Crush Signals Privacy Policy

Effective date: March 2026

1. Who We Are

Crush Signals is a mobile application operated by Brainwave D.O.O. (“Crush”, “Crush Signals”, “we”, “our”, or “us”). The app allows people in the same physical area to send a “Crush” signal and connect if both users confirm interest.

This Privacy Policy explains how we collect, use, and protect your information when you:

  • Install or use the Crush Signals mobile application.
  • Create an account or sign in to the service.
  • Interact with other users through Crush signals or chat.
  • Contact support or interact with our services.

If you have questions about privacy, contact us at legal@crushsignals.app.

2. Quick Highlights

  • Location is used only to detect nearby users.
  • Messages and crush interactions are temporary. They are automatically deleted after a short period.
  • We do not sell personal data.
  • Users control their visibility. Discoverability can be disabled at any time.
  • Safety tools are included. Users can block and report others.
  • Account deletion is available directly inside the app.

3. Information We Collect

3.1 Account Information

When you create an account we may collect:

  • Name or display name
  • Email address
  • Authentication provider (Apple / Google)
  • User ID created for your account

We do not require sensitive personal information such as identity documents, financial information, or precise home addresses.

3.2 Location Information

Crush Signals uses location to determine which users are nearby. Location is used only for the functionality of the service.

  • Approximate geographic coordinates
  • Location accuracy level
  • Temporary presence data used for discovery

Location data is stored temporarily and expires automatically after a short period. It is used only to calculate nearby users and venue activity.

3.3 Crush Interactions

When a user sends a Crush signal, the system temporarily stores:

  • The description provided by the sender
  • The approximate location context
  • The time the Crush was sent

These interactions are temporary and automatically expire after a short time window.

3.4 Chat Messages

Chat becomes available only after two users mutually confirm a Crush.

Messages exchanged in chats are stored temporarily and automatically removed after 24 hours unless required for safety review (for example if a user report is filed).

3.5 Device and Technical Information

We collect limited technical data required to operate the service:

  • Device model and operating system
  • Application version
  • IP address
  • Push notification token
  • Crash logs and diagnostic information

This information is used only to maintain service reliability and security.

3.6 Face Detection for Profile Verification

When you choose to verify your profile, we ask you to upload a selfie image that contains your face. This selfie is used only to:

(a) confirm that your profile photo belongs to a real person;
(b) compare your selfie with your profile photo to reduce fake or stolen profiles; and
(c) help prevent duplicate verified accounts.

To perform these checks, we use Amazon Web Services (“AWS”) Rekognition, which analyzes the selfie and profile image to detect a face, estimate image quality (for example, lighting, blur, eyes open), and compare similarity between faces. AWS acts as our data processor and processes images only on our behalf and according to our instructions. We do not allow AWS to use these images to train their models or for any other independent purpose.

Crush Signals does not use facial recognition technology to identify a specific individual and does not create or store biometric facial templates or biometric identifiers.

Your selfie and verification data are stored securely on our servers (for example, in encrypted storage managed by AWS). We do not sell or share your face data with advertisers or unrelated third parties.

We retain selfie verification images only for as long as necessary to perform verification and prevent abuse. In practice, this means we keep the selfie for up to 30 days after verification or until your account is deleted, whichever occurs first. When you delete your account, we delete the selfie and verification records as part of the account deletion process, subject to a short additional period in backups and logs required for security and legal compliance.

4. How We Use Information

  • Provide the core functionality of Crush Signals.
  • Detect nearby users and enable Crush interactions.
  • Deliver push notifications related to Crush signals.
  • Enable chat after mutual confirmation.
  • Prevent abuse, spam, or harmful behavior.
  • Respond to user reports and moderation requests.
  • Improve app performance and reliability.
  • Comply with legal obligations.

5. Discoverability and Location Usage

Users become visible to others only when discoverability is enabled.

Some features (such as Tonight Mode) may allow temporary background location usage so users remain discoverable even when the app is not open.

Users can disable discoverability at any time in the app settings.

6. Safety and Moderation

Crush Signals includes safety tools designed to protect users.

  • Users can report inappropriate behavior.
  • Users can block other users.
  • Reports may be reviewed by our moderation systems.

Information involved in safety reports may be retained longer when necessary to investigate violations of our Terms of Service.

7. When We Share Information

We do not sell personal information.

We may share limited information only with trusted service providers who help us operate the platform, including:

  • Cloud hosting providers
  • Analytics services
  • Push notification providers
  • Authentication providers (Apple / Google)

These providers are contractually required to protect user data.

Information may also be disclosed if required by law or to protect the safety of users and the platform.

8. Data Retention

Crush Signals is designed with minimal data retention.

  • Presence location data automatically expires.
  • Crush signals expire after a short time window.
  • Chat messages are deleted after approximately 24 hours.
  • Inactive account data may be removed after extended inactivity.

Data related to user reports may be retained longer if necessary for safety investigations.

9. Security

We implement industry-standard security measures including encrypted connections, access controls, and monitoring systems.

However, no online system can be completely secure and users should protect their accounts using strong authentication methods.

10. Children

Crush Signals is intended for adults. Users must be at least 18 years old to use the service.

Crush Signals has a strict zero-tolerance policy for child sexual abuse and exploitation (CSAE) and child sexual abuse material (CSAM).

To help protect users and maintain a safe environment, the platform includes the following safeguards:

  • Users must confirm they are 18 years of age or older.
  • Users can report profiles, messages, or behavior directly within the app.
  • Users can block other users at any time.
  • Reports are reviewed and appropriate action is taken against abusive accounts.
  • Accounts involved in illegal or harmful behavior are permanently removed.

If we learn that a minor has created an account, the account will be immediately removed.

Crush Signals complies with applicable child protection laws and cooperates with relevant authorities where required.

For child safety concerns related to the platform, please contact: contact@brainwave.international

11. Your Privacy Rights

Depending on your location, you may have rights to:
  • Access the personal data associated with your account
  • Correct inaccurate information
  • Delete your account and associated data
  • Restrict certain processing activities

You can delete your account directly from the app or contact us at legal@crushsignals.app.

12. Account Deletion

Users can permanently delete their account directly inside the app. Once deletion is confirmed:

  • Your profile is removed.
  • Active Crush interactions are deleted.
  • Chat data is removed.

Some limited records may remain temporarily if required for legal compliance or safety investigations.

13. Changes to This Policy

We may update this Privacy Policy occasionally. When significant changes occur, we may notify users inside the app.

The updated policy will always display the latest effective date.

14. Contact

Brainwave D.O.O.

Email: legal@crushsignals.app