Zeptum Logo
Back to Home

Privacy Policy

Last Updated: May 28, 2025

Zeptum (“Zeptum,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile applications, websites, and any other services we offer (collectively, the “Service”). This Policy applies to all users of our Service.

Important: Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy and our Terms of Service. If you do not agree, please do not access or use the Service.

1. Information We Collect

We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). The types of personal information we may collect about you include:

1.1. Information You Provide Directly

Account Registration

When you create a Zeptum account, we collect information such as your first name, date of birth, email address, and phone number. You may also be required to provide a profile photo.

Profile Information

You may choose to provide additional information for your profile, such as gender, a biography (up to 150 characters), and additional photos (up to 6).

User Content

We collect the content you create and share on the Service, such as Momentum posts (photos, videos, status updates), messages exchanged with other users, and any other information you voluntarily provide. This includes both publicly visible content during its active period and privately retained content after expiration.

Verification Information

  • Phone Verification: We collect your phone number for verification purposes.
  • Face Verification (Optional): If you choose to use our optional face verification feature, we will collect facial geometry data to help verify your identity. We will obtain your explicit consent before collecting this information.
  • Venue Check-In Information: When you use the Checkpoint system to verify your presence at a venue (e.g., by scanning a QR code or tapping an NFC tag), we collect information confirming your check-in, the venue, and the time of verification.

Additional Information

  • Communications with Us: When you contact us for support, provide feedback, or otherwise communicate with us, we collect the information you provide in such communications.
  • Transaction Information: If you make any purchases through the Service (e.g., subscriptions, Rose bundles), we and/or our third-party payment processors will collect information necessary to process your payment, such as the transaction ID and other payment details.
  • Reports and Safety Information: When you report content, users, or safety concerns, we collect the information in your report, including the reason for reporting, any additional details you provide, and metadata about the reported content or user.

1.2. Information Collected Automatically

Location Information

With your permission, we collect precise real-time location information from your mobile device (e.g., using GPS, Wi-Fi, Bluetooth, or cellular triangulation) to provide and improve our location-based features, such as the Heat Map, venue check-ins, and connecting you with users at the same venue. You can disable location services through your device settings, but doing so will limit your ability to use certain features of the Service. Check-ins may be reset if your location cannot be updated or if you move outside a certain radius from the venue.

Usage Information

We automatically collect information about your interactions with the Service, such as the features you use, the content you view (e.g., Momentum posts, profiles), your interactions with other users (e.g., Roses sent/received, matches), gamification data such as points earned, status levels achieved, badges collected, and leaderboard rankings, then engagement analytics data including views, likes, and interaction timestamps for content you create' also pages visited, time spent on the Service, frequency of use, and actions taken.

Device Information

We collect information about the device you use to access the Service, including hardware model, operating system and version, unique device identifiers (e.g., IDFA, Android Advertising ID), IP address, browser type, language, and mobile network information.

Cookies and Similar Technologies

We and our service providers use cookies, web beacons, pixel tags, and other similar technologies to collect information about your Browse activities, to personalize your experience, and to analyze trends. You may be able to control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Service.

1.3. Information from Third Parties

  • Third-Party Sign-In: If you choose to register or log in to Zeptum using a third-party service (e.g., Apple, Google, Instagram), we will receive certain information about you from that third party, such as your name, email address, profile picture, and other information as permitted by your privacy settings on that third-party service and authorized by you.
  • Other Users: We may receive information about you from other users, such as when they interact with you through the Service (e.g., send you a Rose, mention you in a post, or report content).
  • Venues: We may receive information from participating venues related to your check-ins or interactions within those venues, in an aggregated or anonymized form for analytics purposes.
  • Third-Party Content Analysis Services: We use third-party artificial intelligence and machine learning services, including Google's Gemini API and Google Vision API, to automatically analyze User Content for compliance with our community guidelines and to detect potentially harmful, offensive, or inappropriate material. We may also use AWS Rekognition for face verification processes when you opt to use our face verification feature.

2. How We Use Your Information

We use the information we collect for various purposes, including:

2.1. To Provide and Maintain the Service

  • Create and manage your account
  • Authenticate your identity and verify your presence at venues
  • Enable you to create and share User Content, including Momentum posts
  • Facilitate interactions with other users, including through the Rose System and messaging features
  • Display your profile information to other users based on your settings and interactions
  • Provide location-based services, such as the Heat Map and proximity-based connections
  • Calculate and display gamification metrics, including points, status levels, achievement badges, and leaderboard rankings
  • Generate and display analytics and engagement metrics for your content, including views and likes data over time
  • Process your transactions for Paid Services
  • Provide customer support and respond to your inquiries

2.2. To Improve and Personalize the Service

  • Understand how users access and use the Service to improve its functionality, usability, and performance
  • Personalize your experience, such as by suggesting relevant venues, events, or users
  • Develop new features and services
  • Analyze gamification engagement patterns to improve our point system, badges, and leaderboard features
  • Analyze content engagement patterns to improve our analytics features and content recommendation systems
  • Conduct research and analysis to better understand our user base and market trends

2.3. For Safety, Security, and Compliance

  • Monitor and enforce compliance with our Terms of Service, Community Guidelines, and other policies
  • Detect, prevent, and address fraud, unauthorized access, security issues, and other harmful activity
  • Protect the rights, property, or safety of Zeptum, our users, or others
  • Comply with legal obligations, respond to legal requests (e.g., subpoenas, court orders), and protect our legal rights
  • Process and investigate user reports of policy violations, inappropriate content, or harmful behavior
  • Maintain records of reports and enforcement actions for safety and compliance purposes

2.4. To Communicate with You

  • Send you service-related announcements, updates, security alerts, and administrative messages
  • Send you promotional communications about new features, products, offers, promotions, rewards, and events offered by Zeptum and our partners (you can opt-out of these communications as described below)

2.5. For Analytics and Aggregated Data

We may de-identify or aggregate your information and use it for any purpose, including for research, analytics, and to improve the Service. Aggregated or de-identified data is not considered personal information.

2.6. Legal Basis for Processing

For users in the EEA, UK, or Switzerland, our legal basis for processing your personal information includes:

  • Contract performance: To provide the Service and fulfill our Terms of Service
  • Legitimate interests: For analytics, security, fraud prevention, and Service improvement
  • Consent: For optional features like face verification, marketing communications, and location services
  • Legal compliance: To comply with applicable laws and regulations

3. How We Share Your Information

We may share your personal information in the following circumstances:

3.1. With Other Users

  • Your profile information (e.g., full name or initial, age, gender, photos, bio, level, badges, Rose statistics) will be visible to other users following the functionalities of the Service. The extent of information visible may change based on interaction status (e.g., pre-Rose, post-Rose acceptance, post-3 messages)
  • Your User Content, such as Momentum posts, will be shared according to the visibility settings you choose (e.g., public, venue-only)
  • When you like Momentum posts, this may be visible to other users based on the post's visibility settings
  • Information about your interactions (e.g., sending/receiving Roses, matching) may be visible to the relevant users and displayed in aggregate statistics
  • Your presence at a venue (if checked-in) may be indicated to other users at the same venue, or your profile picture thumbnail may be displayed to other users viewing the venue details screen as part of the "recently checked-in users" list
  • Your name initial, age, profile picture preview, and activity metrics will be displayed on city/region-wide leaderboards to all users in your area. Leaderboard participation is mandatory for all users.

3.2. With Venues

We may share aggregated or anonymized data with participating venues regarding activity levels, occupancy, and demographic trends. We will not share your specific personal information with venues without your consent unless required for the provision of a service you requested (e.g., if we implement a drink ordering system as envisioned).

3.3. With Service Providers

We share personal information with third-party vendors, consultants, and other service providers who perform services on our behalf, such as hosting, data storage, analytics, payment processing, customer support, content moderation, face verification services, marketing, and technical infrastructure. These service providers are authorized to use your personal information only as necessary to provide these services to us and are obligated to protect your information.

3.4. For Legal Reasons and Protection

We may disclose your information if we believe it's necessary to:

  • Comply with applicable laws, regulations, legal processes, or governmental requests
  • Enforce our Terms of Service and other agreements, including investigation of potential violations
  • Detect, prevent, or otherwise address fraud, security, or technical issues
  • Protect the rights, property, or safety of Zeptum, our users, a third party, or the public as required or permitted by law

3.5. Business Transfers

In the event of a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your personal information may be sold or transferred as part of such a transaction as permitted by law and/or contract. We will notify you via email and/or a prominent notice on our Service of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

3.6. With Your Consent

We may share your personal information for other purposes with your explicit consent.

3.7. Public Leaderboards

Your leaderboard information (including name initial, age, profile picture preview, and activity metrics) may be displayed publicly to other users within your city/region through our leaderboard features. This information is displayed to encourage healthy competition and community engagement.

4. Data Retention

We retain your personal information for as long as necessary to provide the Service to you, to fulfill the purposes described in this Privacy Policy, to comply with our legal obligations (e.g., to resolve disputes, enforce our agreements), or as otherwise permitted or required by applicable law.

Account Deletion

If you request to delete your account, we will initiate the deletion process. As part of this process, your account will be deactivated immediately. We will then delete your personal information from our active systems within ninety (90) days from the date of your request, unless retention is required for a longer period for legal or regulatory reasons (e.g., to comply with legal obligations, resolve disputes, prevent fraud, or enforce our agreements). We retain enforcement records, including Community Guidelines violations and associated warnings, for the duration of your account and for a reasonable period thereafter to prevent circumvention of our policies. Please note that some information may remain in our backup archives for a limited period, subject to our backup retention policies, before being completely erased or de-identified.

  • Momentum Posts: Momentum posts are designed to be ephemeral and typically expire and are removed from primary visibility after their designated time period (e.g., one hour, or longer for premium users). During the active period, posts are visible to other users based on your selected visibility settings. After expiration, posts are removed from public/shared visibility but remain stored and accessible only to you through your personal profile. Analytics data (views, likes, engagement metrics) are collected during the active period and remain available to you indefinitely through graphical analytics interfaces.
  • Chat Expiry: Chat sessions initiated through the Rose system may expire after a certain period (e.g., one hour after acceptance), after which further interaction may require a new Rose initiation.
  • De-identified Data: We may retain de-identified or aggregated data indefinitely as it is not considered personal information.

5. Your Rights and Choices (Including GDPR)

If you are located in the European Economic Area (EEA), Switzerland, or the United Kingdom (UK), you have certain data protection rights under the General Data Protection Regulation (GDPR) or applicable local laws. Zeptum aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information. Your rights include:

Right of Access

Request access to the personal information we hold about you and receive a copy of it

Right to Rectification

Request correction of inaccurate or incomplete personal information. You can often update your profile information directly within the Service settings

Right to Erasure

Request deletion of your personal information under certain conditions. Upon account deletion request, we will delete your data within 90 days, subject to legal retention needs

Right to Data Portability

Receive your personal information in a machine-readable format and transmit it to another controller

Right to Restrict Processing

Request that we restrict the processing of your personal information under certain circumstances

Right to Object

Object to our processing based on legitimate interests or for direct marketing purposes

Additional Rights

  • Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing
  • Automated Decision-Making: Rights regarding automated processing that produces legal effects
  • Right to Lodge a Complaint: File complaints with data protection supervisory authorities

To exercise any of these rights, please contact us using the contact details provided in Section 12. We will respond to your request in accordance with applicable data protection laws. We may need to verify your identity before processing your request. We will respond to your rights requests within one month of receipt. In complex cases, we may extend this period by two additional months, and we will inform you of any extension within the first month along with the reasons for the delay.

6. Your Choices

  • Account Information: You can review and update your account information at any time by logging into your account settings within the Service
  • Location Information: You can control or disable the collection of location information through your device settings or by disabling location services for the Zeptum application. However, this may limit your ability to use certain features
  • Notifications: You can manage your push notification preferences within the Service settings or your device settings
  • Promotional Communications: You can opt-out of receiving promotional emails from us by following the unsubscribe instructions in those emails or by changing your notification settings in the Service. If you opt-out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations
  • Cookies: Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Service

7. Data Security

We implement reasonable administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, use, alteration, and disclosure. These measures include encryption, access controls, and secure development practices. We also implement privacy-by-design principles in our product development.

Important: However, please be aware that no security measures are perfect or impenetrable, and we cannot guarantee the absolute security of your information. You are also responsible for helping to protect the security of your information by taking steps such as choosing a strong password and keeping it confidential.

8. Data Breach Notification

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay, and in any case within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to your rights and freedoms.

9. International Data Transfers

Your personal information may be transferred to, stored, and processed in countries other than your own, including the United States, where our servers may be located and our central database is operated. Specifically:

  • Google Services: When we use Google's Gemini API and Google Vision API for content moderation, your User Content may be transmitted to and processed by Google's servers in the United States.
  • AWS Services: When you use our face verification feature, your biometric data may be processed by Amazon Web Services (AWS) Rekognition in the United States.
  • Other Service Providers: Additional service providers for hosting, analytics, and other services may also process your data in various jurisdictions.

These countries may have data protection laws that are different from the laws of your country. If we transfer your personal information from the EEA, Switzerland, or the UK to other countries not deemed adequate by the European Commission, we will rely on appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or other lawful transfer mechanisms, to ensure that your personal information is adequately protected.

10. Children's Privacy

Age Restriction: The Service is not intended for or directed at individuals under the age of 18 (or the relevant age of majority). We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to delete such information from our files as soon as possible. If you believe we might have any information from or about a child under 18, please contact us.

For more information about our standards and procedures regarding child safety and child sexual abuse and exploitation (CSAE), please see our Child Safety Standards page.

11. Third-Party Links and Services

The Service may contain links to third-party websites, services, or applications that are not operated or controlled by Zeptum. This Privacy Policy does not apply to such third-party services. We encourage you to review the privacy policies of any third-party services before providing any information to or through them.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by email (sent to the e-mail address specified in your account), by posting a notice on the Service, or as otherwise required by applicable law, prior to the change becoming effective. We encourage you to periodically review this Privacy Policy for the latest information on our privacy practices. Your continued use of the Service after any changes to this Privacy Policy will constitute your acceptance of such changes.

13. Contact Us

If you have any questions, comments, or concerns about this Privacy Policy, our privacy practices, or if you wish to exercise your data protection rights, please contact us at:

Zeptum Privacy Officer - [email protected]

If you are in the EEA, UK, or Switzerland, you may also contact our Data Protection Representative in your respective region if applicable (details would be provided here if one is appointed).

View Terms of Service →Back to Home