This Privacy Policy explains how BlackSite Labs collects, uses, stores, and shares personal information when you use SYNC. It also explains how we handle identity verification, location-based features, advertising, and privacy rights that may apply in Europe, the UK, and certain US states.
1. Who we are
SYNC is operated by BlackSite Labs. We are responsible for the processing described in this policy unless a third-party provider is acting as an independent controller for its own services. If you have questions about this policy or want to exercise your rights, contact us at privacy@blacksitelabs.cc or through in-app support.
2. Information we collect
We may collect account data, nickname, email address, phone number, date of birth, location settings, profile photos, matching preferences, subscription state, trust and moderation events, support interactions, device information, diagnostics, IP address or approximate network location, and event data needed to operate and secure the service.
3. Identity verification
To reduce fraud and improve trust, SYNC may use identity verification providers such as Didit. These providers may process identity documents, document data, face match, facial biometrics, and liveness checks. SYNC stores the outcome and the verified attributes required to operate the platform.
4. Location and Guardian features
SYNC uses location data for nearby matching, distance presentation, local stars, and Guardian safety workflows. If a user activates Guardian features, live location, guardian contact data, timing events, and alert events may be processed so the safety workflow can function.
5. Advertising and Google AdMob
Trial and other eligible users may see ads in SYNC. We use Google AdMob to serve and measure advertising. Google and its partners may process device identifiers, app instance identifiers, approximate location, IP address, ad interaction data, diagnostics, and consent signals. Where required, SYNC uses Google’s consent flow before ad requests are made. Users can reopen privacy and advertising choices from inside the app where applicable. Even where ads are non-personalized, limited technical data may still be processed for delivery, reporting, fraud prevention, and frequency control.
6. Payments and subscriptions
Purchases and subscription status are handled through native payment providers and related billing platforms. SYNC receives entitlement and subscription-state data, not full card details, but we do receive information needed to determine whether a user has trial, verified, or subscription access.
7. Moderation and abuse prevention
We may process reports, blocks, profile-media moderation results, verification outcomes, and other trust signals to reduce fraud, scams, impersonation, harassment, and platform abuse.
8. How we use information
We use information to create and secure accounts, provide matching and messaging, operate safety systems, verify identity, manage subscriptions, serve and measure ads, enforce our terms, respond to support requests, comply with law, and improve the service.
9. How we share information and key providers
We may share information with processors and service providers that help us operate SYNC, including hosting and database providers such as Supabase, identity verification vendors such as Didit, payment and entitlement providers such as Apple, Google, and RevenueCat, and advertising partners such as Google AdMob. We may also disclose information when required by law, to protect users, to investigate abuse, or in connection with corporate restructuring.
10. Legal bases for processing in Europe and the UK
Where applicable under the GDPR, UK GDPR, and Norwegian privacy law, we process personal information on one or more of the following legal bases: performance of a contract with you, your consent, our legitimate interests in operating and securing SYNC, and compliance with legal obligations.
11. International transfers and retention
Some of our service providers may process data outside your home country. Where required, we use appropriate safeguards for international transfers. We retain information for as long as necessary to operate the service, resolve disputes, meet legal obligations, prevent fraud, support moderation and trust decisions, and protect user safety.
12. Privacy rights for Norway, the EEA, and the UK
If you are located in Norway, the EEA, or the UK, you may have rights to access, correct, delete, restrict, or port personal data, and to object to certain processing. You may also withdraw consent where consent is the basis for processing. You may lodge a complaint with the relevant supervisory authority, including Datatilsynet in Norway.
13. Privacy rights for certain US residents
If you live in a US state with applicable privacy laws, you may have rights such as the right to know or access, delete, correct, and opt out of certain targeted advertising or comparable data-sharing activities. You may also have the right to appeal a denied privacy request where local law requires it. The easiest place to manage ad choices is the in-app Privacy and Cookie Settings entry.
14. One global policy, with regional supplements when needed
We currently use one main Privacy Policy with region-specific sections so users can find the key information in one place. If our legal obligations or data practices diverge materially by region, we may add supplemental notices or region-specific privacy pages later.
15. Security
We use technical and organizational measures designed to reduce risk and protect the confidentiality and integrity of personal data. No system can be guaranteed perfectly secure.
16. Children
SYNC is intended only for adults who meet the platform’s age requirements. Underage users are not permitted.
17. Changes
We may update this policy from time to time. Material changes may be communicated through the app or related user channels.