This Privacy Policy explains how Spendbyte collects, uses, stores, discloses, and protects information about you when you use our App and Services. We've tried to keep it clear — if anything is unclear, email us at contact@spendbyte.com.
1.Introduction
Welcome to Spendbyte (“Spendbyte,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, store, disclose, and protect information about you when you download, install, register for, or use the Spendbyte mobile application (the “App”) and any related services, features, content, websites, or APIs (collectively, the “Services”).
By creating an account or using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Services.
2.Who We Are
Spendbyte provides a campus-oriented mobile experience that blends real-world location-based hunts, digital payments, peer-to-peer transfers, a wallet, end-to-end encrypted chat (including sending and receiving money and money requests, media sharing, and emoji reactions), rewards/redemption, and social discovery features.
3.Information We Collect
We collect information in three ways: (a) information you give us, (b) information collected automatically, and (c) information from third parties.
3.1 Information You Provide
- Account information: name, username, email address, phone number, date of birth, profile photo, school/campus, and password (stored hashed).
- Identity & verification data: information required for KYC, fraud prevention, or age verification where applicable.
- Payment information: linked card details (tokenized via our payment processors), bank/mobile-money account references, transaction amounts, recipients, memos, and balances within your in-app wallet — including payments and money requests initiated in chat.
- Chat & messaging data: we process limited chat metadata needed to deliver the feature (such as conversation participants, message timestamps, delivery and read receipts, and device/session identifiers). Message text, media, and emoji reactions are end-to-end encrypted — we cannot read or decrypt the content of your chats. Payment amounts and transaction records linked to in-chat payments are processed as payment information, not as decrypted chat content.
- Hunt & gameplay data: marker scans, participation, completion times, scores, claimed rewards, and redemption codes.
- User content: feedback, support requests, photos you submit outside of encrypted chat, and any content you post in social/explore features. Chat messages, shared media, and emoji reactions are end-to-end encrypted and are not accessible to us in readable form.
- Communications: correspondence with support and survey responses.
3.2 Information Collected Automatically
- Location data: precise (GPS) and approximate location while the App is in use, used to display your position on the map, find nearby hunts/shops/rewards, and validate geofenced events. We do not collect background location unless you explicitly enable a feature that requires it.
- Motion & sensor data: accelerometer and pedometer/step-count data used together with GPS to smooth your position and reduce GPS drift near tall buildings.
- Camera & photo library: images captured to scan hunt markers (processed on-device and not retained on our servers unless you choose to upload them) and media you choose to share in chat (encrypted end-to-end before leaving your device).
- Device information: device model, OS version, unique device identifiers, language, time zone, mobile carrier, IP address, and crash logs.
- Usage data: screens viewed, features used, taps/sessions, referral source, and performance metrics.
- Authentication data: Face ID / Touch ID is processed entirely on your device by Apple. We only receive a success/failure signal — we never see your biometric template.
- Cookies & similar technologies: used in any in-app web views and on related websites for session, security, and analytics.
3.3 Information from Third Parties
- Payment processors & financial partners: transaction status, payment confirmations, chargebacks, and risk signals.
- Identity / fraud-prevention providers: verification results and risk scores.
- Map & geolocation providers (e.g., Mapbox): map tiles, place data, and search results.
- Analytics & crash reporting (e.g., Amplitude, Firebase): aggregated product analytics and stability data.
- Social/sign-in providers: if you choose to connect them, basic profile information you authorize them to share.
4.How We Use Your Information
We use your information to:
- Create and manage your account and authenticate you (including Face ID).
- Provide core features: hunts, marker scanning, the map, wallet, payments, transfers, end-to-end encrypted chat (including in-chat money sends and requests, media, and emoji reactions), redemption, and rewards.
- Process and settle transactions, prevent fraud, and meet financial-services obligations.
- Personalize content, recommend nearby hunts/shops, and improve discovery.
- Send transactional messages (receipts, security alerts, hunt updates) and, with your consent, marketing messages.
- Maintain safety and integrity (e.g., detect cheating, multi-accounting, chat or payment abuse, and respond to reports).
- Improve, test, and develop new features through analytics and aggregated research.
- Comply with legal obligations and enforce our Terms.
5.Legal Bases (where applicable)
Where data-protection laws such as the GDPR apply, we rely on: performance of a contract, your consent (e.g., for precise location, marketing, optional features), our legitimate interests (e.g., security, product improvement), and compliance with legal obligations (e.g., AML/KYC).
7.Camera, Location & Motion — Your Controls
You can change permissions at any time in your device settings:
- Camera & Photos: camera access is used to scan hunt markers and, if you choose, to capture media for chat. Photo library access is used only when you select media to share in a chat.
- Location (When In Use): required for the map, nearby content, and geofenced hunts. Disabling it limits gameplay.
- Motion & Fitness: improves location accuracy; disabling it may cause map drift near tall buildings but will not block use.
- Face ID: optional convenience for sign-in and sensitive actions; you can use your passcode/PIN instead.
8.Data Retention
We retain personal information only for as long as needed to provide the Services, comply with our legal obligations (including tax, accounting, and AML record-keeping for financial transactions, which may require retention of up to 7 years depending on jurisdiction), resolve disputes, and enforce our agreements. End-to-end encrypted chat content stored on our systems (in encrypted form only) is retained only as long as needed to deliver messages and maintain service reliability; chat metadata may be retained for a shorter or longer period depending on legal and safety requirements. When no longer needed, data is deleted or anonymized.
9.End-to-End Encrypted Chat
Spendbyte chats use end-to-end encryption. When you send a message, photo, video, file, or emoji reaction, it is encrypted on your device before transmission. Only you and the people in the conversation hold the keys needed to decrypt that content.
What we cannot see: the plaintext content of your messages, shared media, or emoji reactions.
What we do process: metadata required to route and deliver chats (such as who is in a conversation, when messages were sent, and delivery status), plus payment and transaction records when you send, receive, or request money in chat. We may also process information you voluntarily provide when reporting abuse.
If you lose access to your device or account without a backup of your encryption keys, we may be unable to recover encrypted chat history.
10.Security
We use industry-standard safeguards including end-to-end encryption for chat content, encryption in transit (TLS), encryption at rest for sensitive fields and encrypted chat payloads, secure key storage in the iOS Keychain, signed/nonce-protected hunt actions, and device-level protections (Face ID/passcode). No method of transmission or storage is 100% secure; we cannot guarantee absolute security.
11.Children
The Services are not directed to children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from such children. If you believe a child has provided us information, contact us and we will delete it.
12.Your Rights
Depending on where you live, you may have rights to:
- Access, correct, or delete your personal information.
- Object to or restrict certain processing.
- Withdraw consent at any time.
- Port your data to another service.
- Lodge a complaint with a data-protection authority.
You can exercise most rights in-app under Settings → Account, or by emailing us (see Section 15). We may need to verify your identity before responding.
13.International Transfers
Your information may be processed in countries other than your own. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for cross-border transfers.
14.Third-Party Services & Links
The App may include links to or integrations with third-party services (e.g., merchants, map providers, payment networks). Their privacy practices are governed by their own policies, which we encourage you to review.
15.Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated in the App or by email. Continued use of the Services after changes take effect constitutes acceptance.
16.Contact Us
For privacy questions or to exercise your rights:
- Email: contact@spendbyte.com
- Postal: Spendbyte — Privacy Office, Accra, Ghana
See also our Terms and Conditions.