PRIVACY
POLICY

1. Who we are

POUNDRR ("POUNDRR", "we", "us") operates the POUNDRR mobile application and related services (the "App"), a platform that matches combat-sports athletes for events and supports training, ticketing, and community features. For privacy questions or to exercise your rights, contact privacy@poundrr.com. This policy is written to align with the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021, "PDPL") and, where applicable, the EU/UK GDPR.

2. Data we collect

2.1 You provide

• Account: email address and username; your password is handled by Firebase Authentication and is never visible to us.
• Profile (user-generated content): first/last name, date of birth, profile photo, fight-card photo, bio, city and country, gym affiliation, and fighter attributes (weight class, experience, stance, reach, record). Profile photo, fight-card photo, and bio are visible to other users in the discovery deck.
• Fighter verification: to put you forward for bouts we collect the fight or sparring videos you submit, a short written description of your fighting experience, and a contact phone number. This media is access-restricted to authorised reviewers and is deleted on account deletion. We do not collect government identity documents, selfies, or biometric data in the App; any in-person identity checks are carried out separately by our team and are not stored in the App.
• Payments: ticket purchases are processed by Stripe. We do not receive or store full card numbers; we hold a Stripe transaction reference and purchase records.
• Safety reports: if you report or block another user we record the report reason, optional details, and the accounts involved, to action it and maintain a moderation audit trail.
• Support & legal: messages you send to support, and your acceptance records for these Terms, the Privacy Policy, and the liability waiver (version, timestamp).

2.2 Collected automatically

• Location (when-in-use only): approximate/precise location is used only while you actively use Party (group-timer) discovery. It is not collected in the background; you can decline and still use the rest of the App.
• Push tokens: a device push token (via the Expo push service / Firebase Cloud Messaging) if you enable notifications.
• Diagnostics: crash and performance data via Sentry. We configure Sentry to strip personal identifiers before events leave the device.
• Device/usage: device type, OS, app version, and in-app interaction/usage events to operate and improve the App.
• Referrals: if you use a referral code we record the attribution (who referred whom) to credit it.

3. Why we use it (purposes & legal bases)

• Provide the core service, matching, events, ticketing, training, Party mode (performance of our contract with you).
• Review fighter submissions and eligibility, and keep the platform safe (content moderation, reports, blocking, suspension) under legitimate interests and substantial public-interest safety.
• Process payments and maintain financial records (contract; legal obligation).
• Send transactional messages and, if enabled, push notifications (contract; consent for push).
• Diagnose crashes, prevent fraud/abuse, and comply with law (legitimate interests; legal obligation).

4. Content moderation

Photos you upload are automatically screened (Google Cloud Vision SafeSearch) before they can appear to other users; borderline or failed images are held for human review. Bio and display text are filtered for prohibited content. Users can report or block others; reports are reviewed and actioned (see §8). This processing exists to meet our safety obligations and Apple's User-Generated-Content requirements.

5. Sharing & processors

We do not sell your personal data. We share it with:

• Other users: your public profile (name, photos, bio, fighter attributes) is visible to other users for matching.
• Service providers (processors): Google Firebase / Google Cloud Platform, Stripe (payments), Resend (transactional email), Sentry (diagnostics), and the Expo push service / Firebase Cloud Messaging.
• Legal & safety: authorities or affected parties where required by law or to protect users' rights and safety.

6. International transfers

Our providers process data on infrastructure that may be located outside your country, including the United States and the EU. Where the PDPL or GDPR requires, we rely on appropriate safeguards with each provider.

7. Retention

• Account & profile data: kept while your account is active.
• On account deletion: personal data, fighter verification media, photos, and profile content are erased within 30 days (some backup copies expire on the backup cycle).
• Financial/transaction records: retained as required by law (typically up to 7 years).
• Safety/moderation and legal-acceptance records: retained as long as needed for safety, dispute, and legal-defence purposes.
• Party sessions end automatically after about 30 minutes of inactivity, and no later than about 2 hours from when they start.

8. Reporting, blocking & objectionable content

POUNDRR has zero tolerance for objectionable content and abusive behaviour. You can report content or block any user from the back of their fight card. We act on reports of objectionable content or abusive users, including removing content and suspending accounts, within 24 hours. Suspended users lose access to the service.

9. Your rights

Subject to the PDPL/GDPR you may request access, correction, deletion, restriction, objection, withdrawal of consent, and a portable copy of your data. You can delete your account and data in-app (Settings, account deletion) or by contacting privacy@poundrr.com. You may also lodge a complaint with the UAE Data Office or your local data protection authority.

10. Security

We use encrypted transport (HTTPS/TLS), Firebase Authentication, server-enforced Firestore/Storage access rules, PCI-compliant payment processing via Stripe, and access controls on sensitive verification media. No system is perfectly secure, but we work to protect your data and respond to incidents.

11. Children

POUNDRR is for adults. You must be 18 or older to use the App. We do not knowingly collect data from anyone under 18; if we learn we have, we delete it.

12. Changes

We may update this policy. We will revise the "Last Updated" date and, for material changes, notify you in-app or by email. Continued use after a change means you accept the updated policy.

13. Contact

Privacy: privacy@poundrr.com
Support: support@poundrr.com
POUNDRR LLC.