Privacy Policy

1. Introduction

Flintime Inc. ("we," "our," or "us") operates Flin, a student marketplace platform that connects college students across America with exclusive deals, housing opportunities, marketplace transactions, and campus events. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our mobile application and website (collectively, the "Service").

Important: Our Service is designed exclusively for students aged 17 and older. By using Flin, you confirm that you are at least 17 years of age and enrolled in or affiliated with an accredited educational institution.

2. Information We Collect

2.1 Personal Information You Provide

• Account Information: Name, email address, phone number, date of birth, student status verification
• Educational Information: College/university (from .edu email domain), graduation year, academic program (optional)
• Profile Information: Profile picture, bio, interests, campus location
• Communication Data: Messages, reviews, ratings, customer support communications
• No verification documents: We do not collect student IDs or enrollment documents

2.2 Information We Collect Automatically

• Device Information: Device type, operating system, unique device identifiers, mobile network information
• Usage Data: App usage patterns, features used, time spent on different sections
• Location Data: Approximate location (city/campus level) to show relevant local offers and events
• Log Data: IP address, access times, pages viewed, app crashes, system activity
• Cookies and Tracking: Session cookies, analytics cookies, preference settings

2.3 Information from Third Parties

• Social Media: Profile information if you choose to link social accounts
• Educational Institutions: Only .edu email domain verification (no direct institutional contact)
• Payment Processors: No student payment data (vendor subscriptions only on website)
• Analytics Services: Aggregated usage statistics and app performance data

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Core Service Functions

• Create and manage your student account
• Verify your student status through .edu email domain only
• Facilitate marketplace transactions between students
• Connect students with local offers and campus events
• Connect students for direct peer-to-peer transactions (no payment processing)
• Provide customer support and resolve disputes

3.2 Safety and Security

• Prevent fraud, spam, and abuse
• Protect student safety in transactions and meetups
• Monitor for prohibited content and activities
• Enforce our Terms of Service and Community Guidelines
• Comply with legal obligations and law enforcement requests

3.3 Platform Improvement

• Analyze usage patterns to improve app functionality
• Personalize content and recommendations
• Develop new features for the student community
• Conduct research on student marketplace trends

3.4 Communications

• Send transaction notifications and updates
• Share relevant local offers and events
• Provide important platform announcements
• Send marketing communications (with your consent)

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 With Other Students

• Public profile information (name, photo, university, ratings)
• Marketplace listing details and transaction history
• Messages and communications related to transactions
• Reviews and ratings you provide or receive

4.2 With Service Providers

• Payment processing companies (Stripe, PayPal)
• Cloud hosting and data storage providers
• Customer support and communication platforms
• Analytics and app performance monitoring services
• Student verification services

4.3 Legal Requirements

• Comply with applicable laws, regulations, or legal processes
• Respond to lawful requests from public authorities
• Protect our rights, property, or safety
• Investigate and prevent illegal activities or policy violations

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

5. Data Security

We implement industry-standard security measures to protect your personal information:

• Encryption: All data transmission is encrypted using TLS/SSL protocols
• Secure Storage: Personal data is stored in encrypted databases with restricted access
• Access Controls: Employee access is limited and monitored based on job requirements
• Regular Audits: Security practices are regularly reviewed and updated
• Student ID Protection: Verification documents are processed securely and not retained

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention and Deletion (Apple App Store Requirement)

In compliance with Apple App Store Guidelines, we provide clear data retention and deletion policies:

6.1 Data Retention Periods

6.2 Immediate Account Deletion

When you delete your account, the following happens immediately:

• Complete data removal: All personal data is permanently deleted from our systems
• No recovery period: Deleted data cannot be recovered or restored
• Anonymous data only: Only anonymized usage statistics remain for service improvement
• Immediate effect: Account access is terminated and data deletion begins instantly
• Clean slate: You can create a new account with the same email if desired

6.3 No Legal Retention Requirements

Unlike many platforms, we do not retain personal data for legal compliance because:

• No financial transactions: We don't process student payments, so no financial records to retain
• No verification documents: We don't collect identity documents that would require retention
• Simple verification: Student status is verified only through .edu email addresses
• Anonymous safety data: Only anonymized incident data retained for platform safety
• Clean deletion: Complete data removal is possible without legal complications

7. Your Privacy Rights

You have the following rights regarding your personal information:

7.1 Access and Control

• Account Settings: Update your profile and preferences at any time
• Data Access: Request a copy of your personal information
• Data Correction: Correct inaccurate or incomplete information
• Data Deletion: Request deletion of your account and associated data
• Data Portability: Receive your data in a structured, machine-readable format

6.2 Communication Preferences

• Opt out of marketing communications via email or app settings
• Control push notification preferences
• Manage email frequency and content preferences

6.3 Location Data

• Control location sharing through device settings
• Opt out of location-based features and recommendations

To exercise these rights, contact us at contact@flin.college. We will respond within 30 days of receiving your request.

7. Student-Specific Privacy Protections

As a platform serving students, we implement additional privacy protections:

• Educational Records: We do not access or store official educational records
• Campus Privacy: Location data is limited to general campus/city level
• Graduation Transition: Accounts remain active for 2 years post-graduation
• Parent/Guardian Rights: For users under 18, parents may request account information
• Academic Integrity: We do not facilitate academic dishonesty or share academic work

8. International Data Transfers

Flin operates primarily in the United States. Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses with international service providers
• Adequacy decisions for data transfers to approved countries
• Binding corporate rules for intra-company transfers

9. Children's Privacy

Flin is not intended for use by individuals under 17 years of age. We do not knowingly collect personal information from children under 17. If we become aware that we have collected personal information from a child under 17, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child under 17 has provided us with personal information, please contact us at contact@flin.college.

10. State-Specific Privacy Rights

10.1 California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

• Right to know what personal information is collected and how it's used
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell data)
• Right to non-discrimination for exercising privacy rights

10.2 Other State Laws

We comply with applicable state privacy laws, including Virginia's Consumer Data Protection Act (VCDPA) and Connecticut's Data Privacy Act (CTDPA). Contact us for information about your specific state rights.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

• Post the updated policy on our website and app
• Send notification via email or in-app notification
• Update the "Last Updated" date
• For material changes, provide 30 days' notice before implementation

Your continued use of Flin after the effective date constitutes acceptance of the updated Privacy Policy.

12. Apple App Store Privacy Requirements

In compliance with Apple App Store privacy requirements, we provide the following specific disclosures:

12.1 App Privacy Report Transparency

The following data types are collected and their purposes as disclosed in our App Store listing:

12.2 iOS Permission Requests

We request the following iOS permissions with clear explanations:

• Camera: "Take photos of items for marketplace listings"
• Photo Library: "Select existing photos for your profile and marketplace listings"
• Location Services: "Show nearby offers, events, and housing opportunities"
• Push Notifications: "Receive alerts about messages, offers, and important updates"
• Contacts: "Find friends who also use Flin (optional feature)"
• Microphone: "Record voice messages in chat (optional feature)"
• Face ID/Touch ID: "Secure and convenient app access"

12.3 Push Notification Privacy

Our push notification practices comply with Apple's privacy standards:

• Device tokens only: We only receive device push tokens, not personal data
• Message content: Sensitive message content is not included in notifications
• User control: Full control over notification types and frequency
• Opt-out anytime: Disable notifications in iOS Settings without losing app functionality
• No tracking: Push tokens are not used for tracking across apps or websites

12.4 Third-Party SDK Disclosure

We use Apple-compliant third-party services that may collect data:

• Analytics: Apple Analytics (no data shared), Firebase Analytics (anonymized only)
• Payments: No payment processing in iOS app; website vendor billing uses Stripe
• Crash Reporting: Apple Crash Reporting (automatic, no personal data)
• Maps: Apple Maps (location queries only, no personal data stored)
• Authentication: Sign in with Apple (minimal data sharing)

12.5 App Tracking Transparency (ATT) Compliance

We comply with iOS 14.5+ App Tracking Transparency requirements:

• Explicit consent: We request permission before any cross-app tracking
• Clear purpose: Explain exactly how tracking data will be used
• No tracking default: If you decline, we don't track you across other apps
• Functional without tracking: All core features work without tracking permission
• Easy opt-out: Change tracking preferences anytime in iOS Settings

13. Contact Information

If you have questions about this Privacy Policy or our privacy practices, please contact us:

We will respond to privacy-related inquiries within 30 days. For urgent privacy concerns, please include "URGENT" in your subject line.