. ## 13. Third-Party Links and Services Our App may contain links to third-party websites, services, or advertisements that are not owned or controlled by us. We are not responsible for the privacy practices or the content of these third-party services. We encourage you to review the privacy policies of any third-party services you access. ## 14. Changes to This Privacy Policy We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last Updated" date at the top of this Privacy Policy. If we make material changes to this Privacy Policy, we will notify you either through the email address you have provided us or by placing a prominent notice on our App. Your continued use of our App after the effective date of the revised Privacy Policy constitutes your acceptance of the revised terms. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information. ## 15. Contact Us If you have questions or concerns about this Privacy Policy or our data practices, please contact us at: Subject : Runaway App Privacy Policy Email: [email protected] For users in the EEA, United Kingdom, or Switzerland, we have appointed a Data Protection Officer who can be contacted at [email protected]. You also have the right to lodge a complaint with your local data protection authority if you believe that we have violated your privacy rights.