← Back to FrendLyst

Privacy Policy

This policy explains how FrendLyst collects, uses, shares, protects, and retains data for an 18+ virtual social game.

Last Updated: April 24, 2026

Key Privacy Commitments

  • We do not sell your personal data for money.
  • We do not intentionally publish your exact location.
  • Reported content may be reviewed for safety and moderation.
  • Coins, rewards, and economy records are virtual-only app records.
  • You can request access, correction, deletion, or other privacy help at nekocode.dev@gmail.com.

Who Controls Your Data

  • Operator: FrendLyst is operated by an independent developer based in the Philippines. In this policy, "we", "us", and "our" mean that independent operator.
  • Privacy Role: For personal data where we decide the purpose and method of processing, we act as the personal information controller under the Philippine Data Privacy Act of 2012.
  • Privacy Contact: You can contact the privacy owner for FrendLyst at nekocode.dev@gmail.com.
  • Scope: This policy covers the FrendLyst mobile app, web app surfaces, admin/support workflows, and related backend services.

Information We Collect

  • Account Data: Email address, user ID, authentication records, username, display name, date of birth or age-gate state, account status, and login/security events.
  • Profile Data: Photos, avatar, bio, tags, city or region, profile number, badges, levels, stats, public profile details, verification status, and preferences.
  • Face Verification Data: If you choose Face Verification, we collect a live selfie, liveness challenge metadata, profile photos used for reviewer comparison, submission status, reviewer decision, and rejection or retake reason.
  • User Content: Posts, comments, chat messages, club messages, photos, reactions, gifts, reports, support tickets, profile edits, and other content you submit.
  • Social and Game Activity: Connections, blocks, reports, profile views, ownership activity, virtual balances, purchases, rewards, quests, referrals, leaderboard activity, club participation, and moderation history.
  • Purchase Data: Product IDs, store platform, purchase tokens or receipts, subscription status, transaction metadata, refund or chargeback signals, and fraud-prevention records. We do not receive your full card number from Apple or Google.
  • Device and Technical Data: Device type, operating system, app version, browser details, IP-derived network data, diagnostic logs, crash/error data, cache state, performance events, and security signals.
  • Location Data: If you allow location access, the app may process precise coordinates for nearby discovery and ranking, then display or use only coarse labels where practical. Exact coordinates are not shown publicly by design.
  • Ad and Notification Data: Ad consent state, rewarded-ad claim sessions, ad verification data, push tokens, notification preferences, delivery logs, and notification interaction data.

How We Use Data

  • Operate the App: Create accounts, authenticate users, show profiles, deliver chat, run clubs, process reports, operate support, and provide app features.
  • Run the Virtual Economy: Calculate virtual balances, friend prices, profile numbers, ownership activity, rewards, taxes, burns, limits, subscriptions, leaderboards, and anti-abuse controls.
  • Personalize Discovery: Rank feeds, nearby discovery, market surfaces, recommendations, notifications, and content using profile, location, social, and activity signals.
  • Safety and Moderation: Prevent spam, scams, harassment, child safety abuse, fraud, cyber abuse, illegal content, manipulation, and Terms violations.
  • Face Verification Review: Face Verification review confirms the live selfie appears to match profile photos. It is not legal identity verification, government ID verification, or age verification.
  • Face Verification Use: Face Verification photos and review records are used only for badge review, fraud prevention, abuse prevention, appeals, audit logs, and safety enforcement.
  • Payments and Ads: Validate store purchases, restore access, manage subscriptions, verify rewarded ads, prevent chargeback abuse, and respect ad consent choices.
  • Communications: Send service messages, support replies, security notices, reports, notifications, receipts, policy updates, and optional marketing where allowed.
  • Improve and Secure: Debug errors, analyze performance, monitor reliability, test features, prevent unauthorized access, and protect users and the service.
  • Legal Compliance: Respond to lawful requests, enforce terms, preserve evidence, resolve disputes, handle tax/accounting records, and meet privacy, consumer, app-store, and safety obligations.

Legal Bases

  • Consent: We rely on consent for age confirmation, optional location access, push notifications, ad consent choices, optional marketing, and some privacy-sensitive features.
  • Contract: We process data to provide the app, enforce these Terms, deliver purchases, maintain accounts, and operate requested features.
  • Legitimate Interests: We process data to protect safety, prevent fraud, improve the app, moderate content, secure systems, and understand service health.
  • Legal Obligations: We process or retain data when required by law, app-store rules, tax/accounting duties, legal claims, regulatory requests, or lawful orders.
  • Vital or Public Interests: We may process or disclose limited information when necessary to prevent serious harm, protect a person, or respond to urgent safety issues.

What Others Can See

  • Public Profile: Other users may see your username, display name, avatar, photos, bio, tags, badges, level, fame, net worth, profile number, ownership status, and other public game stats.
  • Social Activity: Posts, reactions, gifts, club participation, leaderboard positions, profile-number activity, ownership activity, and virtual economy events may be visible depending on the feature.
  • Messages: Direct chats are intended for participants, but relevant messages may be reviewed if reported, flagged, or needed for safety, abuse prevention, or legal compliance.
  • Blocked Users: Blocking is used to reduce visibility and contact between accounts, but it cannot erase content another user already saw, captured, or lawfully received.

How We Share Data

  • Other Users: We share public profile, social, and game data with other users as part of FrendLyst features.
  • Service Providers: We use trusted providers for hosting, database, authentication, storage, edge functions, crash/error monitoring, push notifications, ad services, purchase validation, moderation, support, email, analytics, and security.
  • Current Providers: Providers may include Supabase, Apple, Google, Firebase or platform push services, Google AdMob, Sentry, OpenAI moderation services when enabled, OpenStreetMap/Nominatim for reverse geocoding, and similar infrastructure providers.
  • App Stores and Payment Providers: Purchase, subscription, receipt, refund, and entitlement data may be shared with Apple, Google, or other approved stores to process digital purchases.
  • Safety and Law: We may share information with law enforcement, regulators, courts, app stores, legal advisers, safety organizations, or affected users when required by law or when necessary to prevent harm, fraud, abuse, or rights violations.
  • Business Transfer: If the app, assets, or operation are transferred to another operator, user data may transfer as part of that transaction subject to this policy or a replacement notice.
  • No Sale of Personal Data: We do not sell your personal data to third parties for money. We do not give advertisers your direct messages.

Location Privacy

  • Optional Permission: Location-based discovery uses your device permission. You can deny or revoke location permission in your device settings.
  • Precise Input, Coarse Use: The app may receive precise latitude and longitude to calculate nearby ranking, but FrendLyst is designed to show coarse labels, such as province or city-level labels, instead of exact coordinates.
  • Private Storage: Recent discovery coordinates may be stored in a protected backend table to rank nearby profiles and expire in usefulness over time.
  • Reverse Geocoding: When the app asks a map/geocoding provider for a coarse label, that provider may receive coordinates and technical request data under its own terms.
  • No Public Exact Location: We do not intentionally publish your exact coordinates to other users.

Reports and Moderation

  • Report Review: Reported content may be reviewed by authorized moderators, automated safety filters, fraud systems, and AI-assisted moderation tools.
  • Chat Context: Relevant chat snippets, user history, report details, account metadata, and evidence may be reviewed when needed to understand a safety report or enforce policy.
  • Safety Actions: Depending on the severity, evidence, risk, user history, repeat behavior, and legal or safety impact of the offense, moderation may result in warnings, removal, mutes, account restrictions, suspensions, bans, reward reversals, blocked payouts, purchase checks, evidence preservation, or law-enforcement escalation.
  • False Reports: We may use report data to detect abuse of the reporting system and protect users from retaliatory or malicious reports.

Data Security

  • Security Measures: We use reasonable technical, organizational, and access-control measures such as HTTPS/TLS, Supabase row-level security, restricted admin tools, service-role separation, audit logs, moderation controls, and least-privilege practices.
  • Encryption: Data is protected in transit. Backend providers may also protect stored data using platform-level security controls.
  • No Perfect Security: No app, database, network, or moderation system is 100% secure. You should use a strong password, protect your device, and report suspicious activity.
  • Breach Response: If we believe a breach creates a real risk of serious harm, we will take reasonable steps to investigate, contain, notify affected users and/or the National Privacy Commission where required, and prevent recurrence.
  • Security Contact: Report security issues to nekocode.dev@gmail.com.

Retention

  • Active Account Data: We keep account, profile, subscription, economy, and safety data while your account is active and as needed to operate the app.
  • Chats and Reports: Chat messages, reports, enforcement records, fraud signals, and safety evidence may be retained for moderation, dispute, appeal, abuse-prevention, and legal reasons.
  • Deletion Requests: Account deletion removes or de-identifies many user records, but some data may remain where needed for legal compliance, safety, fraud prevention, chargebacks, accounting, backups, audit logs, or unresolved disputes.
  • Backups and Logs: Deleted data may remain in backups, logs, or cache for a limited period until normal rotation or deletion processes complete.
  • Retention Policies: Some operational logs are automatically deleted on schedules, while account, purchase, safety, and economy records may need longer retention to protect users and the service.

Your Privacy Rights

  • Access: You may ask what personal data we process about you and request a copy where required by law.
  • Correction: You may correct many profile details in the app and may ask us to correct inaccurate data.
  • Deletion: You may request deletion of your account and personal data, subject to safety, fraud, legal, backup, accounting, and dispute-retention exceptions.
  • Object or Restrict: You may object to or request restriction of certain processing where applicable law allows.
  • Portability: You may request a portable copy of certain data where applicable law requires it and where technically feasible.
  • Withdraw Consent: You may withdraw consent for optional processing such as location, push notifications, optional marketing, and ad choices through device settings, in-app settings, or nekocode.dev@gmail.com.
  • Complaints: If you are in the Philippines, you may contact the National Privacy Commission if you believe your data privacy rights were violated.

Children and Minors

  • 18+ Only: FrendLyst is for users 18 and older. The app is not directed to children or minors.
  • Age Gate: We use an age gate and may store a date of birth or age confirmation to enforce eligibility.
  • Minor Accounts: If we learn that a user is under 18, we may delete or restrict the account and related data.
  • Report Minors: If you believe a minor is using FrendLyst, contact nekocode.dev@gmail.com or use in-app reporting.

International Processing

  • Cross-Border Services: Although FrendLyst is operated from the Philippines, service providers may process data in the Philippines, United States, Singapore, European Union, or other countries where they operate infrastructure.
  • Comparable Protection: We use contractual, technical, and operational safeguards designed to protect data handled by service providers.
  • Different Laws: Privacy protections may differ by country, but we aim to apply this policy and applicable privacy law to our processing.

Local Storage and Tracking

  • Local Storage: The app may use local storage, secure storage, cache, preferences, and similar technologies for login persistence, age-gate state, app settings, query caching, device preview, cooldowns, and performance.
  • Cookies: Web surfaces may use cookies or browser storage for authentication, security, preferences, analytics, and support.
  • Ads: Google AdMob and related services may use identifiers and consent signals to serve, measure, and verify ads where enabled.
  • Controls: You can manage device permissions, ad privacy choices where available, browser storage, notification settings, and app permissions through the app, device, store, or browser settings.

Changes to This Policy

  • Updates: We may update this Privacy Policy when the app, data practices, providers, laws, store rules, or safety needs change.
  • Notice: We will try to provide reasonable in-app or email notice for material changes where practical.
  • Continued Use: Continuing to use FrendLyst after an updated policy takes effect means you acknowledge the updated policy.
  • Review: Please review this policy regularly, especially before using new features or making purchases.

Questions About Privacy?

For privacy requests, account data questions, or concerns about how your data is handled, contact the FrendLyst privacy owner.

  • Privacy: nekocode.dev@gmail.com
  • Account deletion: Settings - Delete Account