Privacy Policy

Last updated: April 2026

1. Data We Collect

When you use AnteRoom, we collect:

• Profile information: name, position, organization, industry, seniority level, bio, and LinkedIn profile URL
• Authentication data: email address and profile photo from your LinkedIn or Google account
• Flight data: airport codes, flight numbers, departure times (entered manually or scanned from boarding passes)
• Meeting data: meeting requests, session ratings, reviews, and chat messages
• Purchase data: transit pass purchases and Earth Fund contribution allocations
• Usage data: app interactions, transit counts, and session history

2. How We Use Your Data

We use your data to:

• Match you with professionals at the same airport
• Facilitate meeting requests, scheduling, and chat
• Process transit pass purchases and Earth Fund contributions
• Display your professional profile to airport peers (only while you have an active flight at the same airport)
• Improve the app experience and prevent abuse

We do NOT sell your data to third parties.
We do NOT use your data for advertising.

3. Data Visibility

Your profile is visible ONLY to:

• You (always)
• Professionals who have an active flight at the same airport as you

Your profile is automatically hidden when your flight expires. No one outside your current airport can see your profile. Chat messages are private between you and the other participant.

4. Third-Party Services

We use the following services to operate AnteRoom:

• Supabase (database, authentication) — EU-hosted, GDPR compliant
• LinkedIn (sign-in, profile data) — subject to LinkedIn's privacy policy
• RevenueCat (payment processing) — PCI compliant
• Expo (app distribution) — no user data shared

All third-party services are bound by Data Processing Agreements.

5. Data Retention

• Active profile data: retained while your account is active
• Chat messages: retained for 12 months, then auto-deleted
• Session ratings: retained indefinitely (anonymized after account deletion)
• Flight data: deleted 30 days after departure
• Earth Fund contributions: retained for tax/audit purposes

6. Your Rights (GDPR)

Under GDPR, you have the right to:

• Access: request a copy of your personal data
• Rectification: correct inaccurate data via your profile
• Erasure: delete your account and all associated data
• Portability: export your data in a standard format
• Objection: object to specific data processing
• Restriction: limit how we process your data

To exercise these rights, contact: privacy@anteroom.app
Or use the "Delete Account" option in Settings.

7. Data Security

We protect your data with:

• Row-Level Security (RLS) on all database tables
• Encrypted connections (TLS/SSL)
• Secure token storage on your device
• OAuth 2.0 for authentication (no passwords stored)
• Automatic session expiry
• EU-hosted database (Frankfurt, Germany)

8. Children's Privacy

AnteRoom is not intended for users under 18 years of age. We do not knowingly collect data from minors.

9. Changes to This Policy

We may update this policy at any time. We will notify you of significant changes via email or in-app notification.

10. Contact

Data Controller: AnteRoom
Email: privacy@anteroom.app