Privacy Policy

Last updated: November 2026

1. Information We Collect

When you sign up and use Spehre we collect:

• Identifiers — name, email, phone number, profile/banner photos.
• Career data — work experience, education, skills, certifications, projects, portfolio links, resume.
• Activity — posts, comments, likes, bookmarks, job applications, profile views you sent and received, connections, sent invitations, chat messages.
• Device data — Firebase Cloud Messaging (FCM) push token, anonymous Firebase auth UID, app session timestamps, device model and OS version.
• Approximate location — only the free-form text you enter (e.g., "Mumbai, Maharashtra"). We do not access GPS, IP geolocation, or precise device location.

We do not collect: Advertising ID, contacts list, SMS, call history, GPS location, microphone or camera input outside of features you explicitly invoke (taking a profile photo or uploading a post).

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our services. Specifically, we use your information to:

• Match you with relevant job opportunities using our recommendation engine.
• Share your profile with recruiters and companies when you apply or opt in to candidate visibility.
• Power realtime features (chat, notifications, presence) over Firebase Realtime Database.
• Send push notifications about likes, replies, connection requests, and job alerts via FCM.
• Communicate with you about new features, job alerts, and platform updates.
• Monitor and analyze aggregate trends to improve the matching engine — never tied to an identifiable user.

3. Third-Party Services We Use

• Firebase (Google) — Realtime Database for chat / notifications / presence pulses, Cloud Messaging for push, anonymous Authentication for RTDB rules. Governed by Firebase's Privacy & Security policies.
• MongoDB Atlas — primary application database hosted in our region (asia-southeast1).

We do not use ad networks, attribution SDKs, or sell personal data. Data is shared only with the third parties above and only as required to deliver the service.

4. Data Security & Retention

All traffic is over HTTPS / TLS. Passwords are stored hashed (bcrypt). Session tokens are kept in the device's secure storage (iOS Keychain / Android Keystore via expo-secure-store). We retain your data for as long as your account is active. You can delete your account at any time — see our Account & Data Deletion page.

5. Your Rights

You can access, edit, export (on request), or delete your data at any time. To request specific data removal or an export, email [email protected]. We respond within 30 days.

6. Children

Spehre is not directed to children under 13 (or 16 in the EEA). We do not knowingly collect data from children. If you believe a child has signed up, contact us and we'll remove the account.

7. Contact

Questions about this policy? Email [email protected].