Privacy Policy

Effective Date: October 10, 2025

Last Updated: October 10, 2025

Your Privacy Matters: This Privacy Policy explains how Sootro collects, uses, shares, and protects your personal information. We are committed to transparency and giving you control over your data.

1. About This Policy
2. Information We Collect
3. How We Use Your Information
4. Legal Basis for Processing (EU Users)
5. Information Sharing and Disclosure
6. Data Retention
7. Your Rights and Choices
8. International Data Transfers
9. Security Measures
10. Children's Privacy
11. State-Specific Privacy Rights
12. Contact Information

1. About This Policy

Sootro is operated by Grande Business Time ("Company," "we," "us," or "our"). This Privacy Policy describes how we collect, use, share, and protect personal information when you use our mobile application, website, and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our practices, please do not use the Service.

2. Information We Collect

2.1 Information You Provide Directly

Category	Examples	Purpose
Account Information	Name, email address, phone number, date of birth	Account creation and verification
Profile Information	Photos, bio, interests, preferences, location	Profile creation and matching
Communication Data	Messages, posts, comments, reports	Service functionality and safety
Identity Verification	Government ID, selfie photos	Age verification and fraud prevention
Payment Information	Credit card details, billing address	Processing premium subscriptions

2.2 Information We Collect Automatically

Category	Examples	Collection Method
Device Information	Device type, OS version, device ID, app version	Automatic collection
Usage Data	App interactions, features used, session duration	Analytics and tracking
Location Data	GPS coordinates, IP address location	Location services (with permission)
Network Information	IP address, browser type, connection type	Server logs
Cookies and Tracking	Session cookies, preference cookies, analytics cookies	Web technologies

2.3 Information from Third Parties

Social Media Platforms: When you connect your social media accounts (Facebook, Google, etc.)
Background Check Services: For safety verification (where permitted)
Data Brokers: Publicly available information for fraud prevention
Analytics Providers: Aggregated usage statistics

3. How We Use Your Information

3.1 Primary Service Functions

Account Management: Creating and maintaining your account
Matching and Discovery: Connecting you with compatible users
Communication: Enabling messaging and social features
Personalization: Customizing your experience and recommendations
Location Services: Showing nearby users and local events

3.2 Safety and Security

Fraud Prevention: Detecting and preventing fake accounts
Content Moderation: Reviewing user-generated content for violations
Safety Investigations: Investigating reports of harassment or abuse
Age Verification: Ensuring users meet minimum age requirements
Compliance: Meeting legal obligations and court orders

3.3 Business Operations

Customer Support: Responding to inquiries and resolving issues
Service Improvement: Analyzing usage patterns to enhance features
Research and Development: Developing new features and services
Marketing: Sending promotional communications (with consent)
Analytics: Understanding user behavior and preferences

4. Legal Basis for Processing (EU Users)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

Legal Basis	Purpose	Examples
Contract Performance	Providing the Service as agreed	Account creation, matching, messaging
Legitimate Interest	Business operations and improvement	Analytics, fraud prevention, customer support
Consent	Optional features and marketing	Location sharing, promotional emails
Legal Obligation	Compliance with laws	Age verification, safety reporting

5. Information Sharing and Disclosure

5.1 When We Share Your Information

We do not sell your personal information to third parties.

We may share your information in the following circumstances:

5.1.1 With Other Users

Profile information you choose to make visible
Messages and interactions within the app
Activity status and last seen information

5.1.2 With Service Providers

Cloud Storage: Amazon Web Services, Google Cloud
Payment Processing: Stripe, Apple App Store, Google Play
Analytics: Google Analytics, Firebase Analytics
Customer Support: Zendesk, Intercom
Email Services: SendGrid, Mailchimp

5.1.3 For Legal and Safety Reasons

Compliance with legal obligations
Response to valid legal requests
Protection of our rights and property
Prevention of fraud or illegal activity
Emergency situations involving safety

5.1.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.

5.2 Third-Party Integrations

When you connect third-party services (social media, etc.), those services may have access to certain information according to their own privacy policies.

6. Data Retention

6.1 Retention Periods

Data Type	Retention Period	Reason
Account Information	Until account deletion + 30 days	Service provision and legal compliance
Messages	Until deletion by user or account closure	Service functionality
Safety Reports	3 years after resolution	Safety investigations and legal requirements
Payment Data	7 years	Tax and accounting requirements
Usage Analytics	2 years	Service improvement

6.2 Data Deletion

We securely delete or anonymize personal data when it is no longer needed for the purposes it was collected.

7. Your Rights and Choices

7.1 Account Controls

Profile Management: Update or delete profile information
Privacy Settings: Control what information is visible to others
Communication Preferences: Manage notification settings
Location Sharing: Enable or disable location services

7.2 Data Rights (All Users)

Access: Request a copy of your personal data
Correction: Update inaccurate or incomplete information
Deletion: Request deletion of your account and data
Portability: Export your data in a machine-readable format

7.3 Additional Rights (EU/UK Users - GDPR)

Object to Processing: Object to certain uses of your data
Restrict Processing: Limit how we use your data
Withdraw Consent: Withdraw consent for optional processing
Supervisory Authority: File complaints with data protection authorities

7.4 How to Exercise Your Rights

To exercise your rights, contact us at privacy@sootro.com or use the in-app data management tools. We will respond within 30 days (or as required by law).

8. International Data Transfers

Sootro operates globally and your information may be transferred to and processed in countries outside your residence, including the United States.

8.1 Safeguards for EU Users

For EU users, we ensure adequate protection through:

Standard Contractual Clauses (SCCs)
Adequacy decisions by the European Commission
Binding Corporate Rules where applicable

9. Security Measures

9.1 Technical Safeguards

Encryption: Data encrypted in transit and at rest
Access Controls: Role-based access to personal data
Network Security: Firewalls and intrusion detection
Regular Audits: Security assessments and penetration testing

9.2 Organizational Safeguards

Employee Training: Privacy and security awareness programs
Data Minimization: Collecting only necessary information
Incident Response: Procedures for data breach notification
Vendor Management: Due diligence on third-party processors

9.3 Data Breach Notification

In the event of a data breach that may pose a risk to your rights and freedoms, we will notify you and relevant authorities as required by law.

10. Children's Privacy

Age Restriction: Sootro is strictly for users 18 and older. We do not knowingly collect personal information from anyone under 18.

If we become aware that we have collected personal information from someone under 18, we will immediately delete that information and terminate the account.

11. State-Specific Privacy Rights

11.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act:

Right to Know: Request details about personal information collection and use
Right to Delete: Request deletion of personal information
Right to Opt-Out: Opt out of the sale of personal information (we don't sell)
Right to Non-Discrimination: Equal service regardless of privacy choices
Right to Correct: Request correction of inaccurate personal information

11.2 Virginia, Colorado, and Connecticut Residents

Residents of these states have similar rights to access, delete, correct, and opt-out of certain processing activities.

11.3 Exercising State-Specific Rights

To exercise these rights, contact us at privacy@sootro.com or call our privacy hotline at 1-855-PRIVACY.

12. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable laws. We will notify you of material changes through:

Email notification (if you have an account)
In-app notifications
Prominent notice on our website

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

Contact Information

General Privacy Inquiries

Email: privacy@sootro.com
Phone: 1-855-PRIVACY (1-855-774-8229)
Response Time: Within 30 days

Data Protection Officer (EU/UK Users)

Email: dpo@sootro.com
Address: Grande Business Time - DPO
[Address to be updated]

Legal Department

Email: legal@sootro.com
For: Legal requests, subpoenas, court orders

Mailing Address

Grande Business Time
Privacy Team
United States

Quick Links

This Privacy Policy is effective as of October 10, 2025 and was last updated on October 10, 2025.