Privacy Policy

1. Introduction

Radial ("we", "our", or "us") is committed to protecting your privacy. Radial is free to use; we do not charge for access to the app or its core features. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Radial iOS application and related services (collectively, the "Service"). Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.

2. Information We Collect

2.1 Information you provide

• Name, age, bio, religion, and optional job information (profile fields)
• Profile photo
• Sex and mutual preference settings (MOPS) — who you want to see and who may see you
• Phone number (used for authentication and blocking)
• Authentication credentials and linked login data via SMS/phone and, if you choose to connect them, Apple, Google, and passkeys
• Identity verification data — a government-issued ID image and a verification selfie, collected once during onboarding to confirm your identity. These are processed by our verification provider and deleted from our servers within 24 hours of processing. See Section 5 for details.
• Safe zone locations (labels and coordinates) you configure in the app

2.2 Information collected automatically

• Precise location data — required to detect users within 15 meters. We store only your most recent location (a single point); no location history or trajectory is retained. Location is collected while the app is in use and, when you grant "Always" permission, via significant-location-change monitoring in the background. Location data is transmitted over encrypted connections (HTTPS).
• Proximity tokens — short-lived, rotating anonymous tokens (refreshed approximately every 15 minutes) used for Bluetooth Low Energy (BLE) and Ultra-Wideband (UWB) proximity detection. These tokens are mapped server-side to your account but are not broadcast with your identity. They expire and are replaced automatically.
• Device push notification token (for Match Request and match alerts)
• App usage logs for debugging (no sensitive personal data is logged)

2.3 Information we do not collect

Because Radial is free to use, we do not collect payment card numbers, bank account details, billing addresses, or other financial account information for app access. Purchases you make with Apple (for example, device or carrier charges) are handled by Apple and your providers under their own terms. We do not retain location history or movement trajectories.

3. How We Use Your Information

• Provide and operate the proximity-matching service
• Show your profile to nearby users who match your mutual preference settings (MOPS), subject to your Receiver mode and safe zone settings
• Verify your identity during onboarding to ensure all users are real people; verification media is deleted within 24 hours of processing
• Enable BLE and UWB proximity detection to confirm users are within 15 meters
• Send push notifications for Match Requests and match acceptances
• Enforce safe zones and automatically disable your discoverability when you are in a designated area
• Process block requests and maintain your block list
• Authenticate your identity and maintain your session securely
• Improve the Service through aggregated, anonymised analytics

4. Location and Proximity Data

Location is the core data that powers Radial. We use a layered approach to determine proximity: broad geographic bucketing (using Uber H3 spatial indexing) narrows the candidate set, Bluetooth Low Energy (BLE) confirms approximate range, and Apple's Ultra-Wideband (UWB) Nearby Interaction framework provides centimetre-accurate distance within approximately 15 meters where supported.

We store only your current location as a single point — no trajectory or location history is retained. Raw GPS coordinates are updated on each location report and overwrite the previous value. We do not sell location data or use it for advertising.

Safe zone coordinates are stored so the app can automatically disable your discoverability when you enter a location you have designated as private (e.g., home or workplace).

5. Identity Verification

To maintain a safe community, all users must complete identity verification during onboarding. This involves submitting a government-issued ID and a verification selfie. Verification is processed by Stripe Identity, our third-party identity verification provider. Stripe processes your verification data under its own privacy policy and is contractually bound to protect it. Once verification is complete, raw identity images are deleted from our servers within 24 hours. We retain only the verification status (e.g., verified) associated with your account.

6. Sharing of Information

We do not sell your personal information. We may share data only in these circumstances:

• With other users — your profile (name, age, photo, bio, religion, and approximate distance) is visible to nearby users whose mutual preference settings (MOPS) are compatible with yours, when your Receiver mode is enabled. Your profile is also visible to a Sender whose Match Request you have accepted, within the 24-hour match chat window.
• Service providers — third-party infrastructure providers including hosting (AWS), database (Supabase), push notifications (Apple APNs), and identity verification (Stripe Identity), who are contractually bound to protect your data and may not use it for their own purposes.
• Legal requirements — if required by law, court order, or to protect the rights and safety of our users.

7. Data Retention

• Account data — retained for as long as your account is active.
• Verification media (government ID image and selfie) — deleted within 24 hours of processing; only your verification status is retained.
• Location data — only your most recent location point is stored; it is overwritten on each update and is not retained beyond what is needed for proximity calculation.
• Match chat messages — retained for the duration of the 24-hour match window. After expiry, messages may be deleted, soft-deleted, or anonymized in accordance with our operational retention practices.
• Proximity tokens — replaced approximately every 15 minutes; expired tokens are not retained.

You may delete your account at any time through Settings. Account deletion permanently removes your profile, last stored location, blocks, safe zones, and registered device tokens from our active systems. Pending Match Requests are cancelled. Any active matches involving your account are marked as no longer available to the other participant, and related messages are deleted or anonymized according to our retention practices.

8. Security

Authentication tokens are stored in the iOS Keychain. All API communication uses TLS. We implement token refresh on expiry and automatic session invalidation when a new login occurs (only one active session is permitted per account at a time). Despite these measures, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

9. Children's Privacy

Radial is intended for users aged 18 and older. We do not knowingly collect personal information from anyone under 18. If we learn that a minor has provided us with personal information, we will delete it promptly.

10. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict certain processing
• Withdraw consent at any time (e.g., revoke location permissions in iOS Settings)

To exercise these rights, contact us at contact@andrewchu.ca.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top and, where appropriate, by sending a push notification. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, please contact us at contact@andrewchu.ca.