Privacy Policy
Version 2.1.0 · Last updated: 2026-05-06
This Privacy Policy explains how Log Off Club ("we," "us," "our") collects, uses, and shares your personal data when you use our mobile application and website (collectively, the "Service"). We are the data controller for the personal data we process about you.
1. Who we are
Data controller: Log Off Club. Contact: logoffclubcontact@gmail.com.
Privacy contact: logoffclubcontact@gmail.com.
EU representative (GDPR Art. 27): not currently appointed. The Service does not regularly target users in the European Economic Area or United Kingdom. If our user base in those regions grows beyond occasional processing, we will appoint a representative and update this policy.
Data Protection Officer: not appointed — exemptions in GDPR Art. 37 apply (we are not a public authority and do not engage in large-scale processing of special-category data or large-scale systematic monitoring).
2. Personal data we process
2.1 Information you provide
- Account data: email address, hashed password, display name, username, optional phone number, optional profile photo, optional bio.
- Date of birth: collected once at signup to verify you are 18 or older. Not retained beyond that confirmation.
- Content: posts, comments, messages, photos, videos, and voice messages you create on the Service.
- Support correspondence: the content of any emails or messages you send us.
2.2 Information collected automatically
- Device + technical data: device model, operating system version, app version, language, timezone, IP address.
- Diagnostic data: crash logs and error traces (via Sentry, see §6).
- Product analytics: in-app event names and properties (via PostHog, see §6) — opt-in only and off by default.
2.3 Biometric verification result
The Service requires you to authenticate via Face ID, Touch ID, or fingerprint before posting, commenting, liking, following, sharing, or sending direct messages. The biometric data itself is processed entirely on your device by the operating system's secure enclave. We receive only a pass/fail signal — never the biometric template, raw camera input, or any cryptographic material derived from it. We do not process biometric data within the meaning of GDPR Art. 9 or BIPA (740 ILCS 14). For details see our Data Protection Impact Assessment.
2.4 Things we do not collect
- We do not access your contacts, calendar, or browsing history outside the Service.
- We do not collect precise GPS location.
- We do not use cross-app advertising identifiers.
- We do not collect biometric templates or raw biometric data.
- We do not algorithmically rank, curate, or filter your feed — it is strictly reverse-chronological.
3. Lawful basis for processing (GDPR Art. 6)
| Purpose | Lawful basis |
|---|---|
| Provide the Service (account, posts, messaging, calls) | Contract performance — Art. 6(1)(b) |
| Verify you are 18+ | Legal obligation + contract performance |
| Detect abuse, prevent fraud, security | Legitimate interest — Art. 6(1)(f) |
| Crash reporting (Sentry) | Legitimate interest — opt-out in Settings |
| Product analytics (PostHog) | Consent — Art. 6(1)(a) — opt-in only |
| Marketing emails (future) | Consent — opt-in only |
You can change your consent choices at any time in Settings → Privacy & Data, or by emailing us. Withdrawing consent does not affect lawful processing that took place before withdrawal.
4. How we share your information
- With other users: your profile, posts, and comments are visible to other users according to your visibility settings. Direct messages are visible only to participants and members of group chats you join.
- With sub-processors: we use the third-party services listed in §6. Each is bound by a Data Processing Agreement (or equivalent) and processes data only on our instructions.
- Legal requirements: we may disclose your information when compelled by law, valid court order, or government request, and we may voluntarily disclose information to protect the safety of our users or the public when required to prevent imminent harm. Our legal-request handling process is described at /legal-requests.
- Business transfers: if Log Off Club is involved in a merger, acquisition, or sale of substantially all assets, your information may be transferred. We will notify you before any change of controller and you will have an opportunity to delete your account.
We do not sell your personal data, do not share it with data brokers, and do not use it for cross-context behavioural advertising.
5. International transfers
Our database runs on servers in Beauharnois, Québec, Canada (OVH BHS datacenter). Canada is recognised by the European Commission as providing an adequate level of personal-data protection (commercial-sector adequacy decision, 2024 review upheld), so transfers from the EEA into Canada do not require additional safeguards.
Some sub-processors (Sentry, PostHog, Stripe, Cloudflare, Apple, Google) are based in the United States. Where applicable, transfers from the EEA / UK to those processors are protected by Standard Contractual Clauses (SCCs) and, where the processor is certified, the EU–U.S. Data Privacy Framework.
6. Sub-processors
We share data with the following sub-processors. The full list with DPA links is maintained at docs/SUB_PROCESSORS.md and is also surfaced in-app at Settings → Privacy → Sub-processors. We will notify you in-app and bump the privacy-policy version when we add or remove a sub-processor.
| Vendor | Purpose | Region |
|---|---|---|
| Supabase (self-hosted on OVH) | Database, auth, storage, realtime | Canada (OVH BHS) |
| OVHcloud | VPS infrastructure | Canada (OVH BHS) |
| Cloudflare | CDN, DNS, TLS, DDoS | Global |
| PostHog (US Cloud) | Product analytics — opt-in | United States |
| Sentry | Crash reporting — opt-out | United States |
| Stripe | Payment processing | United States, Ireland |
| OpenRouter | AI safety classifier | United States |
| Apple App Store / Google Play | Distribution + IAP | United States |
7. Retention
| Data category | How long |
|---|---|
| Account data | While your account is active |
| Content (posts, comments, messages) | Until you delete it; 30-day grace after account deactivation, then permanently deleted |
| Crash diagnostics (Sentry) | 90 days |
| Analytics events (PostHog, with consent) | 365 days |
| Audit + security logs | 365 days |
| Backups | 30 days rolling |
8. Security
We use industry-standard safeguards: TLS 1.3 in transit, AES-256 at rest, bcrypt password hashing, row-level security in the database, biometric verification of every interaction to deter automated abuse, and SSH-key-only administrative access. No system is 100% secure; we cannot guarantee absolute security.
In the event of a personal-data breach likely to result in a risk to your rights and freedoms, we will notify our supervisory authority within 72 hours where required by GDPR Art. 33 and notify affected users without undue delay where required by Art. 34 — see our breach response runbook.
9. Your rights
9.1 GDPR / UK GDPR (Art. 15–22)
- Access — Settings → Privacy & Data → Download My Data (machine-readable JSON).
- Rectification — Settings → Edit Personal Info; for fields you can't edit, email us.
- Erasure — Settings → Privacy & Data → Delete Account.
- Restriction — disable analytics or crash reporting in Settings → Privacy & Data, or email us to suspend your data processing while a complaint is resolved.
- Object — for processing based on legitimate interest (crash reporting, abuse prevention), email us to object.
- Portability — the JSON export is structured for re-use in another service.
- Withdraw consent at any time without affecting prior lawful processing.
- Lodge a complaint with your supervisory authority. EU directory: edpb.europa.eu. UK: ico.org.uk.
There is no automated decision-making producing legal or similarly significant effects (GDPR Art. 22) in the Service.
We respond to requests within 30 days. Email logoffclubcontact@gmail.com with the subject "Data rights request".
9.2 Canada — PIPEDA
If you reside in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) applies. We adhere to the ten fair information principles (accountability, identifying purposes, consent, limiting collection, limiting use/disclosure/retention, accuracy, safeguards, openness, individual access, challenging compliance). You have the right to access and correct your personal information and to challenge our compliance with these principles. To do so, contact logoffclubcontact@gmail.com. If you are not satisfied with our response, you can file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca.
9.3 California — CCPA / CPRA
The categories of personal information we have collected in the past 12 months, the sources, and the purposes are summarised below. We do not sell personal information and do not share it for cross-context behavioural advertising.
| Category (Cal. Civ. Code §1798.140) | Collected? | Source |
|---|---|---|
| Identifiers (email, username, IP) | Yes | Directly from you, automatically |
| Customer records (name, phone — optional) | Yes (if provided) | Directly from you |
| Internet/network activity (in-app events) | With consent only | Automatically |
| Geolocation (precise) | No | — |
| Audio / electronic / visual (calls, photos, videos you create) | Yes | Directly from you |
| Sensitive PI: account login + password | Yes | Directly from you |
| Sensitive PI: precise geo / racial / religious / health / genetic / biometric for ID | No | — |
| Inferences / profiles | No | — |
Sensitive PI we do collect (login + password) is used only to authenticate you, not for inference, profiling, or any other purpose. As a result the §1798.121 right to limit use is not separately required, but you can still request limitation by emailing us.
California rights: right to know, right to delete, right to correct, right to opt out of sale/sharing (we do not sell or share — this is honoured by default), right to limit use of sensitive PI, right to non-discrimination. To exercise these rights, email logoffclubcontact@gmail.com with subject "California rights request". You may designate an authorized agent to make a request on your behalf; we will require written, signed proof of authorization. We will not discriminate against you for exercising any right.
Do Not Sell or Share My Personal Information — even though we do not sell or share, you can confirm this election by emailing us.
9.4 Other regions
If you are in Brazil (LGPD), Australia (Privacy Act), India (DPDP Act), or another jurisdiction with comparable rights, you may exercise equivalent rights by contacting us at the email above. We will respond within the statutory timeframe applicable to you.
10. Children
The Service is not for anyone under 18. We require date-of-birth verification at signup and do not knowingly process personal data of anyone under 18. If you believe a person under 18 has created an account, please contact us and we will delete the account.
Because we do not knowingly process personal information of anyone under 13, we are not subject to the U.S. Children's Online Privacy Protection Act (COPPA).
11. Cookies and trackers (web)
This website (thelogoffclub.com) does not set advertising or analytics cookies. We load Google Fonts, which may set cookies on the fonts.googleapis.com / fonts.gstatic.com domains under Google's own privacy policy. We do not pass identifiers to Google. The Log Off Club mobile application does not use third-party advertising or analytics SDKs without your in-app consent (see §3 and §6).
12. Changes to this policy
We will update this policy when we make material changes. On any material change, we will re-prompt you in-app to accept the new version. The version number and last-updated date are shown at the top of this document.
13. Contact
- Privacy questions or rights requests: logoffclubcontact@gmail.com
- Reporting harmful content (no account required): /report
- Copyright / DMCA: /dmca
- Law-enforcement / legal process: see /legal-requests
Postal address available on written request to the privacy contact email above.