top of page

FRIENDS APP — PRIVACY POLICY
Effective date: August 3 2025

 

This Privacy Policy explains how Pacific Interactive LLC (“Pacific,” “we,” “us,” or “our”) collects, uses, shares, and safeguards personal information when you use the Friends mobile application and the pacificimmersive.com website (together, the “Service”). By installing, registering for, or using the Service you acknowledge that you have read and understood this Policy. If you do not agree, do not use the Service.

 

WHO WE ARE

Pacific Interactive LLC is a single-member company headquartered in the United States. Under United States privacy laws we are the “business,” and under the European Union General Data Protection Regulation (GDPR) we are the “data controller.” You may reach us at cameron@pacific.dev.

 

SCOPE

This Policy applies when you:
• Install, register for, or use the Friends app;
• Visit any web page that links to it; or
• Interact with our customer-support channels, marketing e-mails, or social-media pages.

Third-party services you connect to the Service—such as Apple or Google Calendar—are governed by their own privacy policies.

 

NOTICE AT COLLECTION — WHAT WE COLLECT AND WHY

Below are the categories of information we may collect, why we collect them, and how long we normally keep them.

• Identifiers – name, e-mail, phone number, username, device identifier, IP address.
 Purpose: create and secure your account; provide customer support.
 Retention: for as long as the account is active, then deleted or anonymised after thirty days.

• Sensitive information – precise device location; birthday (day and month only); contents of private one-to-one messages (end-to-end encrypted).
 Purpose: power the Friend Maps feature that lets approved friends see where you are; send birthday reminders; deliver private messaging.
 Retention: location history kept for a rolling thirty-day window; birthday kept until you change it; messages kept until you delete them or after two years of inactivity.

• Internet / network activity – app opens, screen taps, crash logs, referring URL.
 Purpose: analytics, diagnostics, fraud prevention.
 Retention: ninety days, then aggregated or deleted.

• Calendar and event (“hangout”) data – hangout titles, dates, invitees, RSVP status, “On My Mind” entries.
 Purpose: organise hangouts, display availability, send reminders.
 Retention: two years after the last change or sooner if you delete the hangout.

• Relationship data – friends you add or accept.
 Purpose: build your social graph and power core features.
 Retention: same duration as your account.

• Commercial information – purchase receipts for premium features, if any.
 Purpose: fulfil orders, fight fraud, satisfy tax obligations.
 Retention: seven years to meet accounting and tax requirements.

• Advertising identifiers (IDFA on iOS, AAID on Android) – collected only after you grant permission via the Apple App Tracking Transparency prompt or equivalent Android dialog.
 Purpose: personalised ads (a future feature) and ad-performance measurement.
 Retention: until you reset the identifier or withdraw consent.

Pacific does not sell personal information for money and does not share personal information for cross-context behavioural advertising unless you expressly opt in. You may opt out at any time by e-mailing us at cameron@pacific.dev or, when available, by toggling the setting inside the app.

 

HOW WE USE INFORMATION

We use personal information to:
• Operate, maintain, and improve the Service;
• Provide core features such as Friend Maps, hangout coordination, private messaging, and push notifications;
• Personalise content and suggest friends or hangouts;
• Monitor performance, debug errors, and prevent fraud or abuse;
• Send critical notices and, with your separate consent, marketing e-mails;
• Comply with legal obligations and enforce our Terms of Service.

Under the GDPR we rely on four lawful bases: performance of a contract, legitimate interests, consent, and, where required, compliance with legal obligations.

 

YOUR PRIVACY CHOICES AND RIGHTS

All users, regardless of location, may:
• Request a copy of their personal data;
• Correct inaccurate or outdated information;
• Delete their account and associated data (unless retention is legally required);
• Opt out of marketing messages at any time.

Residents of California and other U.S. states with comprehensive privacy laws may also:
• Opt out of the “sharing” of personal information for targeted advertising purposes;
• Limit the use of sensitive personal information to what is strictly necessary;
• Appeal any refusal of a privacy request.

Residents of the European Economic Area (EEA) or the United Kingdom may additionally:
• Object to processing based on legitimate interests;
• Ask us to restrict processing while a complaint is reviewed;
• Lodge a complaint with their national supervisory authority.

Because Pacific is a small business that processes EU data only on an occasional basis, Article 27 GDPR allows us to operate without appointing a local representative. EEA- and UK-based users may contact us directly at cameron@pacific.dev.

You can exercise any privacy right by e-mailing cameron@pacific.dev. We will respond within thirty days (forty-five days for California residents when permitted by law).

 

CHILDREN’S PRIVACY

The Service is not directed to children under thirteen years of age (or under sixteen in jurisdictions that set a higher age for digital consent). We do not knowingly collect personal data from children. If we learn we have done so, we will delete the data and deactivate the account. Parents may write to cameron@pacific.dev to request deletion.

 

COOKIES AND TRACKING

• The mobile app stores a Firebase Installation ID and small on-device key-value pairs to keep you signed in and collect analytics.
• The website uses first-party cookies and Google Analytics to measure traffic; you can block these in your browser.
• We do not access the IDFA or AAID until you grant permission.
• Global Privacy Control signals sent from compatible browsers are honoured as an opt-out for California residents.

 

DISCLOSURE OF INFORMATION

We disclose personal information only in these situations:

  1. To friends you choose to connect with, according to your privacy settings.

  2. To service providers such as Google Cloud / Firebase, Apple Push Notification Service, and customer-support tools that operate under written confidentiality agreements.

  3. To advertising partners such as Google AdMob, but only after you provide tracking consent.

  4. As part of a merger, acquisition, or sale of assets, subject to this Policy.

  5. When required by law, regulation, or court order, or to protect the safety and rights of users or the public.

  6. With your explicit consent for any other purpose.

 

INTERNATIONAL DATA TRANSFERS

Data is stored on servers located in the United States. When personal information of EEA or UK residents is transferred to the U.S. we rely on the EU–US Data Privacy Framework (for certified vendors), on Standard Contractual Clauses approved by the European Commission, or on another lawful mechanism permitted under GDPR.

 

SECURITY MEASURES

• TLS 1.3 encryption in transit and AES-256 encryption at rest;
• End-to-end encryption for one-to-one messages;
• Role-based access controls and staff security training;
• Quarterly vulnerability scans and annual independent penetration tests;
• Public bug-bounty programme.

No method of storage or transmission is perfectly secure; we cannot guarantee absolute protection.

 

AUTOMATED DECISIONS AND PROFILING

Friends does not make decisions that produce legal or similarly significant effects solely by automated means. Limited profiling—for example, suggesting potential friends or hangouts—is used to personalise the Service and can be disabled in Settings ▸ Personalisation when that option becomes available.

 

RETENTION OVERVIEW

• Account identifiers are deleted or anonymised thirty days after account closure.
• Location history is overwritten every thirty days or deleted immediately when you disable Friend Maps.
• Messages and other user content are retained until you delete them or after two years of inactivity.
• Crash and analytics logs are retained for ninety days.
• Tax and purchase records are retained for seven years.
• Encrypted back-ups are overwritten within thirty days.

Where immediate deletion is infeasible (for example, immutable audit logs), direct identifiers are removed or the data is aggregated.

 

CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. Material changes—including new categories of data or new advertising partners—will be announced at least thirty days before they take effect through an in-app banner and by e-mail. Your continued use of the Service after the effective date constitutes acceptance of the revised Policy.

 

CONTACT

Questions or requests? Write to:

Pacific Interactive LLC (virtual office)

548 Market St, PMB 797753
San Francisco, CA 94104 USA

Email cameron@pacific.dev

© 2025 Pacific Interactive LLC. All rights reserved.

bottom of page