Privacy Policy

Overview

Serendipity is a proximity-based social discovery platform committed to privacy. Our core principle: your location never leaves your device. All proximity computation happens on-device using Bluetooth Low Energy (BLE). There is no central server that knows where you are, who you met, or what you said.

1. Data We Collect

1.1 Data You Provide

Data	Purpose	Stored Where	Sent to Server
Alias	Display name	Device only	No
Interests & depth	Resonance matching	Device only	No
Skills & flags	Skill complementarity	Device only	No
Communication style	Conversation compatibility	Device only	No
Transmission	Real-time broadcast	Device only	No
Birth chart (optional)	Synastry matching	Device only	No
Birth year	Age verification	Device only	No

1.2 Data Collected Automatically

Data	Purpose	Stored Where	Sent to Server
Bluetooth beacon IDs	Proximity detection	Device, ephemeral (rotates 15 min)	No
Location coordinates	BLE estimation	Device, real-time only (not stored)	Never
Encounter records	History	Device only	Anonymized beacon IDs only
Glyphs	Reputation	Device + server (anonymized)	Yes (anonymized)

1.3 Data We Do NOT Collect

Real name Email Phone number Photos GPS history Contacts Browsing history Advertising identifiers

2. How We Use Your Data

On-device resonance matching
Encounter facilitation
Glyph accumulation
Age verification

3. Sensitive Data

Birth chart data is treated as GDPR Article 9 special category data. It is entirely optional, stored on-device only, never transmitted to any server, and can be removed at any time from your profile settings.

4. Data Sharing

We never sell or rent your data. Data may be shared only in these limited contexts:

Device-to-device: End-to-end encrypted via the Tavern Protocol
Relay server: Encrypted payloads only, auto-deleted after 60 seconds
Anonymized analytics: Aggregate, non-identifying usage patterns
Legal requirements: Only when compelled by law

5. Data Retention

Data Type	Retention Period
Profile	Until you delete it
Encounters	Configurable: 7 days to unlimited
Glyphs	Permanent (anonymized)
Beacon IDs	15-minute rotation
Encryption keys	15-minute rotation
Location	Not stored
Relay messages	60 seconds
Chat messages	24 – 72 hours

6. Your Rights

GDPR Rights

Right of access
Right to rectification
Right to erasure
Right to data portability
Right to object
Right to restrict processing

CCPA Rights

Right to know
Right to delete
Right to non-discrimination

All Users

Export all your data
Delete your account
Disable BLE broadcasting
Enable ghost mode
Remove birth chart

7. Security

End-to-end encryption: X25519 key exchange + XSalsa20-Poly1305 authenticated encryption
Rotating identifiers: Beacon IDs and keys rotate every 15 minutes
On-device computation: All matching and analysis happens on your phone
No central location database: There is nothing to breach

8. Children

Serendipity is not intended for users under the age of 17. Age is verified during onboarding via birth year. We do not knowingly collect data from minors.

9. International Transfers

For non-US users, where applicable data transfers occur, we rely on Standard Contractual Clauses (SCCs) to ensure adequate protection under GDPR.

10. Changes to This Policy

If we make material changes to this privacy policy, you will be notified via an in-app notification before the changes take effect.

11. Contact

For privacy-related inquiries, please contact us at moonlit-social-labs@proton.me

12. Data Protection Impact Assessment

A DPIA has been conducted for Serendipity. The assessment concluded that the privacy-by-design architecture — with on-device computation, rotating identifiers, end-to-end encryption, and zero central data collection — provides adequate protection for all categories of processed data.