Privacy Policy

Last updated: April 20, 2026 (v2026.04.20)

1. Data Controller

The data controller responsible for your personal data is:

  • GLUESQ Pte. Ltd. (UEN 202548578Z)
  • 22 Sin Ming Lane, #06-76, Midview City, Singapore 573969
  • Email: dpo@gluesq.com

For the purposes of the Singapore Personal Data Protection Act 2012 ("PDPA") and Thailand's Personal Data Protection Act B.E. 2562 ("PDPA-TH"), GLUESQ Pte. Ltd. is the data controller of your personal data.

2. Data We Collect

2.1 Account Information

When you register, we collect:

  • Email address — used for authentication, account recovery, and important service communications;
  • Display name and username — your chosen public identity on the Platform;
  • Profile biography and city — optional information you choose to share publicly;
  • Profile avatar — stored as binary data associated with your account;
  • Authentication identifiers — a unique identifier from your authentication provider (Firebase UID) linked to an internal user ID (UUID).

2.2 Location Data

With your explicit consent, we collect GPS coordinates from your device. Location data is used to:

  • Discover sessions and Local Picks near you (geo-proximity queries);
  • Display your approximate location on session maps;
  • Enable map-based session and promotion discovery; and
  • Provide location-aware search results.

Location data is stored as geographic coordinate points (GEOGRAPHY type with SRID 4326) in our database. You may revoke location permissions at any time through your device settings, though this will limit location-based features.

2.3 User-Generated Content

  • Session details — titles, descriptions, tags, locations, and scheduling information for sessions you create;
  • Chat messages — text messages sent in one-on-one and group conversations, stored as structured payloads;
  • Gift messages — optional messages attached to virtual gifts;
  • Reports and feedback — content you submit when reporting other users or sessions.

Session Visibility. When you create a session, you choose its visibility:

  • Public sessions are discoverable on the shared map by any authenticated glup user whose viewport overlaps your session’s area, and are eligible to appear in radius-based discovery, gift leaderboards, and friend-activity feeds. Your display name, avatar, session title, category, approximate location, and start/end time become visible to those users. Up to three confirmed participants’ display names will appear alongside the session on the map.
  • Private sessions are visible only to you, to individuals you invite, and to participants who have confirmed attendance. Private sessions are excluded from the public map, the radius-based discovery endpoint, gift leaderboards, friend-activity feeds, and search results. They are also excluded from nearby-user push notifications.

Both visibility modes share the following limits on privacy. All session content may be accessed by: (i) glup’s authorised moderation and trust-and-safety personnel, where required to investigate reports under our Community Guidelines or Terms of Service; (ii) glup’s authorised engineering personnel, where required to diagnose a production incident affecting your account (subject to audit logging in our append-only audit log); and (iii) law enforcement or governmental authorities, where we are required by valid legal process (subpoena, Mutual Legal Assistance Treaty request, or order of a Singapore court).

You may change a session’s visibility at any time before it starts. Switching from private to public does NOT retroactively expose the display names of invitees who were invited under the earlier privacy setting — only participants who remain confirmed at the moment of the switch are disclosed. After a session ends, its visibility is locked to the state it was in at conclusion.

Go Invisible, a separate user preference, hides your live presence (green-dot indicator, friend-activity position) but does NOT hide content you create. Sessions you host — whether public or private as defined above — continue to render with your display name and avatar on the map subject to the visibility mode you selected when creating the session.

2.4 Transaction and Financial Data

  • Credit balance and transaction history — records of Credits earned, purchased, and spent within the Platform;
  • XP and level data — experience points earned and current user level;
  • Purchase history — records of in-app purchases including platform (iOS/Android), amount, and credits granted;
  • Subscription status — current plan, renewal dates, and subscription identifiers.

We do not store your credit card numbers, bank account details, or full payment credentials. Payment processing is handled entirely by the Apple App Store, Google Play Store, or Stripe.

2.5 Device and Technical Data

  • FCM device tokens — identifiers for delivering push notifications to your specific device(s);
  • Device type — whether you use iOS or Android;
  • IP address — recorded in security event logs for fraud prevention and account protection;
  • Request metadata — correlation IDs and timestamps for operational monitoring and debugging.

2.6 Preferences and Settings

  • Interests — categories of sessions you are interested in;
  • Notification preferences — your choices for push and email notification types;
  • Search radius — your preferred geographic discovery radius;
  • Language preference — your selected locale for the app interface;
  • Safety acknowledgment — whether you have reviewed and acknowledged the safety guide.

2.7 Identity Verification Data (Singpass)

If you choose to verify your identity using Singpass (Singapore's national digital identity), we process the following:

  • Verification hash — a one-way cryptographic hash (HMAC-SHA256) of your Singpass identifier. This hash cannot be reversed to reveal your identity or any personal information.
  • Verification timestamp — when the verification was completed.
  • Verification method — the string "singpass" indicating which provider was used.

What we do NOT store from Singpass: your legal name, NRIC/FIN, date of birth, residential address, email address, or phone number. We request only the minimum "openid" scope — no personal attributes are received from Singpass.

Purpose: to confirm you are a real, unique person and to display a "Verified" badge on your profile. The badge helps other users trust who they are meeting at real-world sessions. One Singpass identity can only be linked to one glup account.

Revocation: you can remove your verification at any time from your Profile settings. This immediately deletes the stored hash and removes your verified badge.

Deletion: if you delete your glup account, all verification data is permanently removed as part of the account erasure process.

Legal basis and retention (PDPA §13 and §25). We process Singpass verification data under Singapore Personal Data Protection Act 2012 §13 (consent) with retention limited by §25 (retention limitation). Upon revocation or account deletion, the verification hash, timestamp, and method are immediately and permanently removed from our database via our automated erasure worker. We retain no backup copies of this data after deletion.

Cross-border transfer (for Thailand residents, PDPA-TH §28). If you are a resident of Thailand and choose to verify your identity with Singpass, your authentication request is processed through GovTech Singapore (the operator of the Singpass service) and our Cloud Functions hosted in Singapore (Firebase region asia-southeast1). This constitutes a transfer of personal data outside Thailand under PDPA-TH §28. The transfer is conducted under the §28(1)(3) basis — necessary for the performance of a contract with the data subject (your glup account verification). We retain no raw Singpass data in either jurisdiction; only the HMAC hash is stored, and it is deleted on revocation or account deletion as described above. Singpass itself is subject to Singapore government data protection standards and is operated by GovTech Singapore, not by glup.

Attribution. Singpass is a service provided by the Government of Singapore and is operated by the Government Technology Agency (GovTech). glup is an independent product of GLUESQ Pte. Ltd. Use of Singpass on glup is an optional user-initiated identity verification feature; it does not constitute an endorsement, sponsorship, partnership, or co-branding arrangement between GLUESQ and the Government of Singapore or GovTech.

2.8 Venue Connect

When you join a Venue Connect room by scanning a venue QR code, your profile information (display name, profile photo, age if enabled, job title, company name, interests, and your "Looking for" text) is shared with other participants in the same venue room. This data is visible only while you are connected to the venue. Disconnecting immediately removes your profile from the venue.

What the venue host can see: your display name and "Looking for" text only. The host cannot see your photo, job title, company, age, or interests.

Data retention: venue presence data (which venue, join and disconnect times) is retained for 30 days and then permanently deleted. Connection and interaction data (likes, interests shown) is retained for 30 days. Chat messages created through Venue Connect are retained per our standard message retention policy.

"Looking for" text: the free-text field you fill in when joining a venue is cleared when you disconnect. It is not retained beyond your active venue session.

Job title and company name: these are optional profile fields. If provided, they are visible on your Venue Connect profile card. You can edit or remove them at any time from your Profile settings.

Contact card exchange: if you and another participant mutually agree to exchange contact cards, the contact details you have chosen to share will be transmitted to the other user. This exchange requires mutual action from both parties and is not initiated automatically.

2.9 Reputation and Specializations

glup allows users to give and receive reputation impressions ("Reps") — short tags describing how someone came across in a real-world interaction (e.g., "Great energy", "Good listener"). We collect:

  • Rep tags received — the tag text, who created it, endorsement count, and creation date;
  • Rep endorsements given — records of which tags you endorsed on other users' profiles;
  • Specializations — free-text skills or certifications you declare on your profile (e.g., "PADI Dive Master", "Grade 8 Pianist"), endorsement counts, and display order.

Visibility: Your top 3 Reps and your Specializations are visible on your profile to other users. You can control Specialization visibility in Privacy Settings. Appearance-related Reps (category: LOOKED) can be hidden via Privacy & Safety settings.

Cost: Creating a Rep costs 999 Sparks. Endorsing a Rep costs 50 Sparks. Endorsing a Specialization is free.

Deletion: All Reps, endorsements, and Specializations are permanently deleted when you delete your account.

2.10 Sparks Virtual Currency

Sparks is a non-transferable, non-redeemable virtual currency used within glup for social interactions. We collect:

  • Balance and lifetime totals — your current Sparks balance and total Sparks ever earned;
  • Tier level — your progression tier (Local, Regular, Connected, Inner Circle, or Black Card) calculated from lifetime Sparks;
  • Purchase history — records of Sparks purchased via Apple App Store or Google Play Store, including platform, amount, and tier;
  • Spending limits — optional daily spending cap you set for yourself;
  • Venue gifts — Sparks gifts sent and received at Venue Connect rooms, including sender, recipient, gift type, and amount. Venue gift leaderboards are visible to other participants in the same room for the duration of the venue session.

Financial note: Sparks have no monetary value outside the Platform. 1 Spark ≈ SGD $0.01 for internal pricing purposes only. The Platform retains 30% of Sparks used in venue gifting. Sparks cannot be withdrawn, transferred to other users, or converted to real currency.

Deletion: All Sparks data (balance, tiers, purchase history, spending limits) is permanently deleted when you delete your account.

2.11 Gamification Data

glup tracks engagement-related data to support gamification features:

  • Streaks — weekly attendance streaks, longest streak, and streak freeze usage;
  • Badges — earned achievement badges (e.g., "First Host", "10 Sessions"), earn dates, and XP awarded;
  • Badge progress — progress counts toward not-yet-earned badges.

Gamification data is visible on your profile (Trophy Case section). It is permanently deleted when you delete your account.

2.12 Screening Questions and Answers

If you are an Active or Business tier subscriber, you may create screening questions ("Intro Questions") that other users answer when they send you a friend request. We collect and process:

  • Questions you create — question text, answer type (free-text or multiple-choice options), importance level, and slot position. Visible to anyone who sends you a friend request.
  • Answers submitted to you — answer text and selected options submitted by other users with their friend requests. Visible only to you (the question creator).
  • Your own answers — if you answer your own questions (for future matching features), these are stored separately and not shared with other users.
  • Reports — if a question is reported, we record the reporter's identity and reason. Reporter identity is never disclosed to the question creator.

Retention: Questions persist while your account is active. Answers attached to accepted friend requests are retained for the lifetime of the friendship. Answers attached to declined or cancelled requests are automatically deleted within 30 days — once a request is declined, the purpose of answer collection is exhausted (Singapore PDPA §25, PDPA-TH §37).

Restricted categories: You must not create questions that solicit information about health or medical conditions, religion or beliefs, sexual orientation, political opinions, criminal history, or biometric data. Such questions violate PDPA-TH §26 (sensitive personal data) and will be automatically removed by our content moderation system.

Deletion: All screening questions, answers, and self-answers are permanently deleted when you delete your account (CASCADE via foreign key on user_id).

Future use: We may use anonymized and aggregated screening question and answer data to improve connection suggestions in the future. If we implement such features, we will update this Privacy Policy before doing so.

3. How We Collect Data

  • Directly from you — when you register, create sessions, send messages, make purchases, or update your profile;
  • Automatically — technical data such as device tokens, IP addresses, and usage patterns collected during your interaction with the Platform;
  • From authentication providers — identity information from Firebase Authentication (Google Sign-In, Apple Sign-In);
  • From device sensors — GPS location data, collected only with your explicit consent;
  • Server-side request logs — may temporarily contain location coordinates included in API requests. These logs are retained for 30 days and are used solely for debugging and performance monitoring.

4. Legal Basis for Processing

We process your personal data on the following legal bases:

Legal BasisProcessing Activities
Performance of contractAccount creation and management, providing core services (session discovery, chat, gifting), processing transactions, subscription management
ConsentLocation data collection, push notifications, marketing communications, optional profile information
Legitimate interestPlatform security and fraud prevention, abuse detection and content moderation, service improvement and analytics, maintaining audit logs
Legal obligationComplying with applicable laws, responding to lawful requests from authorities, maintaining financial records

5. How We Use Your Data

  • Session discovery — matching you with nearby sessions using geo-proximity queries on your location data;
  • Chat delivery — routing messages between users in real time via Supabase Realtime broadcast channels;
  • Push notifications — sending timely alerts about sessions, messages, and promotions using your FCM device tokens;
  • Local Picks — displaying relevant business promotions based on your location and preferences;
  • Personalization — recommending sessions and content based on your interests and activity history;
  • Safety and moderation — detecting and preventing abuse, enforcing Community Guidelines, and protecting users;
  • Account security — monitoring for unauthorized access, brute-force attacks, and suspicious activity;
  • Service improvement — analyzing aggregate usage patterns to improve Platform features and performance;
  • Service integrity and crash diagnostics — when the app experiences an error, crash, or server-side validation rejection, we collect technical diagnostic information including your user identifier, an approximate viewport area (rounded to approximately 1 km), stack traces, and breadcrumbs describing the immediate user actions preceding the error. This processing is necessary for our legitimate interest in maintaining service reliability, detecting exploit attempts, and fulfilling our PDPA §24 protection obligation. Crash diagnostic records are retained within our own Google Cloud Logging infrastructure in Singapore for no more than thirty (30) days and are purged within the 30-day window upon a Data Access Request for erasure (see Section 10). We do not attach your email, phone number, or IP address to these records. No third-party crash-reporting processor is used.
  • Compliance — fulfilling legal obligations, responding to data subject requests, and maintaining required records.

6. Data Sharing and Processors

We do not sell your personal data. We share data only with the following categories of service providers who process data on our behalf:

ProviderPurposeData Shared
Firebase (Google Cloud)Authentication, push notifications (FCM)Email, auth tokens, device tokens
SupabasePrimary database, real-time messagingAll user data (encrypted at rest and in transit)
Redis CloudCaching, rate limitingCached query responses, rate-limit counters (short-lived)
Google Maps PlatformGeocoding, place searchLocation coordinates, search queries
OpenFreeMap (community-operated, Switzerland-based)Map tile delivery for venue, session and Local Picks map viewsTile-fetch HTTPS requests including the user's IP address and the tile coordinates currently in view. No account information, message content, or persistent user identifiers are transmitted. Switzerland operates under data-protection law recognised as adequate by Singapore PDPC.
GovTech (Singpass)Optional identity verificationHMAC hash of Singpass identifier only (no personal data transmitted to or stored from Singpass)
Apple / GoogleIn-app payment processingTransaction identifiers, subscription status
StripeWeb payment processingTransaction identifiers (Stripe handles payment details directly)
Firebase Analytics (Google)App usage analyticsPseudonymized usage events, device type, app version
OpenAIAI-assisted promotion management (GPT Actions) — user-initiated onlyBusiness promotion details and analytics aggregates only (see Section 6.1 below)
AnthropicAI-assisted promotion management (MCP Server) — user-initiated onlyBusiness promotion details and analytics aggregates only (see Section 6.1 below)

We may also disclose personal data when required by law, regulation, or legal process, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

We maintain data processing agreements with all third-party service providers listed above, incorporating standard contractual clauses to ensure your data is handled in accordance with applicable data protection laws.

6.1 AI Integration Providers (BYOAI)

glup offers optional AI-assisted features that allow business users to manage their Local Picks promotions using third-party AI assistants, including OpenAI's ChatGPT (via GPT Actions) and Anthropic's Claude (via the Model Context Protocol, or MCP). These integrations are collectively referred to as "BYOAI" (Bring Your Own AI).

Data shared with AI providers. When you explicitly connect an AI assistant to your glup account, the following business-related data may be transmitted to the AI provider during your interactions:

  • Business name and category;
  • Promotion details — titles, descriptions, prices, discount labels, location, and expiry times;
  • Analytics aggregates — views, saves, and direction-tap counts for your promotions.

Data NOT shared with AI providers. The following categories of personal information are never transmitted to AI providers through these integrations:

  • Email addresses, phone numbers, or account credentials;
  • Location history or GPS tracking data of any user;
  • Chat messages or private communications;
  • Payment information, credit card details, or financial records;
  • Other users' personal data, profiles, or activity.

When data is shared. Data is transmitted to AI providers only when you actively initiate an interaction through a connected AI assistant. No data flows to AI providers in the background or without your direct action. The connection requires an explicit OAuth consent flow, which serves as an additional consent mechanism under the Singapore PDPA. You must authorize the connection before any data is shared.

AI provider data retention. Once data leaves the glup platform and reaches an AI provider, it is subject to that provider's own privacy policy and data retention practices:

  • OpenAI — retains API conversation data for up to thirty (30) days for abuse monitoring, and potentially longer for consumer ChatGPT usage depending on user settings. See OpenAI's Privacy Policy.
  • Anthropic — retains API conversation data for thirty (30) days for safety purposes, and up to five (5) years for consumer usage if model training is enabled by the user. See Anthropic's Privacy Policy.
  • Other MCP-compatible clients — if you connect an AI assistant from another provider via the MCP protocol, that provider's own privacy policy governs their retention and use of data.

Your control. You may disconnect any AI integration at any time through your glup account settings. You may also revoke access by removing the OAuth authorization from the AI provider's side (e.g., revoking the GPT Action in ChatGPT, or disconnecting the MCP server in Claude). Upon disconnection, no further data will be transmitted to that provider. However, data already transmitted is subject to the provider's retention policy as described above.

PDPA compliance. In accordance with the Singapore Personal Data Protection Act 2012, we obtain your consent through the OAuth authorization flow before any data is shared with AI providers. This consent is separate from and in addition to your general consent to these terms. You may withdraw this consent at any time by disconnecting the AI integration, without affecting the lawfulness of data sharing that occurred before withdrawal.

7. International Data Transfers

Your data is primarily stored and processed in the asia-southeast1 (Singapore) region. Our service providers may process data in other jurisdictions. When data is transferred outside your country of residence, we ensure that appropriate safeguards are in place, including:

  • Standard contractual clauses approved by the relevant data protection authority;
  • Data processing agreements with all third-party processors;
  • Encryption of data in transit (TLS) and at rest.

For users in Thailand, cross-border transfers are conducted in accordance with PDPA-TH §28, with appropriate safeguards in place.

8. Data Retention

We retain your data only for as long as necessary to fulfil the purposes for which it was collected or as required by law:

Data CategoryRetention Period
Account data (profile, email, username)Until account deletion
Precise GPS location coordinates30 days (rolling)
Chat messagesUntil account deletion or message deletion by user
Session dataUntil account deletion (ended sessions retained for history)
Notifications30 days (automatically purged via scheduled job)
Security event logs90 days (automatically purged via scheduled job)
User presence data5 minutes (automatically expires)
Friend location coordinatesDeleted when you go offline or within 5 days of last update. Permanently deleted on account deletion.
Auth session records30 days (automatically purged via scheduled job)
Reputation tags and endorsementsUntil account deletion
Specializations and endorsementsUntil account deletion
Sparks balance, tiers, and purchase historyUntil account deletion
Venue gifts30 days (automatically purged via scheduled job)
Venue gift leaderboard7 days (automatically purged via scheduled job)
Streaks and badgesUntil account deletion
Screening questionsUntil account deletion
Screening answers (accepted requests)Until friendship ends or account deletion
Screening answers (declined/cancelled requests)30 days (automatically purged via scheduled job)
OAuth authorization tokens (BYOAI)30 days (refresh tokens), 1 hour (access tokens)
Account lockout records24 hours (automatically purged)
Analytics events (Local Picks)90 days (automatically purged via nightly scheduled job)
Identity verification data (Singpass hash)Until user revokes verification or deletes account
Transaction records7 years (legal/financial compliance requirement)
Redis cache entries30 seconds to 5 minutes (automatically expires)

Upon account deletion, we will erase or anonymize your personal data within thirty (30) days, except where retention is required by law (e.g., financial transaction records).

9. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you;
  • Right to correction — request correction of inaccurate or incomplete personal data;
  • Right to deletion — request deletion of your personal data (subject to legal retention obligations);
  • Right to data portability — receive your personal data in a structured, commonly used, machine-readable format;
  • Right to withdraw consent — withdraw consent for processing based on consent (e.g., location data) at any time, without affecting the lawfulness of prior processing;
  • Right to restrict processing — request restriction of processing in certain circumstances;
  • Right to object — object to processing based on legitimate interests;
  • Right to lodge a complaint — file a complaint with the relevant data protection authority in your jurisdiction.

Singapore residents: Your rights are protected under the Personal Data Protection Act 2012 (PDPA). You may contact the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.

Thailand residents: Your rights are protected under the Personal Data Protection Act B.E. 2562 (PDPA-TH). You may contact the Office of the Personal Data Protection Committee (OPDPC).

10. Data Subject Access Requests (DSAR)

To exercise any of your data rights, please submit a request to:

Please include in your request:

  • Your full name and the email address associated with your glup account;
  • A clear description of the right you wish to exercise;
  • Sufficient information to verify your identity (we may request additional verification).

We will acknowledge your request within five (5) business days and provide a substantive response within thirty (30) days. If we require additional time due to the complexity of the request, we will notify you of the extension (up to an additional thirty days) and the reasons for the delay. There is no fee for exercising your data rights, unless requests are manifestly unfounded or excessive.

11. Cookies and Tracking

The glup website uses only essential, session-based cookies necessary for the proper functioning of the site (e.g., maintaining your session state). We do not use advertising cookies, tracking pixels, or third-party analytics cookies on our website.

The glup mobile application does not use cookies. It uses standard mobile APIs for authentication token storage and device-local preferences. Firebase Analytics uses pseudonymized device identifiers and retains usage data for 120 days. Crash diagnostics are captured within our own Google Cloud Logging infrastructure in Singapore (no third-party crash-reporting processor is used); error logs, device information, and app state at the time of a crash are retained for 30 days. You can opt out of analytics collection in Settings > Privacy.

12. Minimum Age (Adults Only, 21+)

glup is an adult-only Platform. The minimum age to create an account and use any feature of the Platform is twenty-one (21) years, globally, without exception. We do not offer parental or guardian consent pathways, and we do not permit accounts for users under 21 regardless of jurisdiction. See Section 2 of our Terms of Service for the full eligibility rules.

We enforce the 21+ requirement at three independent layers:

  • Client-side validation in the signup form rejects any date of birth that would place the user under 21 at the time of account creation;
  • Server-side validation in our authentication backend re-checks the date of birth on every signup request and returns a 400 AGE_REQUIREMENT_NOT_MET error if the age is below 21, even if the client-side check was bypassed;
  • Database-layer enforcement via a PostgreSQL CHECK constraint that structurally rejects any INSERT or UPDATE that would store a date of birth younger than 21 years old.

We do not knowingly collect personal data from any person under 21. If we become aware that we have collected personal data from a person under 21 — for example, if a user falsifies their date of birth at signup and we subsequently discover the truth — we will take steps to delete such data promptly and terminate the account without notice. If you believe that a person under 21 has provided us with personal data, please contact us at privacy@gluesq.com.

Why 21+? The 21+ global minimum exceeds the age threshold set by every applicable data protection law that covers our users — Singapore PDPA 2012, Thailand PDPA B.E. 2562 (PDPA-TH, which sets parental consent below 20), Malaysia PDPA 2010, Indonesia UU PDP 2022, Vietnam's data protection rules, and the EU GDPR (which permits 13 with parental consent). Because our minimum is strictly above every jurisdictional threshold, we do not need to collect or store any data from minors, and we do not operate a parental-consent flow.

13. Data Security

We implement industry-standard technical and organizational measures to protect your personal data, including:

  • Encryption in transit — all data transmitted between your device and our servers is encrypted using TLS;
  • Encryption at rest — database storage is encrypted at rest;
  • Authentication security — Firebase Authentication with support for multi-factor authentication; brute-force protection via account lockouts and IP blocking;
  • Access controls — role-based access to infrastructure and data; all API requests authenticated via Firebase ID tokens;
  • Rate limiting — global and per-user rate limits to prevent abuse;
  • Audit logging — security events logged with IP addresses and timestamps;
  • Database isolation — SERIALIZABLE transaction isolation for all write operations to ensure data integrity.

While we take reasonable measures to protect your data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.

13.2 Data Breach Notification

In the event of a personal data breach that is likely to result in significant harm to affected individuals, we will:

  • Notify the Personal Data Protection Commission (PDPC) of Singapore within three (3) calendar days of becoming aware of the breach, as required by PDPA §26D;
  • Notify the PDPC Thailand within seventy-two (72) hours if Thai users are affected, as required by PDPA-TH §37;
  • Notify affected individuals without undue delay if the breach is likely to result in significant harm to their rights or interests; and
  • Take immediate steps to contain, investigate, and remediate the breach.

14. Automated Decision-Making

We do not engage in fully automated decision-making that produces legal effects or significantly affects you. Our content moderation system may use automated tools to flag potentially violating content, but all enforcement actions (warnings, suspensions, bans) involve human review.

15. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will provide at least thirty (30) days' advance notice of material changes by:

  • Posting the revised policy on the Platform and our website;
  • Sending a push notification to active users; and/or
  • Emailing you at the address associated with your account.

Your continued use of the Platform after the effective date of the revised policy constitutes your acceptance of the changes.

16. Jurisdiction-Specific Provisions

16.1 Singapore (PDPA)

We comply with the Personal Data Protection Act 2012 of Singapore. We have appointed a Data Protection Officer (DPO) who can be reached at dpo@gluesq.com. We will obtain your consent before collecting, using, or disclosing your personal data, unless an exception under the PDPA applies. You may withdraw consent at any time by contacting our DPO, subject to legal and contractual restrictions.

16.2 Thailand (PDPA-TH)

For users in Thailand, we process your personal data in accordance with the Personal Data Protection Act B.E. 2562 (2019). Where consent is the legal basis, we will obtain explicit consent before collecting sensitive personal data (including precise geolocation). You have the right to withdraw consent, request access, correction, deletion, restriction, and portability of your data, and to lodge a complaint with the Office of the Personal Data Protection Committee.

Cross-border transfers from Thailand. If you use optional features that require processing in Singapore — in particular, the Singpass identity verification described in Section 2.7 — your personal data is transferred from Thailand to Singapore for the duration of that feature request. We rely on PDPA-TH §28(1)(3) as the lawful basis for this transfer (performance of a contract with you, the data subject). Only the minimum data necessary is transferred, and we store no raw Singpass data in either jurisdiction. See Section 2.7 for the specific data elements and retention rules.

16.3 Malaysia (PDPA)

For users in Malaysia, we comply with the Personal Data Protection Act 2010. You have the right to access and correct your personal data, and to withdraw consent for processing. We process personal data only for purposes directly related to the services we provide.

16.4 Indonesia

For users in Indonesia, we comply with applicable data protection regulations, including Government Regulation No. 71 of 2019 on Electronic Systems and Transactions and the Personal Data Protection Law (UU PDP) No. 27 of 2022. You have the right to access, correct, and delete your personal data.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: