Privacy Policy

WhatsLit ("we", "our", or "us") is operated by Infoholiks. This Privacy Policy explains how we collect, use, and protect your information when you use the WhatsLit mobile application. By using WhatsLit, you agree to the practices described in this policy.

Information We Collect

We collect the following categories of information:

Location Data

WhatsLit uses your precise location for core app functionality. Location access is essential to how the app works.

You can revoke location permission at any time in your device Settings. Doing so will prevent you from posting but you can still browse the feed.

Photos & Media

WhatsLit requests access to your camera and photo library solely for the purpose of creating and sharing posts.

• Camera access is used to take photos at venues
• Photo library access allows you to select existing photos to post
• Photos you post are uploaded to our secure cloud storage (Firebase Storage)
• Photos are publicly visible to other WhatsLit users
• We do not scan, analyse, or sell your photos

You can delete any photo you have posted at any time from within the app.

How We Use Your Data

We use the information we collect to:

• Provide and operate the WhatsLit service
• Verify your presence at venues before posting
• Display your posts, profile, and activity to other users
• Calculate venue heat scores and vibe forecasts
• Send push notifications about venue activity (with your permission)
• Detect and prevent abuse, spam, and policy violations
• Improve the app through aggregated, anonymised analytics
• Respond to support requests and reports

We do not use your data for targeted advertising and we do not sell your personal information to third parties.

Data Sharing

We do not sell your personal data. We share data only in the following limited circumstances:

All service providers are bound by data processing agreements and are prohibited from using your data for their own purposes.

Data Retention

We retain your data for as long as your account is active. Specifically:

• Account data is retained until you delete your account
• Posts and photos are deleted when you remove them or delete your account
• Location coordinates used for check-in verification are not stored beyond the session
• Aggregated, anonymised venue activity data may be retained indefinitely for heat score calculations

Your Rights

You have the following rights regarding your personal data:

• Access — request a copy of the data we hold about you
• Correction — update or correct inaccurate data via your profile settings
• Deletion — delete your account and all associated data from within the app Settings
• Portability — request an export of your data in a machine-readable format
• Objection — object to certain uses of your data
• Withdraw consent — revoke location, camera, or notification permissions at any time via device Settings

To exercise any of these rights, contact us at the address below.

Children's Privacy

WhatsLit is intended for users aged 17 and older. The app involves nightlife venues and user-generated content related to social events. We do not knowingly collect personal information from anyone under the age of 17.

If we become aware that a user under 17 has created an account, we will promptly delete their account and associated data. If you believe a minor has registered on our platform, please contact us immediately.

Security

We take the security of your data seriously. Our measures include:

• All data is transmitted over HTTPS/TLS encryption
• Authentication is handled by Firebase Auth — we never store raw passwords
• Firebase Security Rules restrict data access to authorised users only
• Media files in Firebase Storage are access-controlled
• Regular security reviews of our Firebase configuration

While we implement industry-standard security measures, no system is completely secure. If you discover a security vulnerability, please report it to us at the contact address below.