Privacy Policy

VT Nordic AB - Fields of Peers

Effective Date: February 11, 2026

1. Introduction

VT Nordic AB ("we", "us", "our"), registered in Sweden under 559571-9393, with registered address Hedinsgatan 3, 115 33 Stockholm, is the data controller for personal data processed via Fields of Peers.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the App, in accordance with GDPR and other applicable laws. This policy is available in the App (e.g., in Settings > Legal) and on our website.

Contact: support@fieldsofpeers.com

2. Data We Collect

• Provided by you: Email (from Apple/Google sign-in), name/nickname, age, gender, sexual orientation/preferences, photos (including for verification), bio, location (if you choose to share it), and any other information you add to your profile.

• Automatically collected: Device information (device ID, operating system, IP address), usage data (swipes, time spent in app, features used), and analytics/crash logs.

• From third parties: Data received through Sign in with Apple or Google, and location data if you enable it via Mapbox.

3. How We Use Data

We use your data to:

• Provide core features (matching, messaging, profile display)

• Verify users (e.g., via photo verification)

• Moderate content and enforce rules (including reviewing reports)

• Prevent abuse and ensure safety

• Improve the App and analyze usage (anonymized where possible)

• Communicate with you (e.g., updates, support)

Lawful bases under GDPR: contract performance (for core service), legitimate interests (safety, moderation, improvements), and consent (for optional features like location or push notifications, where applicable).

4. Messaging

All messages are transmitted over HTTPS and encrypted in transit via our third-party services. This prevents interception by third parties during transmission.

We do not claim end-to-end encryption. Admins may access messages if needed for moderation, support, or abuse prevention.

Messages are deleted when users unmatch or when an account is deleted.

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy, or as required by law (e.g., GDPR's storage limitation principle).

• Account and profile data: Retained while your account is active.

• After account deletion or termination: All associated personal data is permanently deleted from our systems (subject to any short-term backups or logs kept for legal obligations or abuse prevention).

• Usage and analytics data: Retained only as long as needed for the purposes above, then anonymized or deleted.

• Safety/moderation logs: Retained only as long as necessary for those purposes, then deleted.

We determine retention periods based on the type of data, its sensitivity, and legal requirements—no longer than needed.

6. Third-Party Services

We use the following providers to operate the App. Each has its own privacy policy:

• Firebase (authentication, messaging, storage) →https://firebase.google.com/support/privacy

• Supabase (database, authentication, storage, Row Level Security) →https://supabase.com/privacy

• Expo (app framework, optional push notifications) →https://expo.dev/privacy

• Mapbox (optional location/maps) →https://www.mapbox.com/legal/privacy

• Google Cloud (cloud hosting/storage/backups) →https://cloud.google.com/privacy

By using features powered by these services, you agree that your data may be processed under their privacy policies.

7. International Transfers

Some of our providers (e.g., Firebase, Mapbox, Google Cloud) may store or process data in the United States. We rely on EU Standard Contractual Clauses (SCCs) or other appropriate safeguards to protect your data during such transfers, in line with GDPR requirements.

8. Security

We use industry-standard cloud hosting with strict access controls. User data is protected at the database level using Row Level Security (RLS), which ensures each user can only access their own data. Only authorized personnel can access data.

No system is 100% secure. In the event of a data breach, we will notify affected users and relevant authorities as required by law (including GDPR).

9. Children's Privacy

The Service is strictly for users 18 and older. We do not knowingly collect personal data from children under 18. If we discover such data, we will delete it immediately.

10. Your Rights (GDPR)

You have the right to:

• Access, correct, or delete your data

• Restrict or object to processing

• Port your data

• Withdraw consent (where consent is the basis)

To exercise these rights, email support@fieldsofpeers.com. We will respond within one month (or longer if permitted by law). You may also lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

11. Policy Updates

We may update this Privacy Policy from time to time. Material changes will be notified in the App (e.g., via a banner or on next login). Continued use of the App after an update means you accept the revised policy.

12. Contact

support@fieldsofpeers.com