Home Support Terms

Privacy Policy

How we collect, use, and protect your information

Last updated: March 31, 2026

1. Introduction

Ember ("we", "us", or "our") operates the Ember mobile application and the website at www.ember-hub.com (together, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Ember, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

Account Information: When you create an account, we collect your name, email address, date of birth/age, gender, and profile information you choose to provide (such as college, school, company, job title, hometown, bio, interests, diet preference, and gamer profiles including in-game names and player IDs).

Verification Data: If you choose to verify your work or school affiliation, we store a hashed version of your email domain. We do not store your full work email address.

Location Data: We collect your city, neighborhood (hub), and — with your explicit permission — your precise GPS location to show you nearby events, people, and places. Location is collected only while the app is in the foreground — we do not track your location in the background. You can revoke location permission at any time through your device settings.

Usage Data: We automatically collect information about how you interact with the Service, including events joined, channels followed, messages sent (metadata only — we do not read private message content), feature usage patterns, and in-app activity events. We also record your last active timestamp, which may be visible to other users.

Device Information: We collect device type, operating system, platform (iOS/Android), app version, and push notification tokens to deliver notifications and ensure compatibility.

Camera & Media Library: With your permission, we access your device camera to let you take photos for chat messages and profile pictures. We also access your media library (photo gallery) to let you select existing photos. We only access the camera or media library when you initiate a photo action — we never access them in the background.

Content You Create: Posts, comments, photos, and other content you share on channels and your profile are stored to provide the Service. If you post anonymously in a channel, your identity is still linked to the post on our servers for moderation purposes, but is not displayed to other users.

Messaging Data: Direct messages, group chat messages, activity chat messages, and channel messages are stored to provide the messaging feature. Message read receipts (timestamps indicating when a message was read) are collected and shown to senders in direct messages. Media files (images, videos) shared in chats are stored on our servers.

Relationship & Social Data: We store data about your connections, follows, blocks, and reports. If you designate a "special connection" (such as best friend or partner), that relationship label is stored on our servers.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Show you relevant events, people, and content near you
  • Power our recommendation engine using AI-generated embeddings (numerical representations derived from your interests, bio, and activity patterns) to surface compatible connections. This is automated processing — no human reviews your match scores
  • Auto-form city-based groups of users with shared interests to encourage local community building
  • Send you push notifications about events, messages, and activity relevant to you
  • Send transactional emails including one-time passwords (OTP) for login and email verification links
  • Detect and prevent fraud, abuse, and violations of our Terms of Service
  • Respond to your support requests and communicate service updates
  • Track in-app usage events and analyze aggregate usage to improve features and user experience
  • Display maps and geocode locations to show events and places near you

4. Data Sharing & Disclosure

We do not sell your personal data. We do not display advertisements or share data with ad networks. We may share information in the following limited circumstances:

  • With other users: Your profile information, posts, and activity in public channels are visible to other users as part of the Service's social features. Your last active status may be visible to other users.
  • Service providers: We use the following trusted third-party services to operate the Service:
    • Railway — Cloud hosting for our backend servers
    • Amazon Web Services (AWS S3) — Secure storage for user-uploaded media (profile photos, chat images, post images)
    • Google Maps Platform — Map display and location services within the app. Google may collect usage data per their Privacy Policy
    • Ola Maps — Supplementary geocoding service for location search
    • Expo Push Notification Service — Delivery of push notifications to your device using your device push token
    • Gmail SMTP (Google) — Sending transactional emails (OTP codes, verification emails)
    • Sentry — Error and crash reporting to help us identify and fix issues. Sentry may receive device type, OS version, app version, and error details
    • Redis — Server-side data caching for performance
    These providers process your data solely on our behalf and are obligated to protect it.
  • Legal requirements: We may disclose information if required by law, legal process, or to protect the rights, property, or safety of Ember, our users, or the public.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction.

5. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

Aggregated, anonymized data that cannot identify you may be retained indefinitely for analytics and service improvement.

6. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit (TLS/HTTPS) and at rest
  • Secure authentication with JSON Web Tokens (JWT) and refresh token rotation
  • Encrypted storage of authentication tokens on your device
  • Password hashing using bcrypt
  • Rate limiting and abuse detection
  • Media files stored securely on AWS S3 with access controls
  • Regular security reviews and dependency updates

No method of transmission or storage is 100% secure. If you discover a vulnerability, please report it to [email protected].

6a. Automated Decision-Making

We use automated processing to power certain features of the Service:

  • People Recommendations: We generate numerical embeddings (vector representations) from your interests, profile information, and activity patterns to recommend compatible people near you. No human reviews individual match scores.
  • City-Based Groups: We automatically form small groups of users in the same city with overlapping interests to encourage local community building.

These automated processes do not make decisions that produce legal or similarly significant effects. You can control recommendation visibility through your profile settings.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data and receive a copy
  • Correct inaccurate or incomplete data
  • Delete your account and associated data (see our Account Deletion page)
  • Opt out of non-essential push notifications via your device settings or in-app notification preferences
  • Withdraw consent for location tracking at any time

To exercise these rights, email us at [email protected].

8. Children's Privacy

Ember is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected data from a child under 18, we will delete it promptly.

9. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: