Privacy Policy
Last updated: May 7, 2026
NomVote (“we,” “our,” or “the app”) is a
group food-decision app. This policy explains what information we collect, why we
collect it, and how it is used. We are committed to collecting only what is needed
and never selling your personal data.
1. Information We Collect
Required for the app to work:
- Phone number — used only to verify your identity via
a one-time SMS code (powered by Firebase Authentication). We do not use your
phone number to send marketing messages.
- Display name (optional) — a name you choose; shown to
group members you invite.
- Session location — your approximate location at the
time you start a dining session, used to query nearby restaurants. We do not
record a history of your locations.
- Votes — your swipe choices (like / pass) on restaurant
cards within a session, used to compute the group result.
- Session history — a record of past sessions you
participated in, used to power features like “we always end up here”
detection and to improve future recommendations.
Optional features that collect additional data:
- Device contacts — if you choose to use the
“Invite from contacts” feature, your device contact list is uploaded
as one-way cryptographic hashes (SHA-256 of the phone number). Plaintext contact
names and numbers are never sent to or stored on our servers. Hashes are
compared only to find which of your contacts already use NomVote.
- Place tags — notes or labels you attach to restaurants
(e.g., “great patio”), stored against your account and optionally
shared with a group.
- Dietary preferences & favorite cuisines — stored in
your settings to filter session results.
- Gender (broad category) — completely optional. If you
choose to provide it, we store one of: Male, Female, Non-binary, Other, or
Prefer not to say. This is used only for anonymous aggregate reporting
(e.g., “35% of Female users prefer Sit Down over Take Out”). It is never linked back to
your account in any report.
- Age group (broad category) — completely optional. If
you choose to provide it, we store one of eight ranges (e.g., 25–34). Used
only for the same anonymous aggregate reporting as gender above. Never linked to
your account in any report.
- Household type (broad category) — completely optional.
One of: Single, Couple, Family with kids, Roommates, or Other. Used only for
anonymous aggregate reporting. Never linked to your account in any report.
- Primary use case (broad category) — completely optional.
How you most often use NomVote: Family, Date nights, Work lunches, Friend groups,
or Other. Used only for anonymous aggregate reporting. Never linked to your account
in any report.
We do not collect: payment information, Social Security numbers,
government IDs, precise GPS history, social media profiles, or any biometric data.
2. How We Use Your Information
- Authenticate your identity and maintain your account.
- Find nearby restaurants matching your session preferences.
- Compute group voting results and deliver push notifications about outcomes.
- Match you with friends who also use NomVote (via hashed phone number).
- Generate aggregate, anonymous usage statistics to improve the app
(e.g., most popular cuisines, session completion rates, demographic breakdowns
where users have opted in).
- Respond to feedback or bug reports you submit in-app.
3. Information Sharing
We do not sell, rent, or trade your personal information. We share data only
in these limited circumstances:
- Google (Firebase & Places) — Firebase handles phone
authentication and push notifications; Google Places API provides restaurant data.
Both are subject to Google’s privacy policy.
- Cloudflare — our network provider; handles TLS
termination and DDoS protection. Cloudflare does not have access to your
account data.
- Legal requirements — we may disclose information if
required by law or to protect the safety of our users.
4. Data Retention
- Your account data is retained while your account is active.
- Session data (votes, candidates) is retained to support history features and
future re-ranker improvements. You may request deletion (see Section 7).
- Restaurant data from Google Places is cached for up to 30 days per our
agreement with Google’s Terms of Service.
- Contact hashes are discarded after each matching pass; we do not store them
persistently.
5. Children’s Privacy
NomVote is not directed at children under 13. We do not knowingly collect
personal information from children under 13. If you believe a child has provided
us with personal information, please contact us and we will delete it promptly.
6. Security
Your data is stored on a server protected by TLS encryption,
firewall rules, and token-based authentication. Sensitive fields (e.g., phone
numbers) are stored only in encrypted-at-rest PostgreSQL on hardware we control.
No system is perfectly secure, but we take reasonable precautions.
7. Your Rights & Choices
- Access: you can view all profile data via the app settings
screen at any time.
- Correction: you can update your display name, location,
preferences, and optional demographic fields in-app at any time.
- Deletion: email us to request deletion of your account and
associated data. We will process the request within 30 days.
- Opt-out of demographic data: gender, age group, household
type, and primary use case fields are all optional and can be left blank or set
to “Prefer not to say” at any time in app settings.
8. Changes to This Policy
We may update this policy occasionally. Material changes will be announced
via an in-app notification. The “Last updated” date at the top of this
page will always reflect the most recent revision.
9. Contact Us
Questions or requests about your data? Contact us at:
privacy@nomvote.com
