Privacy Policy
Last updated: May 7, 2026
This Privacy Policy ("Policy") describes how WYGO SRLS, with registered office at Via John Fitzgerald Kennedy 5, Italy, collects, uses, stores, shares and protects personal data in connection with the Wygo mobile application ("the App") available on the Apple App Store and Google Play Store. This Policy is issued pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 (the "GDPR") and Italian Legislative Decree 196/2003 as amended by Legislative Decree 101/2018 (the "Italian Privacy Code"). By creating an account or using the App, you acknowledge that you have read and understood this Policy.
1. Data Controller
The Data Controller is WYGO SRLS, with registered office at Via John Fitzgerald Kennedy 5, Italy. VAT / Tax Code: 11031221218. Email: privacy@wygo-app.it. You may contact our Data Protection contact point at any time by writing to privacy@wygo-app.it.
2. Personal Data We Collect
We collect the following categories of personal data: (a) Account & Profile Data: full name, username, email address, password (stored as a cryptographic hash, never in plain text), date of birth (used to verify you are at least 18 years old), optional profile biography, optional gender (male, female, non-binary, or prefer not to say), and user role (attendee or event organiser). (b) Profile Photos & Media: profile photographs and gallery images you upload. Images are compressed on-device before upload and stored on our content delivery network. (c) Authentication Data: if you sign in via Google or Apple, we receive your name and email address from the identity provider. We store a flag indicating which sign-in method you used. We never receive or store your Google or Apple password. (d) Location Data: if you grant foreground location permission, we collect your approximate GPS coordinates (latitude and longitude) to display nearby events. Location is collected only while the App is in the foreground and actively being used. We do not collect background location. Coordinates are rounded to three decimal places (~111 m accuracy) before being sent to our servers. (e) Event Interaction Data: events you view, like, save, or bookmark; ticket purchases; comments and replies you post; reviews and star ratings you leave; users you follow or block. (f) Swipe & Matching Data: if you use the event-based matching feature, we process your swipe actions (pass, like, boost), match results, and gender preferences for filtering. Your name, profile photo, and biography are displayed to other ticket-holders for the same event. (g) Chat Messages: messages exchanged with matched users within the in-app messaging system. (h) Payment Data: when you purchase tickets, we transmit your request to Stripe, our payment processor. We receive a transaction identifier, amount, currency, and payment status from Stripe. We do not collect, process, or store your credit card number, CVV, or bank account details — these are handled entirely by Stripe in a PCI-DSS compliant environment. (i) In-App Purchase Data: purchases made through Apple App Store or Google Play (subscriptions, credit packs) are processed by Apple or Google respectively. We receive a purchase receipt and entitlement status but never your payment instrument details. (j) Push Notification Token: if you enable push notifications, we store an Expo Push Token linked to your account to deliver notifications. (k) Device & Technical Data: IP address (processed server-side for rate limiting and abuse prevention; not stored in your profile), operating system type (iOS/Android) as determined by the platform, and a boolean check for whether you are using a physical device (required for push notification registration). We do not collect device model, hardware identifiers, IDFA, GAID, or device fingerprints. (l) Usage Analytics: if you have not opted out, we collect a minimal set of analytics events: event_viewed, event_clicked, checkout_started, payment_success, and payment_failed, each with only the event identifier and, for payments, the price and currency. No scroll, tap, navigation, or screen-view events are tracked. Analytics data is associated with your user ID but does not include device identifiers. (m) User Preferences: language preference (English, French, or Italian), dark/light theme preference, notification category preferences, and privacy settings (private account toggle, content visibility toggles, swipe visibility toggle, analytics opt-out).
3. Legal Basis for Processing (GDPR Art. 6)
We process your personal data on the following legal bases: (a) Performance of a Contract (Art. 6(1)(b)): processing your account and profile data, event interactions, ticket purchases, matching and chat features, and push notification delivery is necessary to perform the contract between you and us (the Terms of Service) and to provide you with the App's core functionality. (b) Consent (Art. 6(1)(a)): we rely on your explicit consent for: collecting your location data (you grant foreground location permission through your device settings and can revoke it at any time); processing analytics data (you can opt out at any time via Privacy Settings in the App); sending marketing or promotional push notifications (you can disable notification categories in the App settings); and processing your optional gender data for the matching feature. (c) Legitimate Interest (Art. 6(1)(f)): we process IP addresses for rate limiting, fraud prevention, and protection against abuse; we process technical data to ensure App security, prevent unauthorised access, and maintain service integrity; and we process aggregated, anonymised usage statistics to improve the App. Our legitimate interests do not override your fundamental rights. You may object to processing based on legitimate interest at any time (see Section 12). (d) Legal Obligation (Art. 6(1)(c)): we retain financial transaction records as required by Italian tax and accounting law (DPR 633/1972 and related provisions), and we process data to comply with lawful requests from judicial or regulatory authorities.
4. How We Use Your Data
We use personal data for the following purposes: • Account creation, authentication, and session management. • Displaying your profile to other users (name, username, profile photo, biography). For private accounts, your activity feed is visible only to approved followers. • Showing you events near your location when you grant location permission. • Processing ticket purchases and issuing digital tickets via QR codes. Organisers receive your name and booking reference only. • Enabling the matching feature: presenting your profile card (name, photo, bio) to other ticket-holders, recording swipe actions, creating matches, and facilitating in-app chat between matched users. • Delivering push notifications about: new followers, likes, comments, reviews, matches, chat messages, and event updates, in accordance with your notification preferences. • Moderating user-generated content (photos, comments, reviews) to enforce community guidelines. • Preventing abuse through server-side rate limiting (per-IP and per-user) and blocking functionality. • Improving the App through minimal, opt-in analytics. • Complying with legal obligations, including retention of financial records.
5. Third-Party Service Providers
We share personal data with the following categories of third-party service providers. Unless stated otherwise, each provider acts as a data processor under a Data Processing Agreement (DPA) in compliance with GDPR Art. 28: (a) Supabase Inc. (USA) — database hosting, user authentication, real-time messaging infrastructure, and serverless edge functions. Data processed: all account data, event data, chat messages, and authentication tokens. Supabase applies encryption at rest and in transit. (b) Stripe Inc. (USA) — payment processing for ticket purchases. Data shared: transaction amount, currency, and user identifier. Stripe handles all payment card data in its PCI-DSS Level 1 certified environment. We never receive or store card numbers. (c) Google LLC (USA) — Google Sign-In (OAuth 2.0) for authentication; Google Maps Platform for place search and autocomplete; Google Cloud Vision SafeSearch API for automated image content moderation. Data shared: email and name (for sign-in); search queries and coordinates (for place search); uploaded images for content safety analysis. (d) Apple Inc. (USA) — Apple Sign In for authentication (where available on iOS); App Store for in-app purchase processing. Data shared: email and name (for sign-in); purchase receipts (for entitlement verification). Important: Apple and Google act as independent data controllers — not processors — for in-app purchase transactions processed through their respective stores. Their use of payment and purchase data is governed by Apple's Privacy Policy (apple.com/legal/privacy) and Google's Privacy Policy (policies.google.com/privacy) respectively and is outside our control. (e) Google LLC / Firebase (USA) — Firebase Cloud Messaging for push notification delivery infrastructure. Data shared: push notification tokens. Firebase Analytics and Crashlytics are disabled in the App. (f) PostHog Inc. (USA) — product analytics (only when analytics are enabled and you have not opted out). Data shared: user identifier, event identifier, and minimal event properties (price, currency for payment events). No device identifiers, IP addresses, or personal profile data are sent to PostHog. (g) Cloudflare Inc. (USA) — content delivery network (CDN) for serving images and caching API responses at edge locations; DDoS protection and Web Application Firewall (WAF). Cloudflare processes IP addresses as part of its network security services. (h) Upstash Inc. (USA) — Redis-based rate limiting for per-target write operations (e.g., likes per post, swipes per user). Only user and target identifiers are stored transiently with short expiry times. (i) Mapbox Inc. (USA) — static map tile generation for event location display. Only coordinates (latitude, longitude) and zoom level are transmitted. We do not sell, rent, or trade your personal data to third parties for their own marketing purposes.
6. International Data Transfers
Several of our service providers are based in the United States. When your personal data is transferred outside the European Economic Area (EEA), we ensure adequate protection through one or more of the following safeguards in accordance with GDPR Chapter V: • Standard Contractual Clauses (SCCs) adopted by the European Commission, incorporated into our Data Processing Agreements with each US-based provider and supplemented where necessary by additional technical and organisational safeguards. • The provider's certification under the EU-US Data Privacy Framework (where applicable). • The provider's binding corporate rules approved by a supervisory authority. You may request a copy of the applicable transfer safeguards by contacting us at privacy@wygo-app.it.
7. Data Retention
We retain personal data only for as long as necessary for the purposes described in this Policy, or as required by law: • Account & profile data: retained for the duration of your active account. Upon account deletion, your personal data is deleted immediately. • Profile photos and media: deleted immediately from our CDN storage (Cloudflare R2) upon account deletion or when you remove them from your profile. Cloudflare edge caches may serve cached copies until the configured cache TTL expires; the underlying storage objects are deleted immediately. • Chat messages: deleted immediately when either participant deletes their account or unmatches. There is no time-based automatic deletion of active conversations. • Event interaction data (likes, comments, reviews, saves): deleted immediately upon account deletion. Anonymised aggregate counters (e.g. total likes on an event) may persist as they contain no personal data. • Swipe and matching data: match records are deleted immediately upon account deletion or when either user blocks the other. • Payment transaction records: retained for 10 years from the date of the transaction as required by Italian tax law (DPR 633/1972, Art. 39). After account deletion, these records are retained in a form that cannot be attributed to an identifiable user profile. • Analytics data: retained according to PostHog's configured retention settings and automatically deleted after the configured retention period. You can opt out at any time via Privacy Settings. • Push notification tokens: deleted immediately upon account deletion or when you disable push notifications. • IP address logs: processed transiently server-side for rate limiting; not stored beyond the applicable rate-limit window (typically 1–60 seconds). • Location data: your GPS coordinates are never stored on our servers in raw form. Rounded coordinates (3 decimal places, ~111 m accuracy) are transmitted as query parameters for location-based searches and are not stored in your user profile.
8. Account Deletion
You may delete your account at any time through the App by navigating to Profile → Settings → "Delete Account". When you initiate account deletion: (a) All your profile data, profile photos, gallery images, comments, reviews, likes, saves, follows, swipe history, matches, and chat messages are permanently and immediately deleted from our servers. (b) All images associated with your account are immediately deleted from our CDN storage (Cloudflare R2). Cached copies held at Cloudflare edge nodes will become inaccessible once the origin objects are deleted and will expire at the next cache refresh. (c) Your authentication record is deleted from our authentication provider (Supabase Auth). (d) If you signed in via Google or Apple, the App signs you out of the respective provider. (e) All locally cached data (preferences, tokens, location data) is cleared from your device. (f) Financial transaction records related to ticket purchases you made are retained for 10 years as required by Italian law (DPR 633/1972, Art. 39), but are no longer associated with an identifiable user profile after deletion. Alternatively, you may request account deletion by emailing privacy@wygo-app.it with the subject line "Account Deletion Request". We will process your request without undue delay.
9. Social Features and User-Generated Content
Wygo includes social features. You should be aware of the following: (a) Public profile information: your name, username, and profile photo are visible to all App users. Your biography is also visible unless your account is set to private. (b) Private accounts: if you enable the private account toggle in Privacy Settings, only approved followers can see your activity feed (likes, comments, reviews). Your profile name, username, and photo remain visible to all users so others can send you follow requests. (c) Comments and reviews: comments and reviews you post on events are visible to all users who can view that event. Comments may be nested (replies). Event organisers can pin comments to the top of the comments section. (d) Likes, follows, and saves: other users can see your likes, comments, and reviews in their activity feed unless you disable the corresponding toggles in Privacy Settings. (e) Blocking: if you block a user, you become mutually invisible. Any existing matches are removed, and further interaction is prevented. (f) Reporting: you may report user-generated content (profiles, comments, reviews) for violating community guidelines. Reports are reviewed by our team. (g) Event organisers: when you purchase a ticket, the event organiser receives your name and booking reference. Organisers can scan your QR-code ticket for event check-in. Organisers do not have access to your email, date of birth, or other profile data beyond your name. We may review user-generated content, including messages, comments, and profiles, using automated systems and, where necessary, human review, to detect and prevent fraud, abuse, or violations of our terms and community guidelines.
10. Swipe and Matching Feature
If you use the event-based matching feature: (a) Visibility: to appear in other users' swipe decks, you must hold a valid ticket for the event and must not have enabled the "Hide from Event Swipe" toggle in Privacy Settings. (b) Profile card: other ticket-holders see your name, profile photo, and biography in the swipe deck. Your email, date of birth, and location are never shared. (c) Gender filtering: you may specify your gender and gender preferences. This data is used solely to filter the candidate pool and is not displayed to other users beyond your stated gender. (d) Matching: a match occurs only when both users have indicated mutual interest (both swiped "like" or "boost"). Only matched users can communicate via in-app chat. (e) Unmatching and blocking: you can unmatch or block a user at any time, which removes the match and all associated chat history from both accounts. (f) Credits: the matching feature uses a credit system (free users receive a limited number of likes per event). Credit balances are stored in your account but do not constitute a financial instrument or stored value.
11. Payments and In-App Purchases
(a) Ticket purchases: ticket payments are processed by Stripe. When you initiate a purchase, our server creates a Stripe PaymentIntent and the Stripe SDK's PaymentSheet is presented in the App. Your payment card details are entered directly into the Stripe SDK and never pass through our servers. We receive only a transaction identifier, payment status, amount, and currency. (b) In-app purchases: subscriptions and credit packs (e.g., extra likes, profile boosts, premium matching features) may be purchased through the Apple App Store (on iOS) or Google Play Store (on Android). These transactions are processed entirely by Apple or Google under their respective terms. We receive a purchase receipt to grant you the corresponding entitlements. (c) Refunds: for ticket purchases processed via Stripe, refund requests must be directed to the event organiser or to support@wygo-app.it. For in-app purchases processed by Apple or Google, refund requests must be submitted through the respective app store. (d) Organiser payouts: event organisers who receive ticket revenue may connect a Stripe account. Organiser payout details (Stripe account ID and verification status) are stored securely and are not visible to attendees.
12. Your Rights Under GDPR and Italian Law
Under the GDPR and the Italian Privacy Code, you have the following rights with respect to your personal data: (a) Right of Access (Art. 15): you have the right to obtain confirmation of whether we process your personal data and to request a copy of that data. (b) Right to Rectification (Art. 16): you have the right to correct inaccurate personal data. You can update your name, username, biography, profile photo, and other profile information directly in the App. (c) Right to Erasure / Right to Be Forgotten (Art. 17): you have the right to request deletion of your personal data. You can delete your account directly in the App (see Section 8), or contact us at privacy@wygo-app.it. (d) Right to Restriction of Processing (Art. 18): you have the right to request restriction of processing in certain circumstances (e.g., while we verify the accuracy of contested data). (e) Right to Data Portability (Art. 20): you have the right to receive your personal data in a structured, commonly used, machine-readable format (JSON). To request a copy of your personal data, send an email to privacy@wygo-app.it with the subject line "Data Portability Request". We will prepare and deliver your data export within 30 days. (f) Right to Object (Art. 21): you have the right to object to processing based on legitimate interest. In particular, you can object to analytics processing by enabling the analytics opt-out toggle in Privacy Settings. (g) Right to Withdraw Consent (Art. 7(3)): where processing is based on consent (location, analytics, optional profile data, marketing notifications), you may withdraw consent at any time without affecting the lawfulness of processing carried out before the withdrawal. You can withdraw consent by: revoking location permission in your device settings; toggling analytics opt-out in Privacy Settings; disabling notification categories in the App; or removing optional profile data (bio, gender, gallery photos). (h) Right to Lodge a Complaint: you have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) at www.garanteprivacy.it, or with the supervisory authority of your habitual residence. To exercise any of these rights, contact us at privacy@wygo-app.it. We will respond within 30 days, as required by law. We may request identity verification before processing your request.
13. Security Measures
We implement technical and organisational measures to protect your personal data, including: • Encryption in transit: all communication between the App and our servers uses TLS 1.2 or higher. All API traffic is routed through Cloudflare's secure network. • Encryption at rest: database data is encrypted at rest by our hosting provider (Supabase/AWS). Sensitive authentication tokens are stored on your device using hardware-backed secure storage (Keychain on iOS, Keystore on Android) via Expo SecureStore. • Access control: our database enforces Row-Level Security (RLS) policies, ensuring users can only access their own data. Server-side edge functions verify JSON Web Tokens (JWT) before processing any authenticated request. • Rate limiting: we apply both IP-level rate limiting (via Cloudflare WAF) and per-user/per-target rate limiting (via Redis) to prevent abuse and brute-force attacks. • Input validation: all user input is validated and sanitised on both client and server. SQL injection is prevented through parameterised queries and RPC functions. • Error sanitisation: internal error details (database error codes, stack traces) are never exposed to users. All user-facing errors are passed through a sanitisation layer. • Secure authentication: passwords are hashed using bcrypt. OAuth tokens are handled via industry-standard protocols (OpenID Connect for Google, Sign in with Apple). CSRF protection is implemented for sensitive operations. • Image moderation: uploaded images pass through a moderation pipeline before being publicly accessible. While we employ industry-standard protections, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. We encourage you to use a strong, unique password and to enable two-factor authentication when available.
14. Push Notifications
If you grant notification permission, we use push notifications to inform you about: • New followers and follow requests. • Likes on your events. • Comments and replies on your events. • Reviews on your events. • New matches from the swipe feature. • Chat messages from matched users. • Event updates from organisers you follow. Push notifications are delivered through Firebase Cloud Messaging (FCM) via Expo's push notification service. Your Expo Push Token is stored in our database and used solely for notification delivery. You can manage which notification categories you receive in the App's notification settings, or disable push notifications entirely through your device's system settings. Disabling push notifications does not affect core App functionality.
15. Analytics and Tracking Technologies
The App does not use browser cookies, as it is a native mobile application. We use PostHog for minimal product analytics. When analytics are enabled and you have not opted out, we collect only the following events: event page views, event clicks, checkout initiation, and payment success or failure. Each event carries only the event identifier and, for payments, the price and currency. We do not track scrolling, tapping, navigation, screen views, or any other interaction. We do not use advertising identifiers (IDFA on iOS or GAID on Android). We do not implement Apple's App Tracking Transparency framework, as we do not track users across other companies' apps or websites. You can opt out of analytics at any time by enabling the "Analytics opt-out" toggle in Privacy Settings. When opted out, no analytics events are sent to PostHog.
16. Children's Privacy
Wygo is intended solely for users aged 18 and older. This age restriction is a product decision due to the social interaction and matching features of the App. We enforce a minimum age of 18 at registration by requiring your date of birth and verifying that you meet the age requirement before account creation. We do not knowingly collect personal data from anyone under the age of 18. If we become aware that we have inadvertently collected personal data from a person under 18, we will promptly delete their account and all associated data. If you believe that a minor is using the App, please contact us immediately at privacy@wygo-app.it.
17. Automated Decision-Making
The App does not engage in automated decision-making or profiling that produces legal effects or similarly significant effects on you within the meaning of GDPR Art. 22. The matching feature's candidate filtering (by event attendance and gender preference) is a functional filter based on your explicit preferences, not an automated assessment of personal characteristics. You may change your preferences or disable matching at any time via the "Hide from Event Swipe" toggle.
18. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or App functionality. When we make material changes, we will: • Update the "Last updated" date at the top of this Policy. • Notify you via an in-app notification or by email at least 14 days before the changes take effect. • Where required by law, obtain your renewed consent before applying changes that affect the legal basis of processing. Your continued use of the App after the effective date of a revised Policy constitutes your acknowledgement of the updated terms. If you do not agree with the changes, you should stop using the App and delete your account.
19. Applicable Law and Jurisdiction
This Privacy Policy is governed by Italian law and the GDPR. Any disputes relating to data protection shall be subject to the jurisdiction of the courts of Napoli, Italy, without prejudice to your right to lodge a complaint with the Garante per la protezione dei dati personali or the supervisory authority of your habitual residence.
20. Contact Information
Data Controller: WYGO SRLS Via John Fitzgerald Kennedy 5 Napoli, 80125, Italy VAT / Tax Code: 11031221218 Data Protection Contact: Email: privacy@wygo-app.it General Support: Email: support@wygo-app.it