מדיניות פרטיות

Privacy Policy

Last updated: March 29, 2026

Version: 7.0

1. Information We Collect

We collect information you provide directly to us, such as when you create a profile, participate in events, or contact us for support. This may include:

• Name and contact information
• Profile information and photos
• Event participation data
• Communication preferences
• Age and gender identity (for matching purposes)
• Interests and preferences

OAuth Authentication

Account Creation: Hooked uses OAuth authentication via Google Sign-In, Apple Sign-In, or Facebook Login. When you sign in, we collect your email address from your chosen authentication provider.

Persistent User Accounts: Your user account persists across events and includes your email address, display name (which you can customize), and lifetime analytics. While your account is persistent, event-specific profiles (photos, bio, matches, messages) are automatically deleted 24-48 hours after each event expires.

Single Event Rule: You can only participate in one event at a time. To join a new event, you must leave your current event first.

Account Deletion: You can delete your entire account (including all user data and analytics) through Settings → Delete Account or by contacting us at contact@hooked-app.com.

User Analytics

Lifetime Statistics: We maintain lifetime analytics for your user account to improve platform efficiency and provide better admin dashboard functionality. These analytics include:

• Events Joined: List of event IDs you've participated in
• Total Events Count: Number of events you've joined
• Total Matches Count: Lifetime number of matches
• Total Messages Sent: Lifetime message count
• Total Likes Given: Lifetime likes count

Purpose: These analytics help us understand user engagement, improve our matching algorithms, and provide efficient user management in our admin dashboard (reducing database queries by 75%).

Retention: User analytics persist with your account until you delete your account. They are not deleted when event profiles are removed.

Privacy: Analytics are stored as numerical counts only. Individual match details, message content, and profile information are still deleted 24-48 hours after each event expires.

Biometric Data Processing

Facial Recognition Data: We perform temporary facial analysis for profile photo validation purposes only. AWS Rekognition processes facial features to detect face presence and count, but this facial data is not stored or retained after validation completes.

BIPA Disclosure (Illinois Residents): In compliance with the Illinois Biometric Information Privacy Act (BIPA), we provide the following notice:

• Purpose: Facial analysis is performed solely for profile photo validation — detecting face presence, face count, and content moderation (inappropriate content detection)
• Processing Method: Photos are sent to AWS Rekognition for real-time analysis. AWS returns only pass/fail results and rejection reasons. No biometric identifiers, facial geometry, or faceprints are stored by Hooked or retained by AWS after processing
• Retention: No biometric data is stored. Processing is transient — analysis occurs in real-time and only the validation result (approved/rejected + reason) is retained
• Deletion: Since no biometric identifiers are stored, there is no retention period or deletion schedule for biometric data. Validation results (pass/fail) are not biometric data
• No Sharing: Biometric data is not sold, leased, traded, or otherwise disclosed to third parties, except to AWS Rekognition as our data processor for the sole purpose of photo validation

Consent: By uploading a profile photo to Hooked, you consent to the use of automated facial analysis technology for the limited purpose of photo validation. You may withdraw consent by not uploading photos, though this will limit your ability to create an event profile. No biometric identifiers or templates are collected or stored.

Special Category Data (Dating Preferences)

Under GDPR Article 9, data revealing sexual orientation may constitute "special category" personal data requiring additional protections. When you indicate gender preferences for matching (e.g., interested in men, women, or everyone), this may implicitly reveal information about your sexual orientation.

• Legal Basis: We process this data based on your explicit consent (GDPR Article 9(2)(a)), which you provide when creating your event profile and selecting matching preferences
• Purpose: Gender preferences are used solely for matching — to show you profiles of people who match your stated preferences and who have stated a preference that includes your gender
• Modification: You can modify your preferences at any time during the event through your profile settings
• Retention: Preference data is stored only on your event profile and is automatically deleted with all event data within 24-48 hours after the event expires
• No Inference: We do not use your matching preferences to infer, classify, or label your sexual orientation for any purpose beyond matching. We do not share preference data with event organizers, other users, or third parties

Device Permissions

We request the following device permissions to provide our services:

• Camera: For taking profile photos
• Photo Library: For selecting existing photos from your device
• Push Notifications: For receiving match and message notifications
• Network Access: For app functionality
• Microphone (Optional): For voice-to-text bio dictation. Audio is processed by your device's built-in speech recognition service (Apple Speech Framework on iOS, Google Speech Services on Android). Audio may be sent to Apple or Google servers depending on your device settings. This is handled by your device's operating system, not by Hooked directly

You can revoke these permissions at any time through your device settings. Some features may not work without required permissions.

Newsletter Subscriptions

If you subscribe to our newsletter via the website footer, we collect your email address. You can unsubscribe at any time via the link in each newsletter email. Unsubscribing marks your subscription as inactive; your email is retained for unsubscribe compliance purposes.

Contact Form Data

If you submit our contact form, we collect: full name, email address, phone number (optional), message, referral source, and SMS consent preference. This data is stored for business development purposes and protected by reCAPTCHA (see Third-Party Services section).

Event Invitation Messaging (SMS & WhatsApp)

Event organizers may use the Hooked platform to send one-time event invitations to their guests via SMS, WhatsApp, or email. When an organizer uploads a guest contact list and sends invitations:

• Data Collected: Guest name (optional), phone number, and/or email address as provided by the event organizer
• Purpose: To deliver a single event invitation message on behalf of the organizer
• Consent: Organizers must confirm they have obtained permission from each recipient before sending. See our SMS Terms of Service for full details
• Retention: Contact data is retained only for the duration of the event and deleted during standard event cleanup (24-48 hours after event expiration)
• Opt-Out: SMS recipients can reply STOP at any time to opt out of future messages

Mobile Information Sharing: Mobile phone numbers and information collected for event invitations will not be shared with third parties for marketing or promotional purposes. SMS/text messaging opt-in data and consent will not be shared with any third parties.

Bug Reports

If you submit a bug report through the app, we collect: device model, operating system, app version, screen name, bug description, and steps to reproduce. Bug reports are linked to your user ID for follow-up purposes.

Email Communication Preferences (Event Organizers)

Default Email Setting: When you create an event organizer account, your email preferences are set to receive all communications by default. This includes:

• Event updates and important notifications
• Event summaries and analytics
• Product updates and new features
• Promotional content and marketing emails

Managing Your Preferences: You can change your email preferences at any time through Settings in your organizer dashboard. Options include: receiving all emails, event-related emails only, or no promotional emails.

Payment and Billing Data (Event Organizers)

When event organizers purchase event tiers or upgrade capacity, we collect and process billing-related data:

• Billing Orders: We store transaction records including amount, currency (USD or ILS), payment status, and order type (event creation, tier upgrade, or auto-upgrade)
• Payment Method Metadata: Credit/debit card details (card number, CVV, expiry) are collected and processed directly by our payment processor (Stripe) and are NOT stored in our database. We only store a tokenized reference to the payment method
• Saved Payment Methods: If you opt in to automatic tier upgrades, a tokenized reference to your payment method is stored on your organizer account to enable future automatic charges. You can remove saved payment methods at any time
• Discount Codes: If you use a promotional discount code, we record the code used and discount amount for billing accuracy
• Receipts: Digital receipt URLs are stored for your billing history
• Refund Records: If you request a refund, we store the refund request, eligibility calculation, amount, and processing status
• Dispute Records: In the event of a payment dispute or chargeback, we store dispute details including amount, reason, status, and resolution for compliance purposes

Payment Processor: All payments are processed exclusively by Stripe, Inc., regardless of event country or currency (USD, ILS, EUR, GBP). Stripe handles all credit/debit card payments, Apple Pay, Google Pay, refunds, and saved payment methods. For events held in Israel, we additionally use Green Invoice solely to generate Israeli tax-compliant documents (tax receipts and credit notes) — Green Invoice does not process payments or store card details. See the Third-Party Services section for details on each service's privacy practices.

Location Data and GPS Verification

Location Services: We may request access to your device's location to provide location-based features:

• Venue Discovery: If you grant location permission, your approximate location is used to show nearby venues on the discovery map. Location data is processed locally on your device and is not stored in our database
• Country Detection: We use reverse geocoding to detect your country for timezone and display purposes. Country information is cached locally on your device for up to 24 hours
• Event GPS Verification: Some events may require location verification to confirm you are physically present at the event venue. When enabled by the event organizer, the app may periodically check your location against the event venue to verify attendance. For events with continuous GPS verification, your GPS coordinates are transmitted to our servers and temporarily stored on your event profile for attendance verification. This location data is deleted along with your event profile within 24-48 hours after the event expires. You will be informed when an event requires GPS verification before joining

Your Control: Location permissions are optional and can be revoked at any time through your device settings. Some events that require GPS verification may not be joinable without location permission.

2. How We Use Your Information

We use the information we collect to:

• Provide and maintain our services
• Facilitate connections at events
• Send you important updates and notifications
• Improve our platform and user experience
• Ensure the security of our services
• Provide customer support
• Comply with legal obligations
• Enforce our single-event participation policy (users can only participate in one event at a time)
• Validate profile photos for safety and community standards
• Process payments and billing for event organizers
• Verify physical attendance at GPS-enforced events

2.1 Content Moderation

We use automated systems and manual review to:

• Monitor profile photos for compliance with community standards
• Detect inappropriate, explicit, or harmful content
• Ensure user safety and platform integrity
• Remove content that violates our Terms of Service

Users can report violations, and we investigate all reports within 24-48 hours.

2.2 Admin Access and Moderation

Platform Administration: Authorized administrators (moderators and super admins) may access your data for:

• Investigating reports of harassment, abuse, or Terms of Service violations
• Providing customer support and resolving account issues
• Ensuring platform safety and community standards
• Compliance with legal obligations (subpoenas, court orders)

Access Controls:

• All admin access requires justification and is logged in our audit system
• Email and phone numbers are masked by default
• Admins must provide a reason (Investigation, User Support, Legal, or Other) before viewing personally identifiable information (PII)
• PII access is logged with: admin ID, timestamp, justification reason, and notes
• Super admins can view audit logs of all admin actions

Admin Roles:

• Viewers: Can view user profiles but cannot take moderation actions
• Moderators: Can view profiles, access messages with justification, and take moderation actions (kick, suspend, ban)
• Super Admins: Full access including audit logs, GDPR data exports, and all moderation tools

Data Export and Evidence Packs:

• Moderators can generate evidence packs (profile + messages + reports) for investigations
• Super admins can export complete user data for GDPR compliance requests
• All exports and evidence pack generations are logged in our audit system

Your Rights:

• You can request a copy of your audit log to see who accessed your data
• You can contest admin decisions through our appeal process (contact@hooked-app.com)
• Admin access is limited to legitimate business purposes only

3. Data Retention and Deletion

Event Data

User Profiles: All user profiles, photos, and personal information are automatically deleted within 24-48 hours after the event expires. Our automated cleanup system runs at regular intervals to remove expired event data.

Chat Messages: All chat messages and conversations are permanently deleted within 24-48 hours after the event expires.

Match Data: Like/match information is deleted within 24-48 hours after the event expires.

Technical Deletion Process: Our primary cleanup system removes event data within 24-48 hours after expiration. Additionally, we maintain a Time-To-Live (TTL) backup mechanism that automatically removes any remaining data within 72 hours as a failsafe measure.

Leave Event Data Retention

When You Leave an Event Early: If you choose to leave an event before it expires (via Settings → Leave Event), your profile becomes hidden from other users immediately, but your data is preserved until the event expires.

Data Preserved: Your matches, messages, and profile information remain stored (but hidden) until the event expires. If you rejoin the same event, your matches and conversations can be restored.

Automatic Deletion: All event data (profiles, matches, messages) is permanently deleted within 24-48 hours after the event expires, regardless of whether you left early or stayed until the end.

Joining New Events: You can join a different event immediately after leaving, even though your old event data is still stored. Your old profile remains hidden and will be deleted when that event expires.

User Account Data Retention

Distinction Between User Accounts and Event Profiles: It's important to understand the difference between your user account and your event-specific profiles:

• User Account (Persistent): Your user account includes your email address, authentication provider (Google/Apple/Facebook), display name, and lifetime analytics. This account persists across events and is NOT automatically deleted.
• Event Profiles (Temporary): Each time you join an event, you create an event-specific profile with photos, bio, matches, and messages. These event profiles are automatically deleted 24-48 hours after the event expires.

User Account Retention Period: Your user account (email, provider, display name, lifetime analytics) persists indefinitely until you manually delete your account. You can delete your account at any time through:

• App Settings → Delete Account
• Email request to contact@hooked-app.com
• GDPR/CCPA data deletion request

What is Deleted with Your User Account: When you delete your user account, we permanently delete:

• Email address and authentication provider
• Display name and preferences
• Lifetime analytics (events joined, total matches count, etc.)
• Any active event profiles
• Audit logs of admin access to your data (retained only as legally required)

Account Deletion Timeline: Account deletion requests are processed within 30 days (GDPR) or 45 days (CCPA). Audit logs may be retained for up to 2 years as required by GDPR Article 30 (Records of Processing Activities) even after account deletion.

Analytics Preservation

Anonymous Event Snapshots: Before deleting event data, we create anonymous statistical snapshots for business analytics purposes. These snapshots contain only aggregated counts and statistics (e.g., total number of users, total likes, total messages, total matches) without any personally identifiable information (PII).

What is Preserved: Only numerical counts and event metadata (event name, date, location) are preserved. No user names, photos, messages, profile information, or any data that could identify individual users is included in these snapshots.

K-Anonymity Protection: We enforce k-anonymity requirements to ensure snapshots cannot be used to identify individuals. Events with very small participant counts may not have snapshots created to protect user privacy.

Purpose: These anonymous snapshots help us understand platform usage, improve our services, and provide event organizers with high-level analytics about event success.

Backup and Recovery Data

Backup Retention: Any backup copies of event data are retained for a maximum of 7 days for disaster recovery purposes, after which they are permanently deleted.

System Logs: Technical logs and system data are retained for up to 30 days for security and debugging purposes.

Audit Logs: Admin action logs (moderation actions, PII access requests, evidence pack generation) are retained for 2 years minimum for compliance with GDPR Article 30 (Records of Processing Activities) and regulatory requirements.

Analytics and Usage Data

Aggregated Analytics: Anonymous, aggregated usage statistics are retained for up to 2 years to improve our services. This data cannot be used to identify individual users.

Performance Metrics: App performance and error data are retained for up to 90 days for service improvement.

Admin and Business Data

Event Information: Event details, locations, and administrative information are retained for up to 3 years for business records and legal compliance.

Client Information: Business client contact information and event history are retained for up to 5 years for business relationship management.

Admin Accounts: Administrator account information is retained until the account is deleted or the administrator requests deletion.

Survey and Event Feedback Data

Post-Event Surveys: If you complete a post-event survey, your responses (ratings, improvement suggestions, NPS scores) persist after event cleanup for service improvement purposes.

On Account Deletion: Survey data is anonymized (your user ID is replaced with "deleted_user") rather than fully deleted, to preserve aggregate feedback quality.

Terms Acceptance Records

Records of your acceptance of our Terms of Service and Privacy Policy (including timestamp, version accepted, IP address, and browser user agent) are retained for legal compliance purposes, even after account deletion.

Moderation Records

If you are removed from an event (kicked, suspended, or banned), the record of this action is retained for platform safety and abuse prevention purposes. These records persist even after account deletion to prevent repeat abuse.

Evidence Packs

Evidence packs generated by administrators during investigations (containing profile data, messages, and reports) are stored in our secure cloud storage. These are not automatically deleted when you delete your account but may be removed upon request, subject to legal retention requirements.

Billing and Payment Data

Billing Orders: Payment transaction records (amount, currency, status, receipt URLs) are retained for up to 7 years as required by financial record-keeping regulations.

Refund Records: Refund requests and processing records are retained alongside the associated billing order for the same period.

Dispute Records: Payment dispute and chargeback records are retained for up to 7 years for compliance with financial regulations and dispute resolution.

Saved Payment Methods: Tokenized payment method references are retained until the organizer removes them or deletes their account. Actual card details are stored by Stripe according to their retention policy.

Legal Compliance and Data Retention

Legal Requirements: We may retain certain data for longer periods when required by law, regulation, or legal proceedings.

GDPR Compliance: Under GDPR, you have the right to request deletion of your personal data. We will process deletion requests within 30 days.

CCPA Compliance: California residents have the right to know what personal information is collected and request deletion. We will respond to CCPA requests within 45 days.

Data Subject Rights: You may request information about your data, request corrections, or request deletion by contacting us at contact@hooked-app.com.

4. Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties except:

• With your explicit consent
• To comply with legal obligations
• To protect our rights and safety
• With service providers who assist in our operations (see Third-Party Services section)
• With event organizers as described below (Attendee Data Sharing)

Attendee Data Sharing with Event Organizers

When you join a paid event (Basic, Pro, or Enterprise tier), the following limited data is shared with the event organizer for event management purposes:

• First Name: Your first name as displayed on your event profile
• Contact Information: Your primary contact information associated with your Hooked account — this is your email address (if you signed in via Google, Apple, or Facebook OAuth) or your phone number (if you signed in via Phone Authentication on iOS). Organizers receive whichever contact method you used to create your account
• Join Timestamp: The date and time you joined the event
• Active Status: Whether you are currently active in the event or have left

What is NOT shared with organizers:

• Profile photos, bio, or interests
• Matches, likes, or skip history
• Messages or chat content
• Gender preferences or matching settings
• Location data or GPS coordinates
• Any Business Mode profile data

Free Events: Organizers of free-tier events do not receive attendee email addresses or personal data. They may only view aggregate attendance counts.

Organizer Obligations: Event organizers who receive attendee data are contractually bound by our Terms of Service (Section 11) to use this data solely for event management purposes, not for marketing without your separate consent, and not to sell, share, or transfer your data to third parties. Violations may result in termination of the organizer's account.

Consent: By agreeing to these Terms and joining a paid event, you consent to sharing the limited attendee data described above with the event organizer. This consent is part of the service — Hooked functions as an event-based platform where organizers need basic attendance information to manage their events.

Retention: Organizers may access attendee data only while the event is active and for up to 48 hours after the event expires. After that, attendee data is deleted from the Hooked platform during standard event cleanup. Hooked is not responsible for any copies of attendee data that the organizer may have exported or retained outside the platform.

SMS/Text Messaging Data: All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Organizer-Uploaded Guest Data (Data Controller/Processor Relationship)

When event organizers upload guest contact lists (phone numbers, email addresses) for SMS, WhatsApp, or email invitations:

• Data Controller: The event organizer acts as the data controller for guest contact data. The organizer determines the purposes and means of processing (i.e., sending event invitations to their guests)
• Data Processor: Hooked acts as the data processor, processing guest contact data solely on the organizer's instructions and for the purpose of delivering event invitations on the organizer's behalf
• Limited Use: Hooked does not use organizer-uploaded guest data for any purpose other than delivering invitations as instructed by the organizer. We do not add recipients to marketing lists, build profiles, or share this data with third parties (except Twilio for message delivery)
• Retention: Guest contact data is retained only for the duration of the event and deleted during standard event cleanup (24-48 hours after event expiration)
• Organizer Responsibility: Event organizers are solely responsible for ensuring they have obtained proper consent from each recipient before uploading contact information. See our Terms of Service Section 11 for full organizer obligations

5. Data Security

We implement appropriate security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes:

• SSL/TLS encryption for all data transmission
• Encryption of data at rest
• Regular security audits and assessments
• Access controls and authentication measures
• Secure data centers and infrastructure

6. Your Rights

You have the right to:

• Access your personal information
• Correct inaccurate information
• Request deletion of your data
• Opt out of certain communications
• Lodge a complaint with supervisory authorities
• Data portability (receive your data in a structured format)
• Object to processing of your data
• Contest automated decisions and request human review

6.1 Automated Decision-Making

We use automated decision-making technology powered by AWS Rekognition to analyze profile photos for content moderation purposes. This includes:

• Face Detection: AI determines whether a photo contains exactly one clearly visible face
• Content Moderation: AI analyzes photos for inappropriate content including explicit material, violence, hate symbols, and drugs
• Rejection Reasons: Photos may be automatically rejected for no face detected, multiple faces, low quality, or inappropriate content

Your Rights: You have the right to contest automated photo rejections and request human review. These automated decisions do not produce legal or similarly significant effects. You may resubmit photos or contact support at contact@hooked-app.com to appeal a decision.

7. Cookies and Tracking

We use cookies and similar technologies to improve your experience, analyze usage, and provide personalized content. You can control cookie settings through your browser.

8. Third-Party Services and Data Processors

Our app uses the following third-party services to provide our functionality. Each service has its own privacy policy and data handling practices:

AWS Rekognition (Amazon Web Services)

We use AWS Rekognition for automated photo validation and content moderation:

• Face Detection: Analyzing photos to detect and count faces
• Content Moderation: Detecting inappropriate content (explicit material, violence, hate symbols, drugs)
• Real-Time Processing: Photos analyzed in real-time and not stored by AWS
• Data Transmission: Photos temporarily sent to AWS servers for analysis only

AWS privacy policy can be found at: https://aws.amazon.com/privacy/

Firebase (Google LLC)

We use Firebase services for:

• Firebase Authentication: Processing OAuth tokens and managing user sessions
• Firestore Database: Storage of event data, user profiles, and messages
• Cloud Storage: Storage of user profile photos
• Cloud Functions: Backend processing and automation
• Firebase Crashlytics: Collecting crash reports including device model, OS version, app version, stack traces, and user ID for debugging purposes
• Firebase Performance Monitoring: Collecting app startup times, HTTP request durations, and custom performance traces
• Firebase Analytics: Logging app usage events (screen views, profile interactions, match events, message events) for service improvement

Firebase's privacy policy can be found at: https://firebase.google.com/support/privacy

Google Analytics 4 (Google LLC)

We use Google Analytics for website analytics:

• Page Analytics: Tracking page views and user engagement
• Event Tracking: Monitoring user interactions and conversions
• User Behavior: Understanding how users navigate our website
• IP Anonymization: IP addresses are anonymized for privacy protection

Google's privacy policy can be found at: https://policies.google.com/privacy

Sentry (Functional Software, Inc.)

We use Sentry for:

• Error Monitoring: Tracking and fixing app crashes and errors
• Performance Monitoring: Monitoring app performance and user experience
• Session Replay: When an app error occurs, a screen recording of the error session may be captured and sent to Sentry for debugging. Session replay is only triggered on errors, not during normal app usage
• Data Included with Error Reports: Error reports may include your IP address, device information, and app state at the time of the error

Sentry's privacy policy can be found at: https://sentry.io/privacy/

OneSignal (OneSignal, Inc.)

We use OneSignal for push notifications:

• Push Notifications: Sending match and message alerts to your device
• Device Tokens: OneSignal manages device tokens automatically
• Multi-Device Support: Notifications delivered to all your logged-in devices
• Data Transmission: User ID and notification content sent to OneSignal servers

OneSignal's privacy policy: https://onesignal.com/privacy_policy

Development Environment: App ID 5d2b0d34-1602-4edc-890c-82b243b1f9a0
Production Environment: App ID a1c6aaa8-916d-4950-b1ae-25c147f54015

Expo (Expo, Inc.)

We use Expo services for:

• App Development: Cross-platform app development framework
• Image Picker: Camera and photo library access
• Over-the-Air Updates: The app checks Expo's EAS Update servers for code updates. Device information, app version, and runtime version are sent to Expo's servers during update checks

Expo's privacy policy can be found at: https://expo.dev/privacy

Google Places API (Google LLC)

We use Google Places API for city autocomplete on our EventForm page:

• City Selection: Autocomplete suggestions when event organizers enter city names
• Data Transmission: City search queries sent to Google servers
• No Personal Data: Only city names are processed; no user identification data is sent

Google's privacy policy can be found at: https://policies.google.com/privacy

Stripe (Stripe, Inc.)

We use Stripe as our exclusive payment processor for all transactions globally, regardless of event country or currency:

• Payment Processing: Processing all credit/debit card payments, Apple Pay, and Google Pay for event creation and tier upgrades
• Multi-Currency Support: USD, ILS, EUR, and GBP
• Tax Calculation: Stripe Tax for automatic tax computation where applicable
• Card Storage: Securely storing payment method tokens for automatic tier upgrades (if opted in by the organizer)
• Refund Processing: Handling all refund transactions to original payment methods
• Data Collected by Stripe: Card details, billing address, IP address, and device information are collected directly by Stripe and subject to their privacy policy

Stripe's privacy policy can be found at: https://stripe.com/privacy

Green Invoice (Greeninvoice Ltd.)

We use Green Invoice solely for generating Israeli tax-compliant documents for events held in Israel. Green Invoice does NOT process payments or store card details:

• Tax Receipt Generation: Creating Type 320 tax receipts for Israeli event payments (triggered automatically after Stripe processes the payment)
• Credit Note Generation: Creating Type 330 credit notes for refunds on Israeli events
• Data Transmitted to Green Invoice: Transaction details only (amount, currency, description, and event information) — no card numbers, CVVs, or payment method details are sent to Green Invoice
• No Payment Processing: All payments are processed by Stripe. Green Invoice receives only the information needed to generate tax-compliant documents

Green Invoice's privacy policy can be found at: https://www.greeninvoice.co.il/privacy-policy

Mapbox (Mapbox, Inc.)

We use Mapbox for the venue discovery map feature:

• Map Rendering: Displaying interactive maps showing venues and events near you
• Location Processing: If location permission is granted, your approximate position is sent to Mapbox for map centering
• Venue Display: Rendering venue locations and event markers on the map

Mapbox's privacy policy can be found at: https://www.mapbox.com/legal/privacy

SendGrid (Twilio Inc.)

We use SendGrid for transactional email delivery:

• Organizer Notifications: Sending event creation confirmations, payment receipts, and upgrade notifications
• Refund Notifications: Communicating refund approvals and processing updates
• Account Alerts: Delivering important account-related communications
• Data Transmitted: Recipient email address, email content, and delivery metadata

Twilio's privacy policy can be found at: https://www.twilio.com/en-us/legal/privacy

Twilio SMS & WhatsApp (Twilio Inc.)

We use Twilio for delivering event invitation messages via SMS and WhatsApp on behalf of event organizers:

• SMS Invitations: One-time event invitation messages sent to guest phone numbers provided by event organizers
• WhatsApp Invitations: Event invitation messages delivered via WhatsApp using pre-approved message templates
• Data Transmitted: Recipient phone number, message content (event name, access code, app link), and delivery status
• Opt-Out Management: Twilio manages STOP/HELP keyword responses automatically
• Data Retention: Message logs are retained by Twilio per their data retention policies

See our SMS Terms of Service for complete details on messaging consent and opt-out. Twilio's privacy policy: https://www.twilio.com/en-us/legal/privacy

Google reCAPTCHA (Google LLC)

We use Google reCAPTCHA v2 and v3 on our website forms (contact form, partner inquiry, organizer application) to protect against automated abuse and spam:

• Bot Detection: reCAPTCHA analyzes user behavior patterns and browser signals to distinguish humans from bots
• Data Processed: Browser fingerprint data, interaction patterns, cookies, and IP address are processed by Google
• No Personal Form Data: Your form content (name, email, message) is not sent to reCAPTCHA — only behavioral signals

Google's privacy policy: https://policies.google.com/privacy. reCAPTCHA terms: https://policies.google.com/terms

Vercel (Vercel Inc.)

We use Vercel to host our website (hooked-app.com):

• Website Hosting: All website requests are processed through Vercel's infrastructure, including IP addresses and request metadata
• IP Geolocation: We use Vercel's IP geolocation to detect your country for locale and language preferences

Vercel's privacy policy can be found at: https://vercel.com/legal/privacy-policy

Firebase App Check (Google LLC)

We use Firebase App Check to verify that requests to our services come from our genuine app:

• iOS: Uses Apple's App Attest to verify device integrity
• Android: Uses Google Play Integrity API to verify device integrity
• No Personal Data: Device attestation tokens are sent to Apple or Google respectively, but no personal data is included — only device integrity verification

TinyURL (TinyURL, LLC)

Event organizers can generate shortened URLs for sharing event promotion links. The full event promotion URL is sent to TinyURL for shortening. No personal user data is included in the URLs.

TinyURL's privacy policy can be found at: https://tinyurl.com/app/privacy

Google Gmail SMTP (Google LLC)

We use Gmail's SMTP service as a secondary email delivery channel for bug reports, user reports, and venue suggestions submitted through the app. Data transmitted includes sender/recipient email addresses and email content.

Google's privacy policy can be found at: https://policies.google.com/privacy

OAuth Authentication Providers

Hooked uses OAuth authentication via third-party providers. When you sign in, we receive your email address from your chosen provider:

• Google Sign-In (Google LLC): OAuth authentication and email collection. Privacy policy: https://policies.google.com/privacy
• Apple Sign-In (Apple Inc.): OAuth authentication and email collection. Privacy policy: https://www.apple.com/legal/privacy/
• Facebook Login (Meta Platforms, Inc.): OAuth authentication and email collection. Privacy policy: https://www.facebook.com/privacy/policy/

Data Collected: We only collect your email address from these providers. We do not access your contacts, friends lists, or other social media data.

Account Linking: Your Hooked account is linked to your chosen OAuth provider. You can delete your Hooked account at any time, which does not affect your provider account.

Data Processing Agreements

We have data processing agreements with these third-party services to ensure they handle your data in compliance with applicable privacy laws and our privacy standards.

Third-Party Websites

Our platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

9. Children's Privacy

Our services are not intended for children under 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. Specifically:

• Between Hooked Entities: Data may be transferred between Hooked Interactive Ltd (Israel) and Hooked Social Inc (United States) for service provision
• Third-Party Processors: Our service providers process data in various jurisdictions — AWS (US regions), Firebase/Google Cloud (US regions), Stripe (US), OneSignal (US), Sentry (US), and others as disclosed in Section 8

Transfer Mechanisms

• Israel Adequacy: The European Commission has recognized Israel as providing an adequate level of data protection (Adequacy Decision 2011/61/EU), enabling data transfers between the EU/EEA and Israel without additional safeguards
• EU-US Data Privacy Framework: For transfers to US-based processors that are certified under the EU-US Data Privacy Framework, we rely on their certification as a valid transfer mechanism
• Standard Contractual Clauses (SCCs): Where transfers are made to countries without an adequacy decision and the processor is not DPF-certified, we rely on EU Commission-approved Standard Contractual Clauses
• Supplementary Measures: Where required by applicable law, we implement additional technical and organizational safeguards (encryption in transit and at rest, access controls, data minimization)

10.1 Israel Privacy Protection Law

Compliance: As an Israeli-incorporated company (Hooked Interactive Ltd), Hooked complies with the Israeli Privacy Protection Law, 5741-1981, including Amendment 13 (effective August 2025), which strengthens protections for biometric data, health data, and data concerning minors.

• Registered Database: We maintain a registered database with the Israeli Privacy Protection Authority (PPA) as required by law
• Israeli Resident Rights: Israeli residents have the right to access their personal data, request correction of inaccurate data, request deletion, object to processing, and withdraw consent
• Data Protection Contact: For Israeli privacy inquiries, contact us at contact@hooked-app.com
• Complaints: Israeli residents may file complaints with the Israeli Privacy Protection Authority (PPA) at https://www.gov.il/en/departments/the_privacy_protection_authority

10.2 Data Breach Notification

In the event of a personal data breach that affects your data, Hooked will:

• Supervisory Authority: Notify the relevant supervisory authority within 72 hours of becoming aware of the breach (GDPR Article 33), unless the breach is unlikely to result in a risk to your rights and freedoms
• Affected Users: Notify affected users without undue delay if the breach is likely to result in a high risk to their rights and freedoms (GDPR Article 34)
• Documentation: Document the nature of the breach, categories of data affected, approximate number of data subjects, likely consequences, and measures taken to address the breach
• Israeli Residents: Notify the Israeli PPA as required under Israeli privacy regulations
• California Residents: Provide notification in accordance with California Civil Code Section 1798.82

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us at:

13. Administrator Accountability and Transparency

We maintain a comprehensive audit system to ensure accountability for all administrative actions involving your personal data.

Audit Trail

Every administrative action is logged with the following information:

• Admin Identity: Email and role of the admin who performed the action
• Action Type: Type of action (view PII, access messages, kick, suspend, ban, export data)
• Timestamp: Exact date and time of the action
• User Affected: The user whose data was accessed or affected
• Justification: Required reason code (Investigation, User Support, Legal, Other)
• Notes: Detailed explanation provided by the admin

Data Access Logging

When an admin accesses your personally identifiable information (PII), we log:

• Email Access: Viewing your email address (normally masked)
• Phone Access: Viewing your phone number (normally masked)
• Message Access: Viewing your private conversations
• Evidence Pack Generation: Exporting your profile, messages, and reports
• GDPR Export: Exporting your complete data for compliance requests

Your Audit Rights

You have the right to:

• Request Your Audit Log: See who accessed your data, when, and why
• Challenge Access: Contest admin actions you believe were unjustified
• Appeal Decisions: Appeal moderation decisions through contact@hooked-app.com
• File Complaints: Report concerns to data protection authorities

Legal Basis for Admin Access

We process your data for administrative purposes under the following legal bases (GDPR Article 6):

• Legitimate Interest (Article 6(1)(f)): Platform safety, fraud prevention, and community standards enforcement
• Legal Obligation (Article 6(1)(c)): Compliance with court orders, subpoenas, and regulatory requirements
• Contract Performance (Article 6(1)(b)): Providing customer support and resolving account issues

Audit Log Retention

All audit logs are retained for a minimum of 2 years as required by GDPR Article 30 (Records of Processing Activities). This ensures we can demonstrate compliance and provide you with your access history upon request.

14. Privacy Policy Version History